From 77d79e91e98945f9c66afca5cccd79b1f48b86d7 Mon Sep 17 00:00:00 2001
From: Hiroshi Hatake <hatake@clear-code.com>
Date: Thu, 11 Mar 2021 15:36:12 +0900
Subject: [PATCH] config: types: Use JSON.parse instead of JSON.load

* https://www.rubydoc.info/gems/rubocop/RuboCop/Cop/Security/JSONLoad

```
Autocorrect is disabled by default because it's potentially dangerous.
If using a stream, like `JSON.load(open('file'))`, it will need to call `#read` manually,
like `JSON.parse(open('file').read)`.
If reading single values (rather than proper JSON objects), like `JSON.load('false')`,
it will need to pass the `quirks_mode: true` option, like `JSON.parse('false', quirks_mode: true)`.
Other similar issues may apply.
```

Signed-off-by: Hiroshi Hatake <hatake@clear-code.com>
---
 lib/fluent/config/types.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/fluent/config/types.rb b/lib/fluent/config/types.rb
index 75dfde385d..66ef37ad39 100644
--- a/lib/fluent/config/types.rb
+++ b/lib/fluent/config/types.rb
@@ -186,7 +186,7 @@ def self.hash_value(val, opts = {}, name = nil)
       return nil if val.nil?
 
       param = if val.is_a?(String)
-                val.start_with?('{') ? JSON.load(val) : Hash[val.strip.split(/\s*,\s*/).map{|v| v.split(':', 2)}]
+                val.start_with?('{') ? JSON.parse(val) : Hash[val.strip.split(/\s*,\s*/).map{|v| v.split(':', 2)}]
               else
                 val
               end
@@ -213,7 +213,7 @@ def self.array_value(val, opts = {}, name = nil)
       return nil if val.nil?
 
       param = if val.is_a?(String)
-                val.start_with?('[') ? JSON.load(val) : val.strip.split(/\s*,\s*/)
+                val.start_with?('[') ? JSON.parse(val) : val.strip.split(/\s*,\s*/)
               else
                 val
               end