fix: sanitize name field and remove double load_npz call
- _resolve_named_path: replace / \ and null in name to prevent path traversal outside cache_dir (would cause a confusing FileNotFoundError at np.savez time instead of at path resolution). - train_lora: load_npz was called twice per clip when prompt was in prompts.txt; consolidate to a single call before prompt resolution. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -70,6 +70,8 @@ def _apply_mask(frames, mask, source_fps, target_fps, mask_strength=1.0):
|
|||||||
|
|
||||||
def _resolve_named_path(cache_dir: str, name: str) -> str:
|
def _resolve_named_path(cache_dir: str, name: str) -> str:
|
||||||
"""Return cache_dir/name.npz, incrementing to name_001.npz etc. if the file already exists."""
|
"""Return cache_dir/name.npz, incrementing to name_001.npz etc. if the file already exists."""
|
||||||
|
# Sanitize: replace path separators so the name stays inside cache_dir
|
||||||
|
name = name.replace("/", "_").replace("\\", "_").replace("\x00", "_")
|
||||||
base = os.path.join(cache_dir, f"{name}.npz")
|
base = os.path.join(cache_dir, f"{name}.npz")
|
||||||
if not os.path.exists(base):
|
if not os.path.exists(base):
|
||||||
return base
|
return base
|
||||||
|
|||||||
+2
-6
@@ -264,13 +264,9 @@ def main():
|
|||||||
print(f" [LoRA] Warning: no audio file found for {npz_path.name} — skipping")
|
print(f" [LoRA] Warning: no audio file found for {npz_path.name} — skipping")
|
||||||
continue
|
continue
|
||||||
|
|
||||||
|
bundle = load_npz(npz_path)
|
||||||
# Prompt priority: prompts.txt override > embedded in .npz > directory name
|
# Prompt priority: prompts.txt override > embedded in .npz > directory name
|
||||||
prompt = prompt_map.get(npz_path.name)
|
prompt = prompt_map.get(npz_path.name, bundle.get("prompt", default_prompt))
|
||||||
if prompt is None:
|
|
||||||
bundle = load_npz(npz_path)
|
|
||||||
prompt = bundle.get("prompt", default_prompt)
|
|
||||||
else:
|
|
||||||
bundle = load_npz(npz_path)
|
|
||||||
|
|
||||||
print(f" {npz_path.name} + {audio_path.name}: '{prompt}'")
|
print(f" {npz_path.name} + {audio_path.name}: '{prompt}'")
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user