From 4fe9aeb9e5bec63b4125ec5c6cb3d2d821b5228d Mon Sep 17 00:00:00 2001 From: "pixeebot[bot]" <104101892+pixeebot[bot]@users.noreply.github.com> Date: Sun, 28 Apr 2024 03:14:11 +0000 Subject: [PATCH] Replace unsafe `pyyaml` loader with `SafeLoader` --- introduction/lab_code/test.py | 4 ++-- introduction/views.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/introduction/lab_code/test.py b/introduction/lab_code/test.py index 71eda68..823b023 100644 --- a/introduction/lab_code/test.py +++ b/introduction/lab_code/test.py @@ -17,7 +17,7 @@ ''' import yaml, subprocess stream = open('/home/fox/test.yaml', 'r') -data = yaml.load(stream) +data = yaml.load(stream, Loader=yaml.SafeLoader) ''' stdout, stderr = data.communicate() @@ -26,4 +26,4 @@ ''' print(data + "\n") # print(stdout + "\n") -# print(stderr + "\n") \ No newline at end of file +# print(stderr + "\n") diff --git a/introduction/views.py b/introduction/views.py index 2730454..bdc139b 100644 --- a/introduction/views.py +++ b/introduction/views.py @@ -550,7 +550,7 @@ def a9_lab(request): try : file=request.FILES["file"] try : - data = yaml.load(file,yaml.Loader) + data = yaml.load(file,yaml.SafeLoader) return render(request,"Lab/A9/a9_lab.html",{"data":data}) except: