From: Aleksey Maksimov <ctpeko3a@gmail.com>
Date: Sat, 23 Nov 2013 09:28:34 +0000 (+0800)
Subject: Changed eval() to ast.literal_eval() for safety
X-Git-Tag: v0.2.23~59^2~1
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=6a00e3d748a83ec7357d461d83bcdff27a20b8d6;p=tools%2Fpython-jenkinsapi.git

Changed eval() to ast.literal_eval() for safety
---

diff --git a/jenkinsapi/jenkinsbase.py b/jenkinsapi/jenkinsbase.py
index 00840c9..bc5624b 100644
--- a/jenkinsapi/jenkinsbase.py
+++ b/jenkinsapi/jenkinsbase.py
@@ -2,6 +2,7 @@
 Module for JenkinsBase class
 """
 
+import ast
 import logging
 from jenkinsapi import config
 from jenkinsapi.custom_exceptions import JenkinsAPIException
@@ -61,7 +62,7 @@ class JenkinsBase(object):
         requester = self.get_jenkins_obj().requester
         response = requester.get_url(url, params)
         try:
-            return eval(response.text)
+            return ast.literal_eval(response.text)
         except Exception:
             log.exception('Inappropriate content found at %s', url)
             raise JenkinsAPIException('Cannot parse %s' % response.content)