[issue18840] Tutorial recommends pickle module without any warning of insecurity

Antoine Pitrou report at bugs.python.org
Wed Dec 4 20:17:00 CET 2013


Antoine Pitrou added the comment:

Correction: you can't pickle executable code, you can pickle references to well-known objects (by name):

>>> def f(): pass
... 
>>> pickle.dumps(f)
b'\x80\x03c__main__\nf\nq\x00.'
>>> pickle.dumps(f.__code__)
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
_pickle.PicklingError: Can't pickle <class 'code'>: attribute lookup code on builtins failed

----------

_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue18840>
_______________________________________


More information about the Python-bugs-list mailing list