From ecb1104342af0e2dca191f7666c60d5ca65069a8 Mon Sep 17 00:00:00 2001 From: Guido van Rossum Date: Wed, 29 Jan 2003 06:24:30 +0000 Subject: Document the demise of all pretenses of safety, and the difference between cPickle and pickle.py regarding __safe_for_unpickling__ before Python 2.3. --- Lib/pickletools.py | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/Lib/pickletools.py b/Lib/pickletools.py index 4f72923..7783d24 100644 --- a/Lib/pickletools.py +++ b/Lib/pickletools.py @@ -125,6 +125,17 @@ The third major set of additions came in Python 2.3, and is called "protocol efficiently by index (EXT{1,2,4}). This is akin to the memo and GET, but the registry contents are predefined (there's nothing akin to the memo's PUT). + +Another, independent change with Python 2.3 is the abandonment of any +pretense that it might be safe to pickles received from untrusted +parties -- no sufficient security analysis has been done to guarantee +this and there isn't a use case to warrants the expense of such an +analysis. + +To this end, all tests for __safe_for_unpickling__ or for +copy_reg.safe_constructors are removed from the unpickling code. +References to these variables in the descriptions below are to be seen +as describing unpickling in Python 2.2 and before. """ # Meta-rule: Descriptions are stored in instances of descriptor objects, @@ -1591,8 +1602,9 @@ opcodes = [ first insists that the class object have a __safe_for_unpickling__ attribute. Unlike as for the __safe_for_unpickling__ check in REDUCE, it doesn't matter whether this attribute has a true or false value, it - only matters whether it exists (XXX this smells like a bug). If - __safe_for_unpickling__ dosn't exist, UnpicklingError is raised. + only matters whether it exists (XXX this is a bug; cPickle + requires the attribute to be true). If __safe_for_unpickling__ + doesn't exist, UnpicklingError is raised. Else (the class object does have a __safe_for_unpickling__ attr), the class object obtained from INST's arguments is applied to the @@ -1624,8 +1636,9 @@ opcodes = [ As for INST, the remainder of the stack above the markobject is gathered into an argument tuple, and then the logic seems identical, - except that no __safe_for_unpickling__ check is done (XXX this smells - like a bug). See INST for the gory details. + except that no __safe_for_unpickling__ check is done (XXX this is + a bug; cPickle does test __safe_for_unpickling__). See INST for + the gory details. """), I(name='NEWOBJ', -- cgit v0.12