Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bpo-38384: Fix a possible assertion failure in _pickle #16606

Open
wants to merge 7 commits into
base: main
Choose a base branch
from
Open

bpo-38384: Fix a possible assertion failure in _pickle #16606

wants to merge 7 commits into from
+69 −3

Conversation

ZackerySpytz
Copy link
Contributor

@ZackerySpytz ZackerySpytz commented Oct 6, 2019
edited by bedevere-bot

In _Unpickler_SetInputStream(), _PyObject_LookupAttrId() is called
three times in a row without any error handling. If an exception
occurs during the first or second call, _PyObject_LookupAttrId()
will be called with a live exception.

https://bugs.python.org/issue38384

@ZackerySpytz
bpo-38384: Fix a possible assertion failure in _pickle
afdb094 
In _Unpickler_SetInputStream(), _PyObject_LookupAttrId() is called
three times in a row without any error handling.  If an exception
occurs during the first or second call, _PyObject_LookupAttrId()
will be called with a live exception.
serhiy-storchaka
serhiy-storchaka requested changes Oct 6, 2019
View changes
Copy link
Member

@serhiy-storchaka serhiy-storchaka left a comment

Please add a test.

@bedevere-bot
Copy link

bedevere-bot commented Oct 6, 2019

A Python core developer has requested some changes be made to your pull request before we can consider merging it. If you could please address their requests along with any other requests in other reviews from core developers that would be appreciated.

Once you have made the requested changes, please leave a comment on this pull request containing the phrase I have made the requested changes; please review again. I will then notify any core developers who have left a review that you're ready for them to take another look at this pull request.

@serhiy-storchaka
Copy link
Member

serhiy-storchaka commented Oct 21, 2019

Minimal reproducer (but you can add readline and readinto):

class F:
    @property
    def read(self):
        1/0

import pickle
pickle.load(F())

@taleinat
Copy link
Contributor

taleinat commented Nov 13, 2019

@ZackerySpytz Ping?

@taleinat
Copy link
Contributor

taleinat commented Nov 22, 2019

Hi @ZackerySpytz! This is looking good!

Make sure to also add a NEWS entry (you can use blurb-it).

@iritkatriel
Copy link
Member

iritkatriel commented Oct 17, 2021

Please add a test.

@ZackerySpytz has added a test. Shall we merge this?

serhiy-storchaka
serhiy-storchaka reviewed Oct 19, 2021
View changes
Lib/test/pickletester.py Outdated
@@ -3136,6 +3136,18 @@ def __init__(self): pass
self.assertRaises(pickle.PicklingError, BadPickler().dump, 0)
self.assertRaises(pickle.UnpicklingError, BadUnpickler().load)

def test_load_read_exception(self):
Copy link
Member

@serhiy-storchaka serhiy-storchaka Oct 19, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

readinto will not be tested if read raises an error. You need six tests for classes which do not have one of these attributes or raise error for it but have other two attributes.

Modules/_pickle.c Outdated
if (_PyObject_LookupAttrId(file, &PyId_read, &self->read) <= 0) {
goto error;
}
if (_PyObject_LookupAttrId(file, &PyId_readinto, &self->readinto) <= 0) {
Copy link
Member

@serhiy-storchaka serhiy-storchaka Oct 19, 2021

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

readinto is optional now.

Ifs for read and readline can be merged.

@ZackerySpytz ZackerySpytz mannequin mentioned this pull request Apr 10, 2022
Open
@furkanonder
Copy link
Sponsor Contributor

furkanonder commented Dec 22, 2022

LGTM. @serhiy-storchaka

serhiy-storchaka
serhiy-storchaka reviewed Dec 22, 2022
View changes
Copy link
Member

@serhiy-storchaka serhiy-storchaka left a comment

LGTM.

Please add few more test cases:

  • no read, no readline
  • read = bad_property, no readline
  • readline = bad_property, no read

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@serhiy-storchaka serhiy-storchaka

@furkanonder furkanonder

@bumper-furkan-onder bumper-furkan-onder

Assignees
No one assigned
Labels
awaiting changes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
9 participants
@ZackerySpytz @bedevere-bot @serhiy-storchaka @taleinat @iritkatriel @furkanonder @bumper-furkan-onder @the-knights-who-say-ni @ezio-melotti