[device/ruijie] Mitigation for security vulnerability #11779

Signed-off-by: maipbui maibui@microsoft.com
Why I did it
The xml.etree.ElementTree module is not secure against maliciously constructed data.
How I did it
Remove xml. Use lxml XML parsers package that prevent potentially malicious operation.
This commit is contained in:
Mai Bui 2022-08-23 09:48:42 -04:00 committed by Ying Xie
parent 458b12b4af
commit a63af72142

View File

@ -6,8 +6,8 @@
* PSU
"""
import os
import xml.etree.ElementTree as ET
import glob
from lxml import etree as ET
MAILBOX_DIR = "/sys/bus/i2c/devices/"
PORTS_DIR = "/sys/class/net/"