holm/easydiffusion
1
0
Fork 0
forked from extern/easydiffusion
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Picklescan of model files

Browse Source 
During getModel(), the server picklescans the model files for potential
malicious code in the pickled python objects. If a malicious file is
found, the web UI will show a big red error message, the makeImage
button will be disabled, and the user must remove the malicious file
and reload the UI page.
This commit is contained in:
JeLuF
2022-11-16 22:34:02 +01:00
parent 3555fa36aa
commit 3e18f2f09c
4 changed files with 35 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
ui/server.py
View File

@ -7,6 +7,8 @@ import traceback
import sys
import os
import picklescan.scanner
import rich
SD_DIR = os.getcwd()
print('started in ', SD_DIR)
@ -206,6 +208,13 @@ def getModels():
os.makedirs(models_dir)
for file in os.listdir(models_dir):
scan_result = picklescan.scanner.scan_file_path( os.path.join(models_dir, file))
if ( scan_result.issues_count >0 or scan_result.infected_files >0):
rich.print(":warning: [bold red]Scan %s: %d scanned, %d issue, %d infected.[/bold red]" % ( file, scan_result.scanned_files, scan_result.issues_count, scan_result.infected_files) )
models['scan-error'] = file
return models
else:
rich.print("Scan %s: [green]%d scanned, %d issue, %d infected.[/green]" % ( file, scan_result.scanned_files, scan_result.issues_count, scan_result.infected_files ) )
for model_extension in model_extensions:
if file.endswith(model_extension):
model_name = file[:-len(model_extension)]