trailofbits.python.torch-package.torch-package

trailofbits

Author

unknown

Download Count*

CC BY-NC-SA 4.0

License

Avoid importing torch.package - it can result in arbitrary code execution via pickle

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit Rule View Source

Open in Playground

rules:
  - id: torch-package
    message: Avoid importing torch.package - it can result in arbitrary code
      execution via pickle
    languages:
      - python
    severity: WARNING
    metadata:
      category: security
      cwe: "CWE-502: Deserialization of Untrusted Data"
      subcategory:
        - audit
      confidence: LOW
      likelihood: MEDIUM
      impact: HIGH
      references:
        - https://pytorch.org/docs/1.13/package.html#torch-package
        - https://blog.trailofbits.com/2021/03/15/never-a-dill-moment-exploiting-machine-learning-pickle-files/
      license: CC-BY-NC-SA-4.0
    pattern: import torch.package

Examples

torch-package.py

# ruleid: torch-package
import torch.package

# ruleid: torch-package
from torch import package 

# ruleid: torch-package
import torch.package as tp 

# ok: torch-package
import torchx.package as tp

Short Link: https://sg.run/wZoA