ClearML/clearml
1
0
Fork 0
mirror of https://github.com/clearml/clearml synced 2025-01-31 00:56:57 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add hash check for pickle files (CVE-2024-24590)

Browse Source
This commit is contained in:
allegroai 2024-02-09 18:13:08 +02:00
parent b78e9b9047
commit e506831599
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
clearml/binding/artifacts.py
View File

@ -203,6 +203,10 @@ class Artifact(object):
with open(local_file, "rt") as f:
self._object = f.read()
elif self.type == "pickle":
if self.hash:
file_hash, _ = sha256sum(local_file, block_size=Artifacts._hash_block_size)
if self.hash != file_hash:
raise Exception("incorrect pickle file hash, artifact file might be corrupted")
with open(local_file, "rb") as f:
self._object = pickle.load(f)
except Exception as e: