[issue9965] Loading malicious pickle may cause excessive memory usage

Georg Brandl added the comment: Closing as "won't fix". -- nosy: +georg.brandl resolution: -> wont fix status: open -> closed ___ Python tracker ___

[issue9965] Loading malicious pickle may cause excessive memory usage

Alexandre Vassalotti added the comment: I was going to say this method http://docs.python.org/dev/py3k/library/pickle.html#restricting-globals could be used to prevent this kind of attack on bytearray. But, I came up with this fun thing: pickle.loads(b'\x80\x03cbuiltins\nlist\ncbuiltins\nra

[issue9965] Loading malicious pickle may cause excessive memory usage

Antoine Pitrou added the comment: As an example of malicious pickle causing "excessive" memory usage, you can simply write: >>> s = b'\x80\x03cbuiltins\nbytearray\nq\x00J\x00\x00\x00\x7f\x85q\x01Rq\x02.' >>> _ = pickle.loads(s) This will allocate an almost 2GB bytearray. You can of course cha

[issue9965] Loading malicious pickle may cause excessive memory usage

Antoine Pitrou added the comment: I don't think there's any point doing this. Pickle is insecure by construction; it shouldn't crash when used legitimately, but trying to make it robust in the face of hand-crafted pickle strings sounds like an uphill battle (*). (*) e.g. http://nadiana.com/py

[issue9965] Loading malicious pickle may cause excessive memory usage

Changes by Alexandre Vassalotti : -- nosy: +pitrou ___ Python tracker ___ ___ Python-bugs-list mailing list Unsubscribe: http://mail.p

[issue9965] Loading malicious pickle may cause excessive memory usage

New submission from Alexandre Vassalotti : This was mentioned during the review of issue #9410 (http://codereview.appspot.com/1694050/diff/2001/3001#newcode347), however we forgot to fix this. The new array-based memo for the Unpickler class assumes incorrectly that memo indices are always con