The bottom line is that pickle should never be used in a security sensitive context. Several years ago I spent about 5 minutes writing a custom pickle fuzzer. It ran for about 60 seconds before segfaulting. Fortunately, the last time I ran my fuzzer (about a year ago), all I could produce was a MemoryError traceback.
Even with all the improvements pickle has seen, I think it would be unwise to imply (via pickle module names or flags) that pickle is "safe". --Edwin On 7/11/2020 1:31 PM, Wes Turner wrote: > Would this accomplish something like: > > pickle.load(safe=True) # or > pickle.safe_loads() > > Is there already a way to load data and not code *with pickle*? > https://docs.python.org/3/library/pickle.html > > On Sat, Jul 11, 2020, 11:01 AM Random832 <[email protected] > <mailto:[email protected]>> wrote: > > The current practice, by overriding find_class, is limited to overriding > what globals get loaded. This makes it impossible to distinguish globals that > will be used as data from globals that will be called as constructors, along > with similar concerns with object attributes [especially methods] obtained by > loading builtins.getattr as global. > > I would suggest also exposing for overrides the points where a callable > loaded from the pickle is called - on the pure-python _Unpickler these are > _instantiate, load_newobj, load_newobj_ex, and load_reduce, though it might > be worthwhile to make a single method that can be overridden and use it at > the points where each of these call a loaded object. > _______________________________________________ > Python-ideas mailing list -- [email protected] > <mailto:[email protected]> > To unsubscribe send an email to [email protected] > <mailto:[email protected]> > https://mail.python.org/mailman3/lists/python-ideas.python.org/ > Message archived at > https://mail.python.org/archives/list/[email protected]/message/BB2TLAF6YSE5PEDQCPLWATDTUYPNXA4D/ > Code of Conduct: http://python.org/psf/codeofconduct/ > > > _______________________________________________ > Python-ideas mailing list -- [email protected] > To unsubscribe send an email to [email protected] > https://mail.python.org/mailman3/lists/python-ideas.python.org/ > Message archived at > https://mail.python.org/archives/list/[email protected]/message/NRLT3IPO7X7BCE5NS7TUUEIHGUWMYGKC/ > Code of Conduct: http://python.org/psf/codeofconduct/
_______________________________________________ Python-ideas mailing list -- [email protected] To unsubscribe send an email to [email protected] https://mail.python.org/mailman3/lists/python-ideas.python.org/ Message archived at https://mail.python.org/archives/list/[email protected]/message/VGOERX5NUT2V6AMFRK65XXXL2PVMJHZ4/ Code of Conduct: http://python.org/psf/codeofconduct/
