blackteay/GPT-SoVITS
1
0
Fork 0
mirror of https://github.com/RVC-Boss/GPT-SoVITS.git synced 2026-04-29 21:00:42 +08:00
Code Issues Packages Projects Releases Wiki Activity
GPT-SoVITS/GPT_SoVITS/prepare_datasets
History
changhaowuwu 8b195a5adb security: replace eval() with safe boolean parsing 
Replace all uses of eval() on environment variables and command-line
arguments with safe string comparison. eval() allows arbitrary code
execution when given untrusted input, making it a security risk.

The fix uses .lower() in ("true", "1", "yes") which produces
identical behavior for all valid boolean inputs while preventing
code injection. This pattern is already used in config.py.

Affected files (10 call sites):
- GPT_SoVITS/inference_webui.py (is_share, is_half)
- GPT_SoVITS/inference_webui_fast.py (is_share, is_half)
- GPT_SoVITS/prepare_datasets/1-get-text.py (is_half)
- GPT_SoVITS/prepare_datasets/2-get-hubert-wav32k.py (is_half)
- GPT_SoVITS/prepare_datasets/2-get-sv.py (is_half)
- GPT_SoVITS/prepare_datasets/3-get-semantic.py (is_half)
- tools/uvr5/webui.py (is_half, is_share)
- tools/subfix_webui.py (is_share)
2026-02-25 22:08:01 +01:00
..
1-get-text.py
security: replace eval() with safe boolean parsing
2026-02-25 22:08:01 +01:00
2-get-hubert-wav32k.py
security: replace eval() with safe boolean parsing
2026-02-25 22:08:01 +01:00
2-get-sv.py
security: replace eval() with safe boolean parsing
2026-02-25 22:08:01 +01:00
3-get-semantic.py
security: replace eval() with safe boolean parsing
2026-02-25 22:08:01 +01:00