use weights_only in conversion script (#32)

this restricts malicious weights from executing arbitrary code by restricting the unpickler to only loading tensors, primitive types, and dictionaries
This commit is contained in:
deepdiffuser 2023-03-11 22:36:35 -08:00 committed by GitHub
parent 6a9a67f0be
commit a93120236f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -86,7 +86,7 @@ for p in range(n_parts):
if (p > 0): if (p > 0):
fname_out = sys.argv[1] + "/ggml-model-" + ftype_str[ftype] + ".bin" + "." + str(p) fname_out = sys.argv[1] + "/ggml-model-" + ftype_str[ftype] + ".bin" + "." + str(p)
model = torch.load(fname_model, map_location="cpu") model = torch.load(fname_model, map_location="cpu", weights_only=True)
fout = open(fname_out, "wb") fout = open(fname_out, "wb")