Cleaned up comments; added more classes to find_class so that SD v1.4 now imports.

Author: CrudeDiatribe

backends/model_converter/fake_torch.py

@@ -30,7 +30,7 @@ class Dummy:
 
   class MyPickle(pickle.Unpickler):
     def find_class(self, module, name):
-      #making the following available will expose a vulnerability from 2011:
+      #making all of the following available will expose a vulnerability from 2011, unclear if patched
       #globals, getattr, dict, apply
 
       #print(module, name)
@@ -42,16 +42,26 @@ def find_class(self, module, name):
         return np.int64
       if name == 'HalfStorage':
         return np.float16
+      if module == 'numpy.core.multiarray' and name == 'scalar':
+        return np.core.multiarray.scalar
+      if module == 'numpy' and name == 'dtype':
+        return np.dtype
       if module == "torch._utils":
         if name == "_rebuild_tensor_v2":
           return HackTensor
         elif name == "_rebuild_parameter":
           return HackParameter
       if module == "collections" and name == "OrderedDict":
           return OrderedDict
+      if module == '_codecs' and name == 'encode':
+        from _codecs import encode
+        return encode
+      if module == "pytorch_lightning.callbacks" and name == 'model_checkpoint':
+        return Dummy
+      if module == "pytorch_lightning.callbacks.model_checkpoint" and name == 'ModelCheckpoint':
+        return Dummy
       else:
-          #return Dummy
-          raise pickle.UnpicklingError("'%s.%s' is forbidden" % (module, name))
+        raise pickle.UnpicklingError("'%s.%s' is forbidden" % (module, name))
 
     def persistent_load(self, pid):
       return pid