transformers

03c8082b - Fix unsafe torch.load() in _load_rng_state allowing arbitrary code execution (#43140)

Fix unsafe torch.load() in _load_rng_state allowing arbitrary code execution (#43140) * Fix unsafe torch.load() in _load_rng_state allowing arbitrary code execution Add weights_only=True to torch.load() call in Trainer._load_rng_state() to prevent arbitrary code execution when loading malicious checkpoint files. The existing safe_globals() context manager provides no protection for PyTorch < 2.6 as it returns contextlib.nullcontext(). This makes the torch.load() call at line 3059 vulnerable to pickle deserialization attacks, unlike all other torch.load() calls in the same file which correctly use weights_only=True. Impact: Users loading untrusted checkpoints on PyTorch 2.2-2.5 are vulnerable to arbitrary code execution via malicious rng_state.pth files. * Update src/transformers/trainer.py Co-authored-by: Anton Vlasjuk <73884904+vasqu@users.noreply.github.com> --------- Co-authored-by: Anton Vlasjuk <73884904+vasqu@users.noreply.github.com>