[ python-Bugs-1122301 ] marshal may crash on truncated input
SourceForge.net
noreply at sourceforge.net
Mon Feb 14 12:14:22 CET 2005
Bugs item #1122301, was opened at 2005-02-14 12:14
Message generated for change (Tracker Item Submitted) made by Item Submitter
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1122301&group_id=5470
Category: Python Library
Group: Python 2.4
Status: Open
Resolution: None
Priority: 5
Submitted By: Fredrik Lundh (effbot)
Assigned to: Nobody/Anonymous (nobody)
Summary: marshal may crash on truncated input
Initial Comment:
marshal doesn't behave well on truncated or otherwise
malformed input. here's a short demo script, from a
recent comp.lang.python thread:
:::
the problem is that the following may or may not reach
the "done!" statement, somewhat depending on python
version, memory allocator, and what data you pass to
dumps.
import marshal
data = marshal.dumps((1, 2, 3, "hello", 4, 5, 6))
for i in range(len(data), -1, -1):
try:
print marshal.loads(data[:i])
except EOFError:
print "EOFError"
except ValueError:
print "ValueError"
print "done!"
(try different data combinations, to see how far you get
on your platform...)
fixing this should be relatively easy, and should result in
a safe unmarshaller (your application will still have to
limit the amount of data fed into load/loads, of course).
:::
(also note that marshal may raise either EOFError or
ValueError exceptions, again somewhat depending on
how the file is damaged. a little consistency wouldn't
hurt, but I'm not sure if/how this can be fixed...)
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=105470&aid=1122301&group_id=5470
More information about the Python-bugs-list
mailing list