From: Amaury Forgeot d'Arc Date: Thu, 23 Jul 2009 22:31:47 +0000 (+0000) Subject: Merged revisions 74189 via svnmerge from X-Git-Tag: v2.6.3rc1~134 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=47ccf0cbbaa4797d9d32c51c70d51a711a8d5fe0;p=python Merged revisions 74189 via svnmerge from svn+ssh://pythondev@svn.python.org/python/trunk ........ r74189 | amaury.forgeotdarc | 2009-07-23 21:26:02 +0200 (jeu., 23 juil. 2009) | 4 lines #6553: crash in cPickle.load(), when given a StringIO with incomplete data. Will backport to 2.6, 3.x already fixed a similar issue with issue4298. ........ --- diff --git a/Lib/test/pickletester.py b/Lib/test/pickletester.py index f7099a1b30..73ca926965 100644 --- a/Lib/test/pickletester.py +++ b/Lib/test/pickletester.py @@ -1,6 +1,7 @@ import unittest import pickle import cPickle +import StringIO import pickletools import copy_reg @@ -1015,6 +1016,10 @@ class AbstractPickleModuleTests(unittest.TestCase): self.module.Pickler(f, -1) self.module.Pickler(f, protocol=-1) + def test_incomplete_input(self): + s = StringIO.StringIO("X''.") + self.assertRaises(EOFError, self.module.load, s) + class AbstractPersistentPicklerTests(unittest.TestCase): # This class defines persistent_id() and persistent_load() diff --git a/Misc/NEWS b/Misc/NEWS index df3c2a53b2..3374e13a98 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -273,6 +273,9 @@ Core and Builtins Library ------- +- Issue #6553: Fixed a crash in cPickle.load(), when given a file-like object + containing incomplete data. + - Issue #2622: Fixed an ImportError when importing email.messsage from a standalone application built with py2exe or py2app. diff --git a/Modules/cPickle.c b/Modules/cPickle.c index 1cef5c1f70..8fa4a66c36 100644 --- a/Modules/cPickle.c +++ b/Modules/cPickle.c @@ -663,6 +663,12 @@ read_other(Unpicklerobject *self, char **s, Py_ssize_t n) self->last_string = str; if (! (*s = PyString_AsString(str))) return -1; + + if (PyString_GET_SIZE(str) != n) { + PyErr_SetNone(PyExc_EOFError); + return -1; + } + return n; }