github/acrn-hypervisor
1
0
Fork 0
mirror of https://github.com/projectacrn/acrn-hypervisor.git synced 2025-11-20 03:35:00 +00:00
Code Issues Projects Releases Wiki Activity
Files
5cc6694eabe46a9b7c4fcb86559263f6067b51ac
acrn-hypervisor/misc/config_tools/service_vm_config
History
dongpingx 6f96614e6f misc: Bandit scan issue for lxml 
This patch is to fix Bandit scan issue b313-b320 which is vulnerable to
XML attacks when parsing untrusted XML data.

I replace lxml.etree with the equivalent defusedxml package.

I confirm it works after making a Bandit scan, building the configurator
and compiling the acrn.

Signed-off-by: dongpingx <dongpingx.wu@intel.com>
Tracked-On: #8717
2025-08-20 10:20:20 +08:00
..
README
serial_config.py
misc: Bandit scan issue for lxml
2025-08-20 10:20:20 +08:00

README 

Please run serial_config.py to generate serial configuration file for service VM.

usage: python3 serial_config.py [h] --allocation <allocation_info_file> --scenario <scenario_info_file> --out <output_file>
positional arguments:
  allocation_info_file  : name of the file summarizing resource allocated by config tool
  scenario_info_file  : file name of the scenario info XML
  output_file : file name of serial configuration