Fredrik Lundh wrote:
the problem is that the following may or may not reach the "done!" statement, somewhat depending on python version, memory allocator, and what data you pass to dumps.
import marshal
data = marshal.dumps((1, 2, 3, "hello", 4, 5, 6))
for i in range(len(data), -1, -1): try: print marshal.loads(data[:i]) except EOFError: print "EOFError" except ValueError: print "ValueError"
print "done!"
(try different data combinations, to see how far you get on your platform...)
Python 2.4 on my windows box crashes with Fatal Python error: PyString_InternInPlace: strings only please!
This application has requested the Runtime to terminate it in an unusual way. Please contact the application's support team for more information. c:\> _
So indeed it seems that marshal is not safe yet :-|
fixing this should be relatively easy, and should result in a safe unmarshaller (your application will still have to limit the amount of data fed into load/loads, of course).
Okay.
--Irmen -- http://mail.python.org/mailman/listinfo/python-list
