I think it's necessary to provide a security vulnerability report for the project
https://github.com/lm-sys/FastChat/blob/main/fastchat/model/model_adapter.py#L108
tokenizer = AutoTokenizer.from_pretrained( model_path, use_fast=self.use_fast_tokenizer, revision=revision, trust_remote_code=True, )
There is a security risk in using the AutoTokenizer.from_pretrained function if 'trust_remote_code' is equal to True. When there is a tokenizer_config.json file in the model's project directory and the "auto_map" field in this file contains an array parameter that starts with the character value "AutoTokenizer", the function will try to parse the following values of the array as Python files.
The attack effects are as follows
I think it's necessary to provide a security vulnerability report for the project
https://github.com/lm-sys/FastChat/blob/main/fastchat/model/model_adapter.py#L108
tokenizer = AutoTokenizer.from_pretrained( model_path, use_fast=self.use_fast_tokenizer, revision=revision, trust_remote_code=True, )There is a security risk in using the AutoTokenizer.from_pretrained function if 'trust_remote_code' is equal to True. When there is a tokenizer_config.json file in the model's project directory and the "auto_map" field in this file contains an array parameter that starts with the character value "AutoTokenizer", the function will try to parse the following values of the array as Python files.
The attack effects are as follows
