diff options
author | Barry Warsaw <barry@python.org> | 2001-11-15 23:42:58 (GMT) |
---|---|---|
committer | Barry Warsaw <barry@python.org> | 2001-11-15 23:42:58 (GMT) |
commit | bf4d959d28eacf5c57afe56abbf463272cef7557 (patch) | |
tree | 229698f4a1363f3a22b1482e6fdfad9ca2a67fab /Lib | |
parent | f595fd975da6338ae7b5a5355833ee73d924ed20 (diff) | |
download | cpython-bf4d959d28eacf5c57afe56abbf463272cef7557.zip cpython-bf4d959d28eacf5c57afe56abbf463272cef7557.tar.gz cpython-bf4d959d28eacf5c57afe56abbf463272cef7557.tar.bz2 |
Two changes:
load_inst(): Implement the security hook that cPickle already had.
When unpickling callables which are not classes, we look to see if the
object has an attribute __safe_for_unpickling__. If this exists and
has a true value, then we can call it to create the unpickled object.
Otherwise we raise an UnpicklingError.
find_class(): We no longer mask ImportError, KeyError, and
AttributeError by transforming them into SystemError. The latter is
definitely not the right thing to do, so we let the former three
exceptions simply propagate up if they occur, i.e. we remove the
try/except!
Diffstat (limited to 'Lib')
-rw-r--r-- | Lib/pickle.py | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/Lib/pickle.py b/Lib/pickle.py index a22580b..8a07925 100644 --- a/Lib/pickle.py +++ b/Lib/pickle.py @@ -769,6 +769,9 @@ class Unpickler: pass if not instantiated: try: + if not hasattr(klass, '__safe_for_unpickling__'): + raise UnpicklingError('%s is not safe for unpickling' % + klass) value = apply(klass, args) except TypeError, err: raise TypeError, "in constructor for %s: %s" % ( @@ -807,14 +810,9 @@ class Unpickler: dispatch[GLOBAL] = load_global def find_class(self, module, name): - try: - __import__(module) - mod = sys.modules[module] - klass = getattr(mod, name) - except (ImportError, KeyError, AttributeError): - raise SystemError, \ - "Failed to import class %s from module %s" % \ - (name, module) + __import__(module) + mod = sys.modules[module] + klass = getattr(mod, name) return klass def load_reduce(self): |