This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Title: pickle.load raises SystemError on malformed input
Type: Stage: resolved
Components: Library (Lib) Versions: Python 3.8
Status: closed Resolution: wont fix
Dependencies: Superseder:
Assigned To: Nosy List: Guillaume, eric.smith
Priority: normal Keywords:

Created on 2020-08-02 20:56 by Guillaume, last changed 2022-04-11 14:59 by admin. This issue is now closed.

File name Uploaded Description Edit
crash-95c0cb965cb66f5eebc778a1d2304eaffb72f1aa Guillaume, 2020-08-02 20:56
Messages (4)
msg374695 - (view) Author: Guillaume (Guillaume) Date: 2020-08-02 20:56
pickle.load() raises a criptic SystemError with malformed input, whereas I would have expected an UnpicklingError. 

"SystemError: deallocated bytearray object has exported buffers"

Because pickle is not meant for use on untrusted input, this likely would not be considered a servere issue. 


import pickle
f = open("crash-95c0cb965cb66f5eebc778a1d2304eaffb72f1aa", "rb")
d = pickle.load(f)
msg374696 - (view) Author: Guillaume (Guillaume) Date: 2020-08-02 21:05
Updated Components. I believe pickle fit in the Library category. 

Note this was discovered with python 3.8.5
msg374699 - (view) Author: Eric V. Smith (eric.smith) * (Python committer) Date: 2020-08-02 22:24
As a rule, we don't put a lot of effort into handling malformed pickle input. Is this causing some practical problem?
msg374750 - (view) Author: Guillaume (Guillaume) Date: 2020-08-03 18:25
Hi Eric, 

I'm not aware of a practical problem caused by this. 

This was discovered via fuzzing. I reported it because the unexpected error suggest an internal issue within the pickle library. 

Just before reporting this, I browsed the bug tracker and noticed a similar comment suggesting this kind of pickle issue is of little consequences given pickle is not designed for untrusted input. So I've shifted my focus away from fuzzing pickle.
Date User Action Args
2022-04-11 14:59:34adminsetgithub: 85631
2021-01-27 02:14:48eric.smithsetstatus: open -> closed
resolution: wont fix
stage: resolved
2020-08-03 18:25:44Guillaumesetmessages: + msg374750
2020-08-02 22:24:07eric.smithsetnosy: + eric.smith
messages: + msg374699
2020-08-02 21:08:53larrysetnosy: - larry
2020-08-02 21:05:58Guillaumesetmessages: + msg374696
components: + Library (Lib), - Argument Clinic
2020-08-02 20:56:15Guillaumecreate