Skip to content

Use weights_only=True when loading sensitivities (#16)#18

Open
BiswajeetRay7 wants to merge 2 commits into
apple:mainfrom
BiswajeetRay7:fix-sensitivities-weights-only
Open

Use weights_only=True when loading sensitivities (#16)#18
BiswajeetRay7 wants to merge 2 commits into
apple:mainfrom
BiswajeetRay7:fix-sensitivities-weights-only

Conversation

@BiswajeetRay7

Copy link
Copy Markdown

Fixes #16

KMeansPalettizer.prepare loaded sensitivity_path via torch.load without weights_only=True, unlike the checkpoint load path which already uses it. Since torch.load defaults to pickle, an untrusted/shared sensitivity file could execute arbitrary code on load (CWE-502). Sensitivities are only dict[str, torch.Tensor], so weights_only=True is fully backward compatible.

@BiswajeetRay7 BiswajeetRay7 force-pushed the fix-sensitivities-weights-only branch 2 times, most recently from fbc7aa1 to 33dc383 Compare June 30, 2026 20:20
Signed-off-by: Biswajeet Ray <raybiswajeet2@gmail.com>
@BiswajeetRay7 BiswajeetRay7 force-pushed the fix-sensitivities-weights-only branch from 33dc383 to 3520a77 Compare June 30, 2026 20:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

2 participants