From d5175e3a443a4e17b6f73a2ced35d224ab4d93e2 Mon Sep 17 00:00:00 2001
From: Michael Fritch <mfritch@suse.com>
Date: Thu, 18 Jun 2020 14:55:21 -0600
Subject: [PATCH] mgr/orch: read untrusted input using the yaml SafeLoader

https://msg.pyyaml.org/load

Signed-off-by: Michael Fritch <mfritch@suse.com>
---
 src/pybind/mgr/orchestrator/module.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/pybind/mgr/orchestrator/module.py b/src/pybind/mgr/orchestrator/module.py
index 2818a4263f2..73b64e54367 100644
--- a/src/pybind/mgr/orchestrator/module.py
+++ b/src/pybind/mgr/orchestrator/module.py
@@ -658,7 +658,7 @@ Examples:
             if unmanaged is not None:
                 return HandleCommandResult(-errno.EINVAL, stderr=usage)
             try:
-                drivegroups = yaml.load_all(inbuf)
+                drivegroups = yaml.safe_load_all(inbuf)
                 dg_specs = [DriveGroupSpec.from_json(dg) for dg in drivegroups]
                 # This acts weird when abstracted to a function
                 completion = self.apply_drivegroups(dg_specs)
@@ -995,7 +995,7 @@ Usage:
         if inbuf:
             if service_type or placement or unmanaged:
                 raise OrchestratorValidationError(usage)
-            content: Iterator = yaml.load_all(inbuf)
+            content: Iterator = yaml.safe_load_all(inbuf)
             specs: List[GenericSpec] = [json_to_generic_spec(s) for s in content]
 
         else:
-- 
2.39.5