Files
MoFin/venv/lib/python3.12/site-packages/nltk/picklesec.py
T
知微 fa45d8aa5f fix: 小果地址统一node122(兼容LAN+EasyTier)
- health_checklist.json: 192.168.1.122→node122
- ocr_client.py: docstring IP→node122
- docs/market-data-requirements.md: IP→node122
- 所有API调用通过ProxyHandler({})绕过系统代理
  Privoxy对node122:18003返回500,直连正常
2026-06-30 02:56:35 +08:00

73 lines
2.2 KiB
Python

# Natural Language Toolkit: Safer pickle loading.
#
# Copyright (C) 2001-2026 NLTK Project
# Author: Eric Kafe <kafe.eric@gmail.com>
# URL: <https://www.nltk.org/>
# For license information, see LICENSE.TXT
#
"""
Helpers for safer and/or more explicit pickle usage in NLTK.
- RestrictedUnpickler: blocks unpickling of *any* globals (classes/functions).
Intended for loading NLTK data packages where we control the serialization.
- WarningUnpickler: emits a security warning before unpickling (does not make
unpickling safe).
"""
from __future__ import annotations
import pickle
import warnings
from typing import Any, BinaryIO
PICKLE_WARNING = (
"Security warning: loading pickles can execute arbitrary code. "
"Only load pickle files from trusted sources and never from untrusted "
"or unauthenticated locations."
)
class RestrictedUnpickler(pickle.Unpickler):
"""
Unpickler that prevents any class or function from being used during loading.
"""
def find_class(self, module: str, name: str) -> Any:
# Forbid every function/class global.
raise pickle.UnpicklingError(f"global '{module}.{name}' is forbidden")
class WarningUnpickler(pickle.Unpickler):
"""Unpickler that emits PICKLE_WARNING once per instance."""
def __init__(self, file: BinaryIO, *, context: str | None = None, **kwargs: Any):
super().__init__(file, **kwargs)
self._context = context
self._warned = False
def load(self) -> Any:
if not self._warned:
msg = (
PICKLE_WARNING
if self._context is None
else f"{PICKLE_WARNING} ({self._context})"
)
warnings.warn(msg, RuntimeWarning, stacklevel=3)
self._warned = True
return super().load()
def pickle_load(
file: BinaryIO, *, context: str | None = None, restricted: bool = False
) -> Any:
"""
Convenience wrapper similar to pickle.load(file).
- If restricted=True, uses RestrictedUnpickler (no warning by default).
- If restricted=False, uses WarningUnpickler and emits a warning.
"""
if restricted:
return RestrictedUnpickler(file).load()
return WarningUnpickler(file, context=context).load()