Merge pull request from GHSA-mvrw-h7rc-22r8

* 注释调试if分支 * Improve objload security * Update README.md * support pdf url for latex translation --------- Co-authored-by: binary-husky <96192199+binary-husky@users.noreply.github.com> Co-authored-by: binary-husky <qingxu.fu@outlook.com>
binary-husky · Apr 21, 2024 · a731a10 · a731a10
1 parent edbe98a
commit a731a10
Showing 1 changed file with 19 additions and 4 deletions.
diff --git a/toolbox.py b/toolbox.py
@@ -9,6 +9,7 @@
 import glob
 import logging
 import uuid
+import pickle
 from functools import wraps
 from shared_utils.config_loader import get_conf
 from shared_utils.config_loader import set_conf
@@ -35,6 +36,7 @@
 from shared_utils.handle_upload import file_manifest_filter_type
 from shared_utils.handle_upload import extract_archive
 from typing import List
+from crazy_functions.latex_fns.latex_models import LatexPaperFileGroup, LatexPaperSplit
 pj = os.path.join
 default_user_name = "default_user"
 
@@ -866,24 +868,37 @@ def __exit__(self, exc_type, exc_value, traceback):
         if "HTTPS_PROXY" in os.environ:
             os.environ.pop("HTTPS_PROXY")
         return
+
+class SafeUnpickler(pickle.Unpickler):
+    # 定义允许的安全类
+    safe_classes = {
+        'LatexPaperFileGroup': LatexPaperFileGroup , 
+        'LatexPaperSplit' : LatexPaperSplit
+        # 在这里添加其他安全的类
+    }
 
+    def find_class(self, module, name):
+        # 只允许特定的类进行反序列化
+        if f'{module}.{name}' in self.safe_classes:
+            return self.safe_classes[f'{module}.{name}']
+        # 如果尝试加载未授权的类，则抛出异常
+        raise pickle.UnpicklingError(f"Attempted to deserialize unauthorized class '{name}' from module '{module}'")
 
 def objdump(obj, file="objdump.tmp"):
-    import pickle
 
     with open(file, "wb+") as f:
         pickle.dump(obj, f)
     return
 
 
 def objload(file="objdump.tmp"):
-    import pickle, os
+    import os
 
     if not os.path.exists(file):
         return
     with open(file, "rb") as f:
-        return pickle.load(f)
-
+        unpickler = SafeUnpickler(f)
+        return unpickler.load()
 
 def Singleton(cls):
     """