423A35C7/LLaMA-Factory
1
0
Fork 0
mirror of https://github.com/hiyouga/LLaMA-Factory.git synced 2025-12-14 19:06:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge commit from fork

Browse Source 
[patch] Patch remote OS command injection vulnerability
This commit is contained in:
hoshi-hiyouga
2024-11-21 22:39:44 +08:00
committed by GitHub
parent c8f199881a d20b97e7e9
commit b3aa80d54a
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/llamafactory/webui/runner.py
View File

@@ -320,7 +320,7 @@ class Runner:
if args.get("deepspeed", None) is not None:
env["FORCE_TORCHRUN"] = "1"
self.trainer = Popen(f"llamafactory-cli train {save_cmd(args)}", env=env, shell=True)
self.trainer = Popen(["llamafactory-cli", "train", save_cmd(args)], env=env)
yield from self.monitor()
def _form_config_dict(self, data: Dict["Component", Any]) -> Dict[str, Any]: