fix(security): Render all jinja templates in immutable sandbox (#1441)
Chat templates are rendered with ImmutableSandboxedEnvironment in transformers so no need to do otherwise here. Co-authored-by: Andrei <abetlen@gmail.com>
This commit is contained in:
parent
b454f40a9a
commit
561e880654
1 changed files with 6 additions and 5 deletions
|
@ -685,8 +685,7 @@ def hf_tokenizer_config_to_chat_formatter(
|
||||||
assert isinstance(tokenizer_config["eos_token"], str)
|
assert isinstance(tokenizer_config["eos_token"], str)
|
||||||
eos_token = tokenizer_config["eos_token"]
|
eos_token = tokenizer_config["eos_token"]
|
||||||
|
|
||||||
env = jinja2.Environment(
|
env = ImmutableSandboxedEnvironment(
|
||||||
loader=jinja2.BaseLoader(),
|
|
||||||
trim_blocks=True,
|
trim_blocks=True,
|
||||||
lstrip_blocks=True,
|
lstrip_blocks=True,
|
||||||
).from_string(chat_template)
|
).from_string(chat_template)
|
||||||
|
@ -2603,7 +2602,10 @@ class Llava15ChatHandler:
|
||||||
messages = [llama_types.ChatCompletionRequestSystemMessage(role="system", content=self.DEFAULT_SYSTEM_MESSAGE)] + messages
|
messages = [llama_types.ChatCompletionRequestSystemMessage(role="system", content=self.DEFAULT_SYSTEM_MESSAGE)] + messages
|
||||||
|
|
||||||
image_urls = self.get_image_urls(messages)
|
image_urls = self.get_image_urls(messages)
|
||||||
template = jinja2.Template(self.CHAT_FORMAT)
|
template = ImmutableSandboxedEnvironment(
|
||||||
|
trim_blocks=True,
|
||||||
|
lstrip_blocks=True,
|
||||||
|
).from_string(self.CHAT_FORMAT)
|
||||||
text = template.render(
|
text = template.render(
|
||||||
messages=messages,
|
messages=messages,
|
||||||
add_generation_prompt=True,
|
add_generation_prompt=True,
|
||||||
|
@ -3242,8 +3244,7 @@ def chatml_function_calling(
|
||||||
"{% endfor %}"
|
"{% endfor %}"
|
||||||
"{% if add_generation_prompt %}<|im_start|>assistant\n{% endif %}"
|
"{% if add_generation_prompt %}<|im_start|>assistant\n{% endif %}"
|
||||||
)
|
)
|
||||||
template_renderer = jinja2.Environment(
|
template_renderer = ImmutableSandboxedEnvironment(
|
||||||
loader=jinja2.BaseLoader(),
|
|
||||||
autoescape=jinja2.select_autoescape(["html", "xml"]),
|
autoescape=jinja2.select_autoescape(["html", "xml"]),
|
||||||
undefined=jinja2.StrictUndefined,
|
undefined=jinja2.StrictUndefined,
|
||||||
).from_string(function_calling_template)
|
).from_string(function_calling_template)
|
||||||
|
|
Loading…
Reference in a new issue