From 415b2e1967e164654f7fa343695ce17a8c60428a Mon Sep 17 00:00:00 2001
From: shaohuzhang1 <80892890+shaohuzhang1@users.noreply.github.com>
Date: Fri, 27 Dec 2024 11:13:44 +0800
Subject: [PATCH] fix: Import application and add file format verification
 (#1928)

---
 apps/application/serializers/application_serializers.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/apps/application/serializers/application_serializers.py b/apps/application/serializers/application_serializers.py
index 3ec1053a7..41ba5050c 100644
--- a/apps/application/serializers/application_serializers.py
+++ b/apps/application/serializers/application_serializers.py
@@ -684,7 +684,10 @@ class ApplicationSerializer(serializers.Serializer):
                 self.is_valid()
             user_id = self.data.get('user_id')
             mk_instance_bytes = self.data.get('file').read()
-            mk_instance = pickle.loads(mk_instance_bytes)
+            try:
+                mk_instance = pickle.loads(mk_instance_bytes)
+            except Exception as e:
+                raise AppApiException(1001, "不支持的文件格式")
             application = mk_instance.application
             function_lib_list = mk_instance.function_lib_list
             if len(function_lib_list) > 0: