ImportError: Import by filename is not supported when unpickleing

Larry Martell larry.martell at gmail.com
Thu Jul 28 05:57:27 EDT 2016 

On Thu, Jul 28, 2016 at 1:58 AM, Steven D'Aprano
<steve+comp.lang.python at pearwood.info> wrote:
> On Thursday 28 July 2016 12:39, Larry Martell wrote:
>
>> I have an object of type Target:
>>
>> (Pdb) type(target)
>> <class 'workitem.Target'>
>>
>> And I pickle it like this:
>>
>> (Pdb) type(pickle.dumps(target))
>> <type 'str'>
>>
>> And then it looks like this:
>>
>> (Pdb) pickle.dumps(target)
>>
> "ccopy_reg\n_reconstructor\np0\n(cworkitem\nTarget\np1\nc__builtin__\nobject\np2\nNtp3\nRp4\n(dp5\nS'histologySections'\np6\n(lp7\nsS'registrationTransforms'\np8\nV\np9\nsS'valueMaps'\np10\n(dp11\nsS'targetID'\np12\nVRight-
> CarotidArtery\np13\nsS'targetInitializer'\np14\ng9\nsS'regions'\np15\n(dp16\nsS'bodySite'\np17\nVRightCarotid\np18\nsS'targetLocalFolderName'\np19\nV21597135/wi-54976537/Right-
> CarotidArtery\np20\nsS'readingsLocalFileName'\np21\ng9\nsS'probabilityMaps'\np22\n(dp23\nsS'targetPath'\np24\ng9\nsb."
>
> Gag me with a spoon!
>
> What happens if you do
>
> s = pickle.dumps(target)
> pickle.loads(s)
>
> Do you get the same error?

No that works fine. I get back a target object with the same content.

>> And I pass it into a subprocess.Popen call. Then in the program that
>> is called, it comes in as a string:
>>
>> (Pdb) type(args.target)
>> <type 'str'>
>>
>> With the same content:
>>
>> (Pdb) args.target
>>
> "ccopy_reg\n_reconstructor\np0\n(cworkitem\nTarget\np1\nc__builtin__\nobject\np2\nNtp3\nRp4\n(dp5\nS'histologySections'\np6\n(lp7\nsS'registrationTransforms'\np8\nV\np9\nsS'valueMaps'\np10\n(dp11\nsS'targetID'\np12\nVRight-
> CarotidArtery\np13\nsS'targetInitializer'\np14\ng9\nsS'regions'\np15\n(dp16\nsS'bodySite'\np17\nVRightCarotid\np18\nsS'targetLocalFolderName'\np19\nV21597135/wi-54976537/Right-
> CarotidArtery\np20\nsS'readingsLocalFileName'\np21\ng9\nsS'probabilityMaps'\np22\n(dp23\nsS'targetPath'\np24\ng9\nsb."
>
> Are you sure it's the same content, and not just the same to the naked eye?
>
>> And when I unpickle it I get the error:
>>
>> (Pdb) pickle.loads(args.target)
>> ***ImportError: Import by filename is not supported.
>
> Does the target process already have workitem imported? What happens if you
> import workitem first?

Yes, workitem is already imported.

Here is something interesting I just discovered. In the called
program, if I print out argv[8] (which is the pickled item) and then
copy/paste it into loads it works fine. But if I call loads directly
with argv[8] I get the error. But I don't know what the significance
is of that data point is.

> By the way, just in case this is relevant to you... pickle is an insecure
> format. If your target process is running in a context where it can receive
> pickles from untrusted clients, you're vulnerable to them running arbitrary
> code on your machine.
>
> If you are trying to do a remote procedure call, rather than invent your own,
> you should use a reliable, trusted library. I've used both rpyc and Pyro and
> can recommend them both:
>
> https://pypi.python.org/pypi/rpyc/
> https://pypi.python.org/pypi/Pyro4/

I'm calling a local program, and this is an in house run script.

More information about the Python-list mailing list