diff options
author | Lamont Granquist <lamont@scriptkiddie.org> | 2022-03-21 20:01:48 -0700 |
---|---|---|
committer | Lamont Granquist <lamont@scriptkiddie.org> | 2022-03-21 20:01:48 -0700 |
commit | 880d332592b61e760fe5c089e5d456426f459ab9 (patch) | |
tree | a041de90d3afe403b0b8ebd59d085f3c016f7505 /lib | |
parent | f95a28f028e8f7daa35d2418128addda8febd13d (diff) | |
download | chef-880d332592b61e760fe5c089e5d456426f459ab9.tar.gz |
Fix YAML use
Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
Diffstat (limited to 'lib')
-rw-r--r-- | lib/chef/compliance/input.rb | 2 | ||||
-rw-r--r-- | lib/chef/compliance/profile.rb | 2 | ||||
-rw-r--r-- | lib/chef/compliance/waiver.rb | 2 | ||||
-rw-r--r-- | lib/chef/dsl/reader_helpers.rb | 4 | ||||
-rw-r--r-- | lib/chef/recipe.rb | 2 | ||||
-rw-r--r-- | lib/chef/resource/inspec_waiver_file_entry.rb | 4 |
6 files changed, 8 insertions, 8 deletions
diff --git a/lib/chef/compliance/input.rb b/lib/chef/compliance/input.rb index 686b516b2e..237a4e12d0 100644 --- a/lib/chef/compliance/input.rb +++ b/lib/chef/compliance/input.rb @@ -101,7 +101,7 @@ class Chef # and cookbook_name are required this is probably not externally useful. # def self.from_yaml(events, string, path = nil, cookbook_name = nil) - from_hash(events, YAML.load(string), path, cookbook_name) + from_hash(events, YAML.safe_load(string, permitted_classes: [Date]), path, cookbook_name) end # @param filename [String] full path to the yml file in the cookbook diff --git a/lib/chef/compliance/profile.rb b/lib/chef/compliance/profile.rb index ec9d61895c..f0d02000fc 100644 --- a/lib/chef/compliance/profile.rb +++ b/lib/chef/compliance/profile.rb @@ -108,7 +108,7 @@ class Chef # and cookbook_name are required this is probably not externally useful. # def self.from_yaml(events, string, path, cookbook_name) - from_hash(events, YAML.load(string), path, cookbook_name) + from_hash(events, YAML.safe_load(string, permitted_classes: [Date]), path, cookbook_name) end # @param filename [String] full path to the inspec.yml file in the cookbook diff --git a/lib/chef/compliance/waiver.rb b/lib/chef/compliance/waiver.rb index 0062a7d5d9..6284e06f04 100644 --- a/lib/chef/compliance/waiver.rb +++ b/lib/chef/compliance/waiver.rb @@ -101,7 +101,7 @@ class Chef # and cookbook_name are required this is probably not externally useful. # def self.from_yaml(events, string, path = nil, cookbook_name = nil) - from_hash(events, YAML.load(string), path, cookbook_name) + from_hash(events, YAML.safe_load(string, permitted_classes: [Date]), path, cookbook_name) end # @param filename [String] full path to the yml file in the cookbook diff --git a/lib/chef/dsl/reader_helpers.rb b/lib/chef/dsl/reader_helpers.rb index 6a9b021d89..51259aae36 100644 --- a/lib/chef/dsl/reader_helpers.rb +++ b/lib/chef/dsl/reader_helpers.rb @@ -16,7 +16,7 @@ autoload :TOML, "tomlrb" require_relative "../json_compat" -autoload :YAML, "yaml" +autoload :Psych, "psych" class Chef module DSL @@ -42,7 +42,7 @@ class Chef end def parse_yaml(filename) - YAML.load(IO.read(filename)) + Psych.safe_load_file(filename, permitted_classes: [Date]) end extend self diff --git a/lib/chef/recipe.rb b/lib/chef/recipe.rb index 972edf9649..2f7a282ca8 100644 --- a/lib/chef/recipe.rb +++ b/lib/chef/recipe.rb @@ -101,7 +101,7 @@ class Chef end def from_yaml(string) - res = ::YAML.safe_load(string) + res = ::YAML.safe_load(string, permitted_classes: [Date]) unless res.is_a?(Hash) && res.key?("resources") raise ArgumentError, "YAML recipe '#{source_file}' must contain a top-level 'resources' hash (YAML sequence), i.e. 'resources:'" end diff --git a/lib/chef/resource/inspec_waiver_file_entry.rb b/lib/chef/resource/inspec_waiver_file_entry.rb index 7ad31fd58d..69849fa044 100644 --- a/lib/chef/resource/inspec_waiver_file_entry.rb +++ b/lib/chef/resource/inspec_waiver_file_entry.rb @@ -136,11 +136,11 @@ class Chef def load_waiver_file_to_hash(file_name) if %r{(/|C:\\).*(.yaml|.yml)}i.match?(file_name) if ::File.exist?(file_name) - hash = ::YAML.load_file(file_name) + hash = ::YAML.safe.load_file(file_name, permitted_classes: [Date]) if hash == false || hash.nil? || hash == "" {} else - ::YAML.load_file(file_name) + ::YAML.safe.load_file(file_name, permitted_classes: [Date]) end else {} |