summaryrefslogtreecommitdiffstats
path: root/Lib
diff options
context:
space:
mode:
authorBarry Warsaw <barry@python.org>2001-11-15 23:42:58 (GMT)
committerBarry Warsaw <barry@python.org>2001-11-15 23:42:58 (GMT)
commitbf4d959d28eacf5c57afe56abbf463272cef7557 (patch)
tree229698f4a1363f3a22b1482e6fdfad9ca2a67fab /Lib
parentf595fd975da6338ae7b5a5355833ee73d924ed20 (diff)
downloadcpython-bf4d959d28eacf5c57afe56abbf463272cef7557.zip
cpython-bf4d959d28eacf5c57afe56abbf463272cef7557.tar.gz
cpython-bf4d959d28eacf5c57afe56abbf463272cef7557.tar.bz2
Two changes:
load_inst(): Implement the security hook that cPickle already had. When unpickling callables which are not classes, we look to see if the object has an attribute __safe_for_unpickling__. If this exists and has a true value, then we can call it to create the unpickled object. Otherwise we raise an UnpicklingError. find_class(): We no longer mask ImportError, KeyError, and AttributeError by transforming them into SystemError. The latter is definitely not the right thing to do, so we let the former three exceptions simply propagate up if they occur, i.e. we remove the try/except!
Diffstat (limited to 'Lib')
-rw-r--r--Lib/pickle.py14
1 files changed, 6 insertions, 8 deletions
diff --git a/Lib/pickle.py b/Lib/pickle.py
index a22580b..8a07925 100644
--- a/Lib/pickle.py
+++ b/Lib/pickle.py
@@ -769,6 +769,9 @@ class Unpickler:
pass
if not instantiated:
try:
+ if not hasattr(klass, '__safe_for_unpickling__'):
+ raise UnpicklingError('%s is not safe for unpickling' %
+ klass)
value = apply(klass, args)
except TypeError, err:
raise TypeError, "in constructor for %s: %s" % (
@@ -807,14 +810,9 @@ class Unpickler:
dispatch[GLOBAL] = load_global
def find_class(self, module, name):
- try:
- __import__(module)
- mod = sys.modules[module]
- klass = getattr(mod, name)
- except (ImportError, KeyError, AttributeError):
- raise SystemError, \
- "Failed to import class %s from module %s" % \
- (name, module)
+ __import__(module)
+ mod = sys.modules[module]
+ klass = getattr(mod, name)
return klass
def load_reduce(self):