New submission from Kale Kundert <k...@thekunderts.net>:
I expect `pickle.loads()` to raise `_pickle.UnpicklingError` for any invalid input, but for the specific example shown below, the interpreter crashes after attempting to allocate >16GB of memory. Note that this input does not have the pickle header (b'0x80'), so it should be easy to distinguish from valid input. $ python Python 3.8.2 (default, Apr 13 2020, 11:02:04) [Clang 9.0.1 ] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import pickle >>> pickle.loads(b'January 11') [1] 624227 killed python3 ---------- messages: 384865 nosy: kalekundert priority: normal severity: normal status: open title: pickle.loads() crashes interpreter on invalid input _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue42898> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
