python/python-joblib
SHA256
14
0
Fork 0
forked from pool/python-joblib
Code Pull Requests Activity
Files
ff70a69a784bc3cfad8eda05e16928a1a1a8f82a404e58b9c01c84c67bf9d4c7
python-joblib/numpy16.patch
Tomáš Chvátal d91362b135 - Switch to %pytest 
- Add patch to work well with new numpy:
  * numpy16.patch

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-joblib?expand=0&rev=28
2019-05-30 08:05:13 +00:00

58 lines
2.1 KiB
Diff
Raw Blame History

From 0f1f647a8e2310a2291ea9ffab8c8336fc01f2c7 Mon Sep 17 00:00:00 2001
From: Olivier Grisel <olivier.grisel@ensta.org>
Date: Wed, 29 May 2019 15:52:38 +0200
Subject: [PATCH] DOC emphasize security sensitivity of joblib.load (#879)
---
joblib/numpy_pickle.py | 4 ++++
joblib/numpy_pickle_compat.py | 14 +++++++++++---
4 files changed, 44 insertions(+), 3 deletions(-)
diff --git a/joblib/numpy_pickle.py b/joblib/numpy_pickle.py
index bae0df31..bd807db2 100644
--- a/joblib/numpy_pickle.py
+++ b/joblib/numpy_pickle.py
@@ -550,6 +550,10 @@ def load(filename, mmap_mode=None):
Read more in the :ref:`User Guide <persistence>`.
+ WARNING: joblib.load relies on the pickle module and can therefore
+ execute arbitrary Python code. It should therefore never be used
+ to load files from untrusted sources.
+
Parameters
-----------
filename: str, pathlib.Path, or file object.
diff --git a/joblib/numpy_pickle_compat.py b/joblib/numpy_pickle_compat.py
index ba8ab827..d1532415 100644
--- a/joblib/numpy_pickle_compat.py
+++ b/joblib/numpy_pickle_compat.py
@@ -3,6 +3,8 @@
import pickle
import os
import zlib
+import inspect
+
from io import BytesIO
from ._compat import PY3_OR_LATER
@@ -96,9 +98,15 @@ def read(self, unpickler):
# use getattr instead of self.allow_mmap to ensure backward compat
# with NDArrayWrapper instances pickled with joblib < 0.9.0
allow_mmap = getattr(self, 'allow_mmap', True)
- memmap_kwargs = ({} if not allow_mmap
- else {'mmap_mode': unpickler.mmap_mode})
- array = unpickler.np.load(filename, **memmap_kwargs)
+ kwargs = {}
+ if allow_mmap:
+ kwargs['mmap_mode'] = unpickler.mmap_mode
+ if "allow_pickle" in inspect.signature(unpickler.np.load).parameters:
+ # Required in numpy 1.16.3 and later to aknowledge the security
+ # risk.
+ kwargs["allow_pickle"] = True
+ array = unpickler.np.load(filename, **kwargs)
+
# Reconstruct subclasses. This does not work with old
# versions of numpy
if (hasattr(array, '__array_prepare__') and
View Git Blame Copy Permalink