diff --git a/Lib/pickle.py b/Lib/pickle.py --- a/Lib/pickle.py +++ b/Lib/pickle.py @@ -951,7 +951,7 @@ class _Unpickler: rep = orig[:-1] for q in (b'"', b"'"): # double or single quote if rep.startswith(q): - if not rep.endswith(q): + if len(rep) < 2 or not rep.endswith(q): raise ValueError("insecure string pickle") rep = rep[len(q):-len(q)] break diff --git a/Lib/test/pickletester.py b/Lib/test/pickletester.py --- a/Lib/test/pickletester.py +++ b/Lib/test/pickletester.py @@ -609,6 +609,14 @@ class AbstractPickleTests(unittest.TestC b"'abc\"", # open quote and close quote don't match b"'abc' ?", # junk after close quote b"'\\'", # trailing backslash + # Variations on issue #17710 + b"'", + b'"', + b"' ", + b"' ", + b"' ", + b"' ", + b'" ', # some tests of the quoting rules ## b"'abc\"\''", ## b"'\\\\a\'\'\'\\\'\\\\\''", diff --git a/Modules/_pickle.c b/Modules/_pickle.c --- a/Modules/_pickle.c +++ b/Modules/_pickle.c @@ -4171,7 +4171,7 @@ load_string(UnpicklerObject *self) if ((len = _Unpickler_Readline(self, &s)) < 0) return -1; - if (len < 3) + if (len < 2) return bad_readline(); if ((s = strdup(s)) == NULL) { PyErr_NoMemory(); @@ -4179,14 +4179,14 @@ load_string(UnpicklerObject *self) } /* Strip outermost quotes */ - while (s[len - 1] <= ' ') + while (len > 0 && s[len - 1] <= ' ') len--; - if (s[0] == '"' && s[len - 1] == '"') { + if (len > 1 && s[0] == '"' && s[len - 1] == '"') { s[len - 1] = '\0'; p = s + 1; len -= 2; } - else if (s[0] == '\'' && s[len - 1] == '\'') { + else if (len > 1 && s[0] == '\'' && s[len - 1] == '\'') { s[len - 1] = '\0'; p = s + 1; len -= 2;