From: Antoine Pitrou Date: Thu, 7 Jan 2010 17:46:49 +0000 (+0000) Subject: Issue #7455: Fix possible crash in cPickle on invalid input. Patch by X-Git-Tag: v2.7a2~13 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0d423b870b0669e7a47aca2739f89e96652546ce;p=thirdparty%2FPython%2Fcpython.git Issue #7455: Fix possible crash in cPickle on invalid input. Patch by Florent Xicluna. --- diff --git a/Lib/test/pickletester.py b/Lib/test/pickletester.py index 04bb84233ea7..0bdcc1079f90 100644 --- a/Lib/test/pickletester.py +++ b/Lib/test/pickletester.py @@ -1100,6 +1100,15 @@ class AbstractPickleModuleTests(unittest.TestCase): exec teststr in {'__builtins__': builtins}, d d['f']() + def test_bad_input(self): + # Test issue4298 + s = '\x58\0\0\0\x54' + self.assertRaises(EOFError, self.module.loads, s) + # Test issue7455 + s = '0' + # XXX Why doesn't pickle raise UnpicklingError? + self.assertRaises((IndexError, cPickle.UnpicklingError), + self.module.loads, s) class AbstractPersistentPicklerTests(unittest.TestCase): diff --git a/Misc/NEWS b/Misc/NEWS index 274b150b272c..199680e915c2 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -65,6 +65,9 @@ Core and Builtins Library ------- +- Issue #7455: Fix possible crash in cPickle on invalid input. Patch by + Florent Xicluna. + - Issue #7092: Fix the DeprecationWarnings emitted by the standard library when using the -3 flag. Patch by Florent Xicluna. diff --git a/Modules/cPickle.c b/Modules/cPickle.c index f97959b2b5c7..7fa7f703d72c 100644 --- a/Modules/cPickle.c +++ b/Modules/cPickle.c @@ -4117,7 +4117,7 @@ load_pop(Unpicklerobject *self) */ if (self->num_marks > 0 && self->marks[self->num_marks - 1] == len) { self->num_marks--; - } else if (len >= 0) { + } else if (len > 0) { len--; Py_DECREF(self->stack->data[len]); self->stack->length = len;