[Python-checkins] CVS: python/dist/src/Lib/test test_pickle.py,1.1,1.2 test_cpickle.py,1.5,1.6
Jeremy Hylton
python-dev@python.org
Fri, 15 Sep 2000 08:14:54 -0700
Update of /cvsroot/python/python/dist/src/Lib/test
In directory slayer.i.sourceforge.net:/tmp/cvs-serv25891/Lib/test
Modified Files:
test_pickle.py test_cpickle.py
Log Message:
Fix Bug #114293:
Strings are unpickled by calling eval on the string's repr. This
change makes pickle work like cPickle; it checks if the pickled
string is safe to eval and raises ValueError if it is not.
test suite modifications:
Verify that pickle catches a variety of insecure string pickles
Make test_pickle and test_cpickle use exactly the same test suite
Add test for pickling recursive object
Index: test_pickle.py
===================================================================
RCS file: /cvsroot/python/python/dist/src/Lib/test/test_pickle.py,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -r1.1 -r1.2
*** test_pickle.py 1999/03/25 22:38:44 1.1
--- test_pickle.py 2000/09/15 15:14:51 1.2
***************
*** 1,4 ****
--- 1,5 ----
# Test the pickle module
+ # break into multiple strings to please font-lock-mode
DATA = """(lp0
I0
***************
*** 8,12 ****
complex
p1
! (F3.0
F0.0
tp2
--- 9,14 ----
complex
p1
! """ \
! """(F3.0
F0.0
tp2
***************
*** 15,22 ****
p4
g4
! (i__main__
C
p5
! (dp6
S'foo'
p7
--- 17,26 ----
p4
g4
! """ \
! """(i__main__
C
p5
! """ \
! """(dp6
S'foo'
p7
***************
*** 34,39 ****
BINDATA = ']q\000(K\000L1L\012G@\000\000\000\000\000\000\000c__builtin__\012complex\012q\001(G@\010\000\000\000\000\000\000G\000\000\000\000\000\000\000\000tq\002Rq\003(U\003abcq\004h\004(c__main__\012C\012q\005oq\006}q\007(U\003fooq\010K\001U\003barq\011K\002ubh\006tq\012h\012K\005e.'
- import pickle
-
class C:
def __cmp__(self, other):
--- 38,41 ----
***************
*** 43,47 ****
__main__.C = C
! def dotest():
c = C()
c.foo = 1
--- 45,49 ----
__main__.C = C
! def dotest(pickle):
c = C()
c.foo = 1
***************
*** 52,55 ****
--- 54,59 ----
x.append(y)
x.append(5)
+ r = []
+ r.append(r)
print "dumps()"
s = pickle.dumps(x)
***************
*** 72,75 ****
if x2 == x: print "ok"
else: print "bad"
! dotest()
--- 76,140 ----
if x2 == x: print "ok"
else: print "bad"
+ s = pickle.dumps(r)
+ print "dumps() RECURSIVE"
+ x2 = pickle.loads(s)
+ if x2 == r: print "ok"
+ else: print "bad"
+
+ # Test protection against closed files
+ import tempfile, os
+ fn = tempfile.mktemp()
+ f = open(fn, "w")
+ f.close()
+ try:
+ pickle.dump(123, f)
+ except ValueError:
+ pass
+ else:
+ print "dump to closed file should raise ValueError"
+ f = open(fn, "r")
+ f.close()
+ try:
+ pickle.load(f)
+ except ValueError:
+ pass
+ else:
+ print "load from closed file should raise ValueError"
+ os.remove(fn)
+
+ # Test specific bad cases
+ for i in range(10):
+ try:
+ x = pickle.loads('garyp')
+ except KeyError, y:
+ # pickle
+ del y
+ except pickle.BadPickleGet, y:
+ # cPickle
+ del y
+ else:
+ print "unexpected success!"
+ break
+
+ # Test insecure strings
+ insecure = ["abc", "2 + 2", # not quoted
+ "'abc' + 'def'", # not a single quoted string
+ "'abc", # quote is not closed
+ "'abc\"", # open quote and close quote don't match
+ "'abc' ?", # junk after close quote
+ # some tests of the quoting rules
+ "'abc\"\''",
+ "'\\\\a\'\'\'\\\'\\\\\''",
+ ]
+ for s in insecure:
+ buf = "S" + s + "\012p0\012."
+ try:
+ x = pickle.loads(buf)
+ except ValueError:
+ pass
+ else:
+ print "accepted insecure string: %s" % repr(buf)
+
! import pickle
! dotest(pickle)
Index: test_cpickle.py
===================================================================
RCS file: /cvsroot/python/python/dist/src/Lib/test/test_cpickle.py,v
retrieving revision 1.5
retrieving revision 1.6
diff -C2 -r1.5 -r1.6
*** test_cpickle.py 2000/04/21 20:49:58 1.5
--- test_cpickle.py 2000/09/15 15:14:51 1.6
***************
*** 1,107 ****
# Test the cPickle module
- DATA = """(lp0
- I0
- aL1L
- aF2.0
- ac__builtin__
- complex
- p1
- (F3.0
- F0.0
- tp2
- Rp3
- a(S'abc'
- p4
- g4
- (i__main__
- C
- p5
- (dp6
- S'foo'
- p7
- I1
- sS'bar'
- p8
- I2
- sbg5
- tp9
- ag9
- aI5
- a.
- """
-
- BINDATA = ']q\000(K\000L1L\012G@\000\000\000\000\000\000\000c__builtin__\012complex\012q\001(G@\010\000\000\000\000\000\000G\000\000\000\000\000\000\000\000tq\002Rq\003(U\003abcq\004h\004(c__main__\012C\012q\005oq\006}q\007(U\003fooq\010K\001U\003barq\011K\002ubh\006tq\012h\012K\005e.'
-
import cPickle
!
! class C:
! def __cmp__(self, other):
! return cmp(self.__dict__, other.__dict__)
!
! import __main__
! __main__.C = C
!
! def dotest():
! c = C()
! c.foo = 1
! c.bar = 2
! x = [0, 1L, 2.0, 3.0+0j]
! y = ('abc', 'abc', c, c)
! x.append(y)
! x.append(y)
! x.append(5)
! print "dumps()"
! s = cPickle.dumps(x)
! print "loads()"
! x2 = cPickle.loads(s)
! if x2 == x: print "ok"
! else: print "bad"
! print "loads() DATA"
! x2 = cPickle.loads(DATA)
! if x2 == x: print "ok"
! else: print "bad"
! print "dumps() binary"
! s = cPickle.dumps(x, 1)
! print "loads() binary"
! x2 = cPickle.loads(s)
! if x2 == x: print "ok"
! else: print "bad"
! print "loads() BINDATA"
! x2 = cPickle.loads(BINDATA)
! if x2 == x: print "ok"
! else: print "bad"
!
! # Test protection against closed files
! import tempfile, os
! fn = tempfile.mktemp()
! f = open(fn, "w")
! f.close()
! try:
! cPickle.dump(123, f)
! except ValueError:
! pass
! else:
! print "dump to closed file should raise ValueError"
! f = open(fn, "r")
! f.close()
! try:
! cPickle.load(f)
! except ValueError:
! pass
! else:
! print "load from closed file should raise ValueError"
! os.remove(fn)
!
! # Test specific bad cases
! for i in range(10):
! try:
! x = cPickle.loads('garyp')
! except cPickle.BadPickleGet, y:
! del y
! else:
! print "unexpected success!"
! break
!
!
! dotest()
--- 1,5 ----
# Test the cPickle module
import cPickle
! import test_pickle
! test_pickle.dotest(cPickle)