rep = orig[:-1]
for q in (b'"', b"'"): # double or single quote
if rep.startswith(q):
- if not rep.endswith(q):
+ if len(rep) < 2 or not rep.endswith(q):
raise ValueError("insecure string pickle")
rep = rep[len(q):-len(q)]
break
b"'abc\"", # open quote and close quote don't match
b"'abc' ?", # junk after close quote
b"'\\'", # trailing backslash
+ # Variations on issue #17710
+ b"'",
+ b'"',
+ b"' ",
+ b"' ",
+ b"' ",
+ b"' ",
+ b'" ',
# some tests of the quoting rules
## b"'abc\"\''",
## b"'\\\\a\'\'\'\\\'\\\\\''",
Library
-------
+- Issue #17710: Fix pickle raising a SystemError on bogus input.
+
- Issue #17341: Include the invalid name in the error messages from re about
invalid group names.
if ((len = _Unpickler_Readline(self, &s)) < 0)
return -1;
- if (len < 3)
+ if (len < 2)
return bad_readline();
if ((s = strdup(s)) == NULL) {
PyErr_NoMemory();
}
/* Strip outermost quotes */
- while (s[len - 1] <= ' ')
+ while (len > 0 && s[len - 1] <= ' ')
len--;
- if (s[0] == '"' && s[len - 1] == '"') {
+ if (len > 1 && s[0] == '"' && s[len - 1] == '"') {
s[len - 1] = '\0';
p = s + 1;
len -= 2;
}
- else if (s[0] == '\'' && s[len - 1] == '\'') {
+ else if (len > 1 && s[0] == '\'' && s[len - 1] == '\'') {
s[len - 1] = '\0';
p = s + 1;
len -= 2;
projects / python / commitdiff