how do I read a series of pickled objects from a socket?
Jp Calderone
exarkun at divmod.com
Wed Nov 17 10:43:52 EST 2004
On Tue, 16 Nov 2004 12:55:06 -0800 (PST), Ryan Grow <ryangrow at yahoo.com> wrote:
>Hi,
>
> I am trying to figure out the correct and most
> reliable way to read a series of pickled objects from
> a socket.
> I've found examples that do something like this:
>
> while 1:
> data = conn.recv(500)
> obj = pickle.loads(data)
> # do stuff with object
>
> I don't think the above example would work for my
> application. The above example might work if the
> server never expects to get more than one object on
> the socket at a time.
>
> The server I'm writing will get a series of objects so
> it will need to know where each pickled object ends in
> the stream so it knows where to start reading the next
> object from.
>
> Is there a correct way to identify the terminator of a
> pickled object? Is there a standard and correct way
> for the pickle module to easily read pickled objects
> from a socket?
>
The above approach has several problems. The most obvious of these are that it is unbelievably insecure, anyone who can connect to the server can cause it to execute arbitrary code, and that it lacks the necessary buffering code to make the right bytes actually show up in the right place.
Instead of creating your own, you may wish to investigate an existing remote object protocol. Python has quite a group of them. One reasonable starting place is the "Perspective Broker" section of http://twistedmatrix.com/documents/current/howto/
Jp
More information about the Python-list
mailing list