[issue42898] pickle.loads() crashes interpreter on invalid input

[Christian Heimes]

Christian Heimes  added the comment:

The pickle module is not safe against malicious or faulty data. Invalid data 
can cause code injects or even segfaults. It's a know and documented behavior, 
https://docs.python.org/3/library/pickle.html

--
nosy: +christian.heimes
resolution:  -> not a bug
stage:  -> resolved
status: open -> closed

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue42898] pickle.loads() crashes interpreter on invalid input

[Kale Kundert]

Change by Kale Kundert :


--
type:  -> crash
versions: +Python 3.8

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue42898] pickle.loads() crashes interpreter on invalid input

[Kale Kundert]

New submission from Kale Kundert :

I expect `pickle.loads()` to raise `_pickle.UnpicklingError` for any invalid 
input, but for the specific example shown below, the interpreter crashes after 
attempting to allocate >16GB of memory.  Note that this input does not have the 
pickle header (b'0x80'), so it should be easy to distinguish from valid input.

$ python
Python 3.8.2 (default, Apr 13 2020, 11:02:04) 
[Clang 9.0.1 ] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import pickle
>>> pickle.loads(b'January 11')
[1]624227 killed python3

--
messages: 384865
nosy: kalekundert
priority: normal
severity: normal
status: open
title: pickle.loads() crashes interpreter on invalid input

___
Python tracker 

___
___
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com