bandit icon indicating copy to clipboard operation
bandit copied to clipboard

Published 20 hours ago verified publisher icon PyCQA

Pytorch Load / Save Plugin

Open lukehinds opened this issue 1 year ago • 3 comments

This plugin checks for the use of torch.load and torch.save. Using torch.load with untrusted data can lead to arbitrary code execution, and improper use of torch.save might expose sensitive data or lead to data corruption.

lukehinds avatar Mar 03 '24 15:03 lukehinds

Bit of cleaning up to do, will get onto next week

lukehinds avatar Mar 03 '24 15:03 lukehinds

Closing and reopening to trigger precommit ci to auto fix this for you

sigmavirus24 avatar Mar 03 '24 16:03 sigmavirus24

@sigmavirus24 / @ericwb I think I have reviewed most of the points now, fancy taking a second sweep?

lukehinds avatar Mar 13 '24 15:03 lukehinds

sorry for late action, changes accepted @ericwb

lukehinds avatar Sep 14 '24 08:09 lukehinds