31 Aug
2000
31 Aug
'00
7:25 a.m.
"GS" == Greg Stein
writes:
GS> On Wed, Aug 30, 2000 at 09:21:23PM -0400, Jeremy Hylton wrote:
... But neither marshal nor pickle is safe. It is possible to cause a core dump by passing marshal invalid data. It may also be possible to launch a stack overflow attack -- not sure.
GS> I believe those core dumps were fixed. Seems like I remember GS> somebody doing some work on that. GS> ?? Aha! I hadn't notice that patch sneaking in. I brought it up with Guido a few months ago and he didn't want to make changes to marshal because, IIRC, marshal exists only because .pyc files need it. Jeremy