[New-bugs-announce] [issue41459] pickle.load raises SystemError on malformed input

Guillaume report at bugs.python.org
Sun Aug 2 16:56:15 EDT 2020


New submission from Guillaume <guillaume+python at atto.be>:

pickle.load() raises a criptic SystemError with malformed input, whereas I would have expected an UnpicklingError. 

"SystemError: deallocated bytearray object has exported buffers"

Because pickle is not meant for use on untrusted input, this likely would not be considered a servere issue. 

Reproducing: 

import pickle
f = open("crash-95c0cb965cb66f5eebc778a1d2304eaffb72f1aa", "rb")
d = pickle.load(f)

----------
components: Argument Clinic
files: crash-95c0cb965cb66f5eebc778a1d2304eaffb72f1aa
messages: 374695
nosy: Guillaume, larry
priority: normal
severity: normal
status: open
title: pickle.load raises SystemError on malformed input
versions: Python 3.8
Added file: https://bugs.python.org/file49358/crash-95c0cb965cb66f5eebc778a1d2304eaffb72f1aa

_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue41459>
_______________________________________


More information about the New-bugs-announce mailing list