diff options
author | Martin v. Löwis <martin@v.loewis.de> | 2002-08-14 07:46:28 (GMT) |
---|---|---|
committer | Martin v. Löwis <martin@v.loewis.de> | 2002-08-14 07:46:28 (GMT) |
commit | 8a8da798a5a35bb387575d696799be29c4eaa0d3 (patch) | |
tree | 66bb5ad750db964cd527b74b3bd6a4b11b2dcac1 /Lib/pickle.py | |
parent | cffac66393c2af89c6546ab081f9098633273a53 (diff) | |
download | cpython-8a8da798a5a35bb387575d696799be29c4eaa0d3.zip cpython-8a8da798a5a35bb387575d696799be29c4eaa0d3.tar.gz cpython-8a8da798a5a35bb387575d696799be29c4eaa0d3.tar.bz2 |
Patch #505705: Remove eval in pickle and cPickle.
Diffstat (limited to 'Lib/pickle.py')
-rw-r--r-- | Lib/pickle.py | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/Lib/pickle.py b/Lib/pickle.py index a507595..4bc54ec 100644 --- a/Lib/pickle.py +++ b/Lib/pickle.py @@ -126,6 +126,8 @@ FALSE = 'I00\n' __all__.extend([x for x in dir() if re.match("[A-Z][A-Z0-9_]+$",x)]) del x +_quotes = ["'", '"'] + class Pickler: def __init__(self, file, bin = 0): @@ -740,10 +742,15 @@ class Unpickler: def load_string(self): rep = self.readline()[:-1] - if not self._is_string_secure(rep): + for q in _quotes: + if rep.startswith(q): + if not rep.endswith(q): + raise ValueError, "insecure string pickle" + rep = rep[len(q):-len(q)] + break + else: raise ValueError, "insecure string pickle" - self.append(eval(rep, - {'__builtins__': {}})) # Let's be careful + self.append(rep.decode("string-escape")) dispatch[STRING] = load_string def _is_string_secure(self, s): |