Issue 41200: Add pickle.loads fuzz test - Python tracker

classification

Title:	Add pickle.loads fuzz test
Type:	security	Stage:	resolved
Components:	Tests	Versions:	Python 3.10

process

Status:	closed	Resolution:	rejected
Dependencies:		Superseder:
Assigned To:	gregory.p.smith	Nosy List:	Bruce Day, gregory.p.smith
Priority:	normal	Keywords:

Created on 2020-07-03 10:48 by Bruce Day, last changed 2021-03-14 02:22 by gregory.p.smith. This issue is now closed.

Pull Requests
URL	Status	Linked	Edit
PR 21289	open	Bruce Day, 2020-07-03 10:48

Messages (2)
msg372916 - (view)	Author: Bruce Day (Bruce Day)	Date: 2020-07-03 10:48
add pickle.loads(x) fuzz test
msg381880 - (view)	Author: Gregory P. Smith (gregory.p.smith) *	Date: 2020-11-26 07:24
Given that pickle is documented as: """ Warning The pickle module is not secure. Only unpickle data you trust. It is possible to construct malicious pickle data which will execute arbitrary code during unpickling. """ https://docs.python.org/3/library/pickle.html What is fuzzing pickle.loads() expected to accomplish?

History
Date	User	Action	Args
2021-03-14 02:22:03	gregory.p.smith	set	status: open -> closed resolution: rejected stage: resolved
2020-11-26 07:24:08	gregory.p.smith	set	assignee: gregory.p.smith messages: + msg381880 nosy: + gregory.p.smith
2020-07-03 10:48:09	Bruce Day	create