mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-12-01 23:32:16 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

Issue #7455: Fix possible crash in cPickle on invalid input. Patch by

Browse source 
Florent Xicluna.
This commit is contained in:
Antoine Pitrou 2010-01-07 17:46:49 +00:00
parent bdd863d062
commit 0d423b870b
3 changed files with 13 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

9
Lib/test/pickletester.py
View file

@ -1100,6 +1100,15 @@ class AbstractPickleModuleTests(unittest.TestCase):
exec teststr in {'__builtins__': builtins}, d exec teststr in {'__builtins__': builtins}, d
d['f']() d['f']()
def test_bad_input(self):
# Test issue4298
s = '\x58\0\0\0\x54'
self.assertRaises(EOFError, self.module.loads, s)
# Test issue7455
s = '0'
# XXX Why doesn't pickle raise UnpicklingError?
self.assertRaises((IndexError, cPickle.UnpicklingError),
self.module.loads, s)
class AbstractPersistentPicklerTests(unittest.TestCase): class AbstractPersistentPicklerTests(unittest.TestCase):

3
Misc/NEWS
View file

@ -65,6 +65,9 @@ Core and Builtins
Library Library
------- -------
- Issue #7455: Fix possible crash in cPickle on invalid input. Patch by
Florent Xicluna.
- Issue #7092: Fix the DeprecationWarnings emitted by the standard library - Issue #7092: Fix the DeprecationWarnings emitted by the standard library
when using the -3 flag. Patch by Florent Xicluna. when using the -3 flag. Patch by Florent Xicluna.

2
Modules/cPickle.c
View file

@ -4117,7 +4117,7 @@ load_pop(Unpicklerobject *self)
*/ */
if (self->num_marks > 0 && self->marks[self->num_marks - 1] == len) { if (self->num_marks > 0 && self->marks[self->num_marks - 1] == len) {
self->num_marks--; self->num_marks--;
} else if (len >= 0) { } else if (len > 0) {
len--; len--;
Py_DECREF(self->stack->data[len]); Py_DECREF(self->stack->data[len]);
self->stack->length = len; self->stack->length = len;