[Patches] [ python-Patches-505705 ] Remove eval in pickle
noreply@sourceforge.net
noreply@sourceforge.net
Sat, 19 Jan 2002 01:21:39 -0800
Patches item #505705, was opened at 2002-01-19 01:21
You can respond by visiting:
http://sourceforge.net/tracker/?func=detail&atid=305470&aid=505705&group_id=5470
Category: Core (C code)
Group: None
Status: Open
Resolution: None
Priority: 5
Submitted By: Martin v. Löwis (loewis)
Assigned to: Nobody/Anonymous (nobody)
Summary: Remove eval in pickle
Initial Comment:
This patch removes the use of eval in pickle and cPickle.
It does so by:
- moving the actual parsing from compile.c:parsestr to
PyString_DecodeEscape
- introducing a new codec string-escape
- removing the code that checks that a
string-to-unpickle is properly escaped throughout, and
replaces this with a check whether it is properly quoted,
- unquoting the string in load_string, then passing it
to the codec.
This fixes #502503.
----------------------------------------------------------------------
You can respond by visiting:
http://sourceforge.net/tracker/?func=detail&atid=305470&aid=505705&group_id=5470