Message 71938 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	alexandre.vassalotti
Recipients	ajaksu2, alexandre.vassalotti, christian.heimes
Date	2008-08-25.15:25:44
SpamBayes Score	0.00516014
Marked as misclassified	No
Message-id	<1219677945.91.0.226401401058.issue3664@psf.upfronthosting.co.za>
In-reply-to

Content
Oh, that's nasty. Recalling __init__ with bad arguments breaks the internal invariants as it clears the Pickler's content before parsing the arguments. I suspect that Unpickler is vulnerable too. Adding a NULL check in pickler_write will only fix this particular example. I could probably find another crash example that doesn't use pickler_write.

Oh, that's nasty. Recalling __init__ with bad arguments breaks the
internal invariants as it clears the Pickler's content before parsing
the arguments. I suspect that Unpickler is vulnerable too.

Adding a NULL check in pickler_write will only fix this particular
example. I could probably find another crash example that doesn't use
pickler_write.

History
Date	User	Action	Args
2008-08-25 15:25:46	alexandre.vassalotti	set	recipients: + alexandre.vassalotti, christian.heimes, ajaksu2
2008-08-25 15:25:45	alexandre.vassalotti	set	messageid: <1219677945.91.0.226401401058.issue3664@psf.upfronthosting.co.za>
2008-08-25 15:25:45	alexandre.vassalotti	link	issue3664 messages
2008-08-25 15:25:44	alexandre.vassalotti	create