phoenix/litellm-mirror
0
0
Fork 1
mirror of https://github.com/BerriAI/litellm.git synced 2025-04-26 03:04:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix - security fix

Browse source
This commit is contained in:
Ishaan Jaff 2024-04-20 12:10:08 -07:00
parent 5d39865362
commit 07a10247db
1 changed files with 6 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

7
litellm/proxy/proxy_server.py
View file

@ -4166,8 +4166,13 @@ async def audio_transcriptions(
file.filename is not None
) # make sure filename passed in (needed for type)
_original_filename = file.filename
file_extension = os.path.splitext(file.filename)[1]
# rename the file to a random hash file name -> we eventuall remove the file and don't want to remove any local files
file.filename = f"tmp-request" + str(uuid.uuid4())
file.filename = f"tmp-request" + str(uuid.uuid4()) + file_extension
# IMP - Asserts that we've renamed the uploaded file, since we run os.remove(file.filename), we should rename the original file
assert file.filename != _original_filename
with open(file.filename, "wb+") as f:
f.write(await file.read())