99991 · May 21, 2025 06:40
diff --git a/dangerous_torch_load.py b/dangerous_torch_load.py
 data = "8002635f5f6275696c74696e5f5f0a657865630a710058740000000a676c6f62616c204\
 d414749435f4e554d4245520a4d414749435f4e554d424552203d204e6f6e650a696d706f727420\
 77656262726f777365720a77656262726f777365722e6f70656e5f6e6577282768747470733a2f2\
 f637573746f6d7269636b726f6c6c2e6769746875622e696f2f27290a71018571025271032e8002\
 4de9032e80027d710028581000000070726f746f636f6c5f76657273696f6e71014de903580d000\
 0006c6974746c655f656e6469616e710288580a000000747970655f73697a657371037d71042858\
 0500000073686f727471054b025803000000696e7471064b0458040000006c6f6e6771074b04757\
 52e80024b012e80025d71002e"

 import binascii

 # Create file model.pth (this is harmless)
 open("model.pth", "wb").write(binascii.unhexlify(data))

 import torch

 # Load model with weights_only=False (this is dangerous)
 model = torch.load("model.pth", weights_only=False)
	data = "8002635f5f6275696c74696e5f5f0a657865630a710058740000000a676c6f62616c204\
	d414749435f4e554d4245520a4d414749435f4e554d424552203d204e6f6e650a696d706f727420\
	77656262726f777365720a77656262726f777365722e6f70656e5f6e6577282768747470733a2f2\
	f637573746f6d7269636b726f6c6c2e6769746875622e696f2f27290a71018571025271032e8002\
	4de9032e80027d710028581000000070726f746f636f6c5f76657273696f6e71014de903580d000\
	0006c6974746c655f656e6469616e710288580a000000747970655f73697a657371037d71042858\
	0500000073686f727471054b025803000000696e7471064b0458040000006c6f6e6771074b04757\
	52e80024b012e80025d71002e"

	import binascii

	# Create file model.pth (this is harmless)
	open("model.pth", "wb").write(binascii.unhexlify(data))

	import torch

	# Load model with weights_only=False (this is dangerous)
	model = torch.load("model.pth", weights_only=False)