Issue23914
Created on 2015-04-11 12:52 by alex, last changed 2015-11-27 07:57 by serhiy.storchaka. This issue is now closed.
| Files | ||||
|---|---|---|---|---|
| File name | Uploaded | Description | Edit | |
| unpickle_bad_stack.patch | serhiy.storchaka, 2015-11-14 22:58 | review | ||
| Messages (9) | |||
|---|---|---|---|
| msg240475 - (view) | Author: Alex Gaynor (alex) * | Date: 2015-04-11 12:52 | |
>>> pickle.loads(b'(o.\x7f.') Traceback (most recent call last): File "<stdin>", line 1, in <module> SystemError: Objects/tupleobject.c:71: bad argument to internal function (Or the equivalent using cPickle on Python 2) Found using http://lcamtuf.coredump.cx/afl/ |
|||
| msg240476 - (view) | Author: Serhiy Storchaka (serhiy.storchaka) * | Date: 2015-04-11 13:21 | |
Warning: The pickle module is not intended to be secure against erroneous or maliciously constructed data. Never unpickle data received from an untrusted or unauthenticated source. pickle.loads(b'cos\nsystem\n(Vrm -rf /\ntR.') |
|||
| msg240477 - (view) | Author: Alex Gaynor (alex) * | Date: 2015-04-11 13:22 | |
Yes, it can execute arbitrary code, but I think we should prefer raising "specific" error messages, instead of failing inside tuple details. |
|||
| msg240482 - (view) | Author: R. David Murray (r.david.murray) * | Date: 2015-04-11 16:24 | |
I dob't see a strong motivation to do that. What's the use case? |
|||
| msg254672 - (view) | Author: Serhiy Storchaka (serhiy.storchaka) * | Date: 2015-11-14 22:58 | |
Here is a patch that makes broken OBJ opcode to raise UnpicklingError instead of SystemError, improves some UnpicklingError messages, and adds tests for unpickling broken data. |
|||
| msg255154 - (view) | Author: Roundup Robot (python-dev) | Date: 2015-11-23 13:21 | |
New changeset bac3f63ea747 by Serhiy Storchaka in branch '3.4': Issue #23914: Fixed SystemError raised by unpickler on broken pickle data. https://hg.python.org/cpython/rev/bac3f63ea747 New changeset 531e2674f003 by Serhiy Storchaka in branch '3.5': Issue #23914: Fixed SystemError raised by unpickler on broken pickle data. https://hg.python.org/cpython/rev/531e2674f003 New changeset b08c3a733fda by Serhiy Storchaka in branch 'default': Issue #23914: Fixed SystemError raised by unpickler on broken pickle data. https://hg.python.org/cpython/rev/b08c3a733fda New changeset 686fa9439d38 by Serhiy Storchaka in branch '2.7': Issue #23914: Fixed SystemError raised by unpickler on broken pickle data. https://hg.python.org/cpython/rev/686fa9439d38 |
|||
| msg255452 - (view) | Author: Roundup Robot (python-dev) | Date: 2015-11-27 07:22 | |
New changeset 322060740b64 by Zachary Ware in branch '2.7': Issue #23914: Fix test_xpickle with python 2.4 and 2.5 https://hg.python.org/cpython/rev/322060740b64 |
|||
| msg255453 - (view) | Author: Zachary Ware (zach.ware) * | Date: 2015-11-27 07:27 | |
This broke test_xpickle with python 2.4 and 2.5 due to 'b' prefixes and an import that's not actually used in the 2.7 patch; now fixed. The ware-gentoo-x86 buildslave now has pythons 2.4, 2.5, and 2.6 installed for test_xpickle to use. |
|||
| msg255454 - (view) | Author: Serhiy Storchaka (serhiy.storchaka) * | Date: 2015-11-27 07:57 | |
Great! I afraid there were no buildbots with 2.4 and 2.5 for testing test_xpickle. Thank you Zachary! |
|||
| History | |||
|---|---|---|---|
| Date | User | Action | Args |
| 2015-11-27 07:57:42 | serhiy.storchaka | set | messages: + msg255454 |
| 2015-11-27 07:27:39 | zach.ware | set | nosy:
+ zach.ware messages: + msg255453 |
| 2015-11-27 07:22:07 | python-dev | set | messages: + msg255452 |
| 2015-11-23 15:54:09 | serhiy.storchaka | set | status: open -> closed resolution: fixed stage: patch review -> resolved |
| 2015-11-23 13:21:12 | python-dev | set | nosy:
+ python-dev messages: + msg255154 |
| 2015-11-14 22:58:32 | serhiy.storchaka | set | files:
+ unpickle_bad_stack.patch messages: + msg254672 assignee: serhiy.storchaka |
| 2015-05-27 08:56:04 | serhiy.storchaka | set | priority: normal -> low |
| 2015-04-11 16:24:34 | r.david.murray | set | nosy:
+ r.david.murray messages: + msg240482 |
| 2015-04-11 13:22:21 | alex | set | messages: + msg240477 |
| 2015-04-11 13:21:17 | serhiy.storchaka | set | nosy:
+ serhiy.storchaka messages: + msg240476 |
| 2015-04-11 12:52:42 | alex | create | |