use weights_only in conversion script (#32)

this restricts malicious weights from executing arbitrary code by restricting the unpickler to only loading tensors, primitive types, and dictionaries

diff --git a/convert-pth-to-ggml.py b/convert-pth-to-ggml.py
index fc217c7ec3b328a613be93efa57fc793f282e641..98693e305e1ef14893856fb0405c67eff07eed44 100644 (file)
--- a/convert-pth-to-ggml.py
+++ b/convert-pth-to-ggml.py
@@ -86,7 +86,7 @@ for p in range(n_parts):
     if (p > 0):
         fname_out = sys.argv[1] + "/ggml-model-" + ftype_str[ftype] + ".bin" + "." + str(p)
 
-    model = torch.load(fname_model, map_location="cpu")
+    model = torch.load(fname_model, map_location="cpu", weights_only=True)
 
     fout = open(fname_out, "wb")