[Python-checkins] r74189 - in python/trunk: Lib/test/pickletester.py Misc/NEWS Modules/cPickle.c

amaury.forgeotdarc python-checkins at python.org
Thu Jul 23 21:26:03 CEST 2009 

Author: amaury.forgeotdarc
Date: Thu Jul 23 21:26:02 2009
New Revision: 74189

Log:
#6553: crash in cPickle.load(), when given a StringIO with incomplete data.

Will backport to 2.6, 3.x already fixed a similar issue with issue4298.


Modified:
   python/trunk/Lib/test/pickletester.py
   python/trunk/Misc/NEWS
   python/trunk/Modules/cPickle.c

Modified: python/trunk/Lib/test/pickletester.py
==============================================================================
--- python/trunk/Lib/test/pickletester.py	(original)
+++ python/trunk/Lib/test/pickletester.py	Thu Jul 23 21:26:02 2009
@@ -1,6 +1,7 @@
 import unittest
 import pickle
 import cPickle
+import StringIO
 import cStringIO
 import pickletools
 import copy_reg
@@ -1086,6 +1087,10 @@
         self.module.Pickler(f, -1)
         self.module.Pickler(f, protocol=-1)
 
+    def test_incomplete_input(self):
+        s = StringIO.StringIO("X''.")
+        self.assertRaises(EOFError, self.module.load, s)
+
 class AbstractPersistentPicklerTests(unittest.TestCase):
 
     # This class defines persistent_id() and persistent_load()

Modified: python/trunk/Misc/NEWS
==============================================================================
--- python/trunk/Misc/NEWS	(original)
+++ python/trunk/Misc/NEWS	Thu Jul 23 21:26:02 2009
@@ -351,7 +351,10 @@
 Library
 -------
 
-- Issue #6545: Removed assert statements in distutils.Extension, so the 
+- Issue #6553: Fixed a crash in cPickle.load(), when given a file-like object
+  containing incomplete data.
+
+- Issue #6545: Removed assert statements in distutils.Extension, so the
   behavior is similar when used with -O.
 
 - unittest has been split up into a package.  All old names should still work.
@@ -360,7 +363,7 @@
   know how to handle a comparison without loss of precision.  Also add
   correct handling of infinities and nans for comparisons with float.
 
-- Issue #6415: Fixed warnings.warn sagfault on bad formatted string.
+- Issue #6415: Fixed warnings.warn segfault on bad formatted string.
 
 - Issue #6466: now distutils.cygwinccompiler and distutils.emxccompiler
   uses the same refactored function to get gcc/ld/dllwrap versions numbers.

Modified: python/trunk/Modules/cPickle.c
==============================================================================
--- python/trunk/Modules/cPickle.c	(original)
+++ python/trunk/Modules/cPickle.c	Thu Jul 23 21:26:02 2009
@@ -663,6 +663,12 @@
 	self->last_string = str;
 
 	if (! (*s = PyString_AsString(str))) return -1;
+
+	if (PyString_GET_SIZE(str) != n) {
+		PyErr_SetNone(PyExc_EOFError);
+		return -1;
+	}
+
 	return n;
 }

More information about the Python-checkins mailing list