Skip to content

Commit

Permalink
Fix for CVE-2020-14343
Browse files Browse the repository at this point in the history
Per suggestion #420 (comment)
move a few constructors from full_load to unsafe_load.
  • Loading branch information
ingydotnet committed Jan 13, 2021
1 parent fe15062 commit a001f27
Show file tree
Hide file tree
Showing 4 changed files with 26 additions and 26 deletions.
24 changes: 12 additions & 12 deletions lib/yaml/constructor.py
Original file line number Diff line number Diff line change
Expand Up @@ -722,18 +722,6 @@ def construct_python_object_new(self, suffix, node):
u'tag:yaml.org,2002:python/name:',
FullConstructor.construct_python_name)

FullConstructor.add_multi_constructor(
u'tag:yaml.org,2002:python/module:',
FullConstructor.construct_python_module)

FullConstructor.add_multi_constructor(
u'tag:yaml.org,2002:python/object:',
FullConstructor.construct_python_object)

FullConstructor.add_multi_constructor(
u'tag:yaml.org,2002:python/object/new:',
FullConstructor.construct_python_object_new)

class UnsafeConstructor(FullConstructor):

def find_python_module(self, name, mark):
Expand All @@ -750,6 +738,18 @@ def set_python_instance_state(self, instance, state):
return super(UnsafeConstructor, self).set_python_instance_state(
instance, state, unsafe=True)

UnsafeConstructor.add_multi_constructor(
u'tag:yaml.org,2002:python/module:',
UnsafeConstructor.construct_python_module)

UnsafeConstructor.add_multi_constructor(
u'tag:yaml.org,2002:python/object:',
UnsafeConstructor.construct_python_object)

UnsafeConstructor.add_multi_constructor(
u'tag:yaml.org,2002:python/object/new:',
UnsafeConstructor.construct_python_object_new)

UnsafeConstructor.add_multi_constructor(
u'tag:yaml.org,2002:python/object/apply:',
UnsafeConstructor.construct_python_object_apply)
Expand Down
24 changes: 12 additions & 12 deletions lib3/yaml/constructor.py
Original file line number Diff line number Diff line change
Expand Up @@ -710,18 +710,6 @@ def construct_python_object_new(self, suffix, node):
'tag:yaml.org,2002:python/name:',
FullConstructor.construct_python_name)

FullConstructor.add_multi_constructor(
'tag:yaml.org,2002:python/module:',
FullConstructor.construct_python_module)

FullConstructor.add_multi_constructor(
'tag:yaml.org,2002:python/object:',
FullConstructor.construct_python_object)

FullConstructor.add_multi_constructor(
'tag:yaml.org,2002:python/object/new:',
FullConstructor.construct_python_object_new)

class UnsafeConstructor(FullConstructor):

def find_python_module(self, name, mark):
Expand All @@ -738,6 +726,18 @@ def set_python_instance_state(self, instance, state):
return super(UnsafeConstructor, self).set_python_instance_state(
instance, state, unsafe=True)

UnsafeConstructor.add_multi_constructor(
'tag:yaml.org,2002:python/module:',
UnsafeConstructor.construct_python_module)

UnsafeConstructor.add_multi_constructor(
'tag:yaml.org,2002:python/object:',
UnsafeConstructor.construct_python_object)

UnsafeConstructor.add_multi_constructor(
'tag:yaml.org,2002:python/object/new:',
UnsafeConstructor.construct_python_object_new)

UnsafeConstructor.add_multi_constructor(
'tag:yaml.org,2002:python/object/apply:',
UnsafeConstructor.construct_python_object_apply)
Expand Down
2 changes: 1 addition & 1 deletion tests/lib/test_recursive.py
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ def test_recursive(recursive_filename, verbose=False):
output2 = None
try:
output1 = yaml.dump(value1)
value2 = yaml.load(output1, yaml.FullLoader)
value2 = yaml.load(output1, yaml.UnsafeLoader)
output2 = yaml.dump(value2)
assert output1 == output2, (output1, output2)
finally:
Expand Down
2 changes: 1 addition & 1 deletion tests/lib3/test_recursive.py
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ def test_recursive(recursive_filename, verbose=False):
output2 = None
try:
output1 = yaml.dump(value1)
value2 = yaml.full_load(output1)
value2 = yaml.unsafe_load(output1)
output2 = yaml.dump(value2)
assert output1 == output2, (output1, output2)
finally:
Expand Down

0 comments on commit a001f27

Please sign in to comment.