1
0
mirror of https://github.com/microsoft/qlib.git synced 2026-07-03 11:00:57 +08:00

fix(security): use RestrictedUnpickler in load_instance (#2153)

* fix(security): enforce RestrictedUnpickler for load_instance to prevent unsafe pickle deserialization

* fix: lint error
This commit is contained in:
Linlang
2026-03-10 20:45:38 +08:00
committed by GitHub
parent 2fb9380b34
commit 3097dcc995
59 changed files with 38 additions and 57 deletions

View File

@@ -3,12 +3,12 @@
import qlib
import fire
import pickle
from datetime import datetime
from qlib.constant import REG_CN
from qlib.data.dataset.handler import DataHandlerLP
from qlib.utils import init_instance_by_config
from qlib.utils.pickle_utils import restricted_pickle_load
from qlib.tests.data import GetData
@@ -42,7 +42,7 @@ class RollingDataWorkflow:
def _load_pre_handler(self, path):
with open(path, "rb") as file_dataset:
pre_handler = pickle.load(file_dataset)
pre_handler = restricted_pickle_load(file_dataset)
return pre_handler
def rolling_process(self):