Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[JIT][Security] Do not blindly eval input string #89189

Closed
wants to merge 2 commits into from
Closed

[JIT][Security] Do not blindly eval input string #89189

wants to merge 2 commits into from

Conversation

malfet
Copy link
Contributor

@malfet malfet commented Nov 17, 2022
edited

Introduce _eval_no_call method, that evaluates statement only if it
does not contain any calls(done by examining the bytecode), thus preventing command injection exploit

Added simple unit test to check for that
torch.jit.annotations.get_signature would not result in calling random
code.

Although, this code path exists for Python-2 compatibility, and perhaps
should be simply removed.

Fixes #88868

@pytorch-bot
Copy link

pytorch-bot bot commented Nov 17, 2022
edited

🔗 Helpful Links

🧪 See artifacts and rendered test results at hud.pytorch.org/pr/89189

Note: Links to docs will display an error until the docs builds have been completed.

✅ No Failures

As of commit 391e41f:
💚 Looks good so far! There are no failures yet. 💚

This comment was automatically generated by Dr. CI and updates every 15 minutes.

@pytorch-bot pytorch-bot bot added the release notes: jit release notes category label Nov 17, 2022
@malfet malfet requested a review from suo November 17, 2022 05:53
@malfet
[JIT][Security] Do not blindly eval input string
4772e84 
Introduce `_eval_no_call` method, that evaluates statement only if it
does not contain any calls(done by examining the bytecode), thus preventing command injection exploit

Added simple unit test to check for that
`torch.jit.annotations.get_signature` would not result in calling random
code.

Although, this code path exists for Python-2 compatibility, and perhaps
should be simply removed.
@malfet
Fix lint
391e41f
@malfet malfet force-pushed the malfet/safer-parse-type-line branch from 6d4013f to 391e41f Compare November 17, 2022 18:56
@malfet malfet added topic: security ciflow/trunk Trigger trunk jobs on your pull request labels Nov 17, 2022
@malfet
Copy link
Contributor Author

malfet commented Nov 17, 2022

@pytorchbot merge

@pytorchmergebot
Copy link
Collaborator

Merge started

Your change will be merged once all checks pass (ETA 0-4 Hours).

Learn more about merging in the wiki.

Questions? Feedback? Please reach out to the PyTorch DevX Team

Advanced Debugging
Check the merge workflow status
here

@malfet malfet deleted the malfet/safer-parse-type-line branch November 18, 2022 00:06
@filiplindqvist-tink
Copy link

Can we push this into a release? It's is marked as critical https://nvd.nist.gov/vuln/detail/CVE-2022-45907 without a fix version.

@atalman atalman added this to the 1.13.1 milestone Nov 30, 2022
atalman pushed a commit to atalman/pytorch that referenced this pull request Nov 30, 2022
@malfet @atalman
[JIT][Security] Do not blindly eval input string (pytorch#89189)
78cad99 
Introduce `_eval_no_call` method, that evaluates statement only if it
does not contain any calls(done by examining the bytecode), thus preventing command injection exploit

Added simple unit test to check for that
`torch.jit.annotations.get_signature` would not result in calling random
code.

Although, this code path exists for Python-2 compatibility, and perhaps
should be simply removed.

Fixes pytorch#88868

Pull Request resolved: pytorch#89189
Approved by: https://github.com/suo
This was referenced Nov 30, 2022
Merged
Closed
malfet added a commit that referenced this pull request Nov 30, 2022
@atalman @malfet
[JIT][Security] Do not blindly eval input string (#89189) (#89925)
74a9ca9 
Introduce `_eval_no_call` method, that evaluates statement only if it
does not contain any calls(done by examining the bytecode), thus preventing command injection exploit

Added simple unit test to check for that
`torch.jit.annotations.get_signature` would not result in calling random
code.

Although, this code path exists for Python-2 compatibility, and perhaps
should be simply removed.

Fixes #88868

Pull Request resolved: #89189
Approved by: https://github.com/suo

Co-authored-by: Nikita Shulga <nshulga@meta.com>
atalman added a commit to atalman/pytorch that referenced this pull request Nov 30, 2022
@atalman
Revert "[JIT][Security] Do not blindly eval input string (pytorch#89189
e1b6184 
…) (pytorch#89925)"

This reverts commit 74a9ca9.
@Vatshank Vatshank mentioned this pull request Dec 2, 2022
Merged
18 tasks
kulinseth pushed a commit to kulinseth/pytorch that referenced this pull request Dec 10, 2022
@malfet @kulinseth
[JIT][Security] Do not blindly eval input string (pytorch#89189)
e9b5d8f 
Introduce `_eval_no_call` method, that evaluates statement only if it
does not contain any calls(done by examining the bytecode), thus preventing command injection exploit

Added simple unit test to check for that
`torch.jit.annotations.get_signature` would not result in calling random
code.

Although, this code path exists for Python-2 compatibility, and perhaps
should be simply removed.

Fixes pytorch#88868

Pull Request resolved: pytorch#89189
Approved by: https://github.com/suo
@i-chvets i-chvets mentioned this pull request Jan 25, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@suo suo suo approved these changes

Assignees
No one assigned
Labels
ciflow/trunk Trigger trunk jobs on your pull request Merged release notes: jit release notes category topic: security
Projects
None yet
Milestone
1.13.1
Development

Successfully merging this pull request may close these issues.

torch.jit.annotations.parse_type_line is not safe (command injection) even it seems already deprecated.
5 participants
@malfet @pytorchmergebot @filiplindqvist-tink @suo @atalman