Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #20948
| References | <CAJ1erZ0s-aEzD_uYqY4=bhbwAkBRykXD72Lfx7bCmecRDazhAw@mail.gmail.com> <jid71t$eh6$1@dough.gmane.org> <CAPTjJmq4s3kY0s3CNw5ZnzngfknT-vP-N8OWm0_thvLs6Y0gDQ@mail.gmail.com> |
|---|---|
| From | Ian Kelly <ian.g.kelly@gmail.com> |
| Date | 2012-02-27 11:24 -0700 |
| Subject | Re: pickle handling multiple objects .. |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.206.1330367096.3037.python-list@python.org> (permalink) |
On Sun, Feb 26, 2012 at 6:00 AM, Chris Angelico <rosuav@gmail.com> wrote: > Additionally, you'll get a weird crash out of your program if load() > returns something other than a sequence of length 3. Remember, > everything that comes from outside your code is untrusted, even if you > think you made it just two seconds ago. While that's true, if your pickle is untrusted then a ValueError from unpacking is the least of your worries. You should never attempt to load an untrusted pickle in the first place, as doing so allows it to execute arbitrary code on your system. Cheers, Ian
Back to comp.lang.python | Previous | Next | Find similar | Unroll thread
Re: pickle handling multiple objects .. Ian Kelly <ian.g.kelly@gmail.com> - 2012-02-27 11:24 -0700
csiph-web