Issue #17710: Fix pickle raising a SystemError on bogus input.

author Antoine Pitrou <solipsis@pitrou.net>

Mon, 15 Apr 2013 19:55:14 +0000 (21:55 +0200)

committer Antoine Pitrou <solipsis@pitrou.net>

Mon, 15 Apr 2013 19:55:14 +0000 (21:55 +0200)
author Antoine Pitrou <solipsis@pitrou.net>
Mon, 15 Apr 2013 19:55:14 +0000 (21:55 +0200)
committer Antoine Pitrou <solipsis@pitrou.net>
Mon, 15 Apr 2013 19:55:14 +0000 (21:55 +0200)
diff --cc Lib/pickle.py

index 998fce0a6bbf61915c2ee0f55c1e77e9b689b8f8,161c2e9e74b9b445f9471eee6e2b5a2ad68856d4..a4acbe941e0309b512f80563b9f50114c66f041a
--- 1/Lib/pickle.py
--- 2/Lib/pickle.py
+++ b/Lib/pickle.py
@@@ -902,11 -949,14 +902,11 @@@ class _Unpickler
       def load_string(self):
           orig = self.readline()
           rep = orig[:-1]
- -        for q in (b'"', b"'"): # double or single quote
- -            if rep.startswith(q):
- -                if len(rep) < 2 or not rep.endswith(q):
- -                    raise ValueError("insecure string pickle")
- -                rep = rep[len(q):-len(q)]
- -                break
+ +        # Strip outermost quotes
-         if rep[0] == rep[-1] and rep[0] in b'"\'':
++        if len(rep) >= 2 and rep[0] == rep[-1] and rep[0] in b'"\'':
+ +            rep = rep[1:-1]
           else:
- -            raise ValueError("insecure string pickle: %r" % orig)
+ +            raise ValueError("insecure string pickle")
           self.append(codecs.escape_decode(rep)[0]
                       .decode(self.encoding, self.errors))
       dispatch[STRING[0]] = load_string
diff --cc Misc/NEWS
Simple merge
diff --cc Modules/_pickle.c
Simple merge
author	Antoine Pitrou <solipsis@pitrou.net>
	Mon, 15 Apr 2013 19:55:14 +0000 (21:55 +0200)
committer	Antoine Pitrou <solipsis@pitrou.net>
	Mon, 15 Apr 2013 19:55:14 +0000 (21:55 +0200)
		1	2
Lib/pickle.py	patch \|	diff1 \|	diff2 \|	blob \| history
Misc/NEWS	patch \|	diff1 \|	diff2 \|	blob \| history
Modules/_pickle.c	patch \|	diff1 \|	diff2 \|	blob \| history