Harmonize extension code checks in pickle #123431
Labels
3.12
only security fixes
3.13
bugs and security fixes
3.14
bugs and security fixes
extension-modules
C modules in the Modules dir
stdlib
Python modules in the Lib dir
Comments
serhiy-storchaka
added a commit
to serhiy-storchaka/cpython
that referenced
this issue
Aug 28, 2024
This checks are redundant in normal circumstances and can only work if the extension registry was intentionally broken. * The Python implementation now raises exception for the extension code with false boolean value. * Simplify the C code. RuntimeError is now raised in explicit checks. * Add many tests.
serhiy-storchaka
added a commit
that referenced
this issue
Aug 29, 2024
This checks are redundant in normal circumstances and can only work if the extension registry was intentionally broken. * The Python implementation now raises exception for the extension code with false boolean value. * Simplify the C code. RuntimeError is now raised in explicit checks. * Add many tests.
miss-islington
pushed a commit
to miss-islington/cpython
that referenced
this issue
Aug 29, 2024
…123434) This checks are redundant in normal circumstances and can only work if the extension registry was intentionally broken. * The Python implementation now raises exception for the extension code with false boolean value. * Simplify the C code. RuntimeError is now raised in explicit checks. * Add many tests. (cherry picked from commit 0c3ea30) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
miss-islington
pushed a commit
to miss-islington/cpython
that referenced
this issue
Aug 29, 2024
…123434) This checks are redundant in normal circumstances and can only work if the extension registry was intentionally broken. * The Python implementation now raises exception for the extension code with false boolean value. * Simplify the C code. RuntimeError is now raised in explicit checks. * Add many tests. (cherry picked from commit 0c3ea30) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
This was referenced Aug 29, 2024
Yhg1s
pushed a commit
that referenced
this issue
Sep 2, 2024
… (#123459) gh-123431: Harmonize extension code checks in pickle (GH-123434) This checks are redundant in normal circumstances and can only work if the extension registry was intentionally broken. * The Python implementation now raises exception for the extension code with false boolean value. * Simplify the C code. RuntimeError is now raised in explicit checks. * Add many tests. (cherry picked from commit 0c3ea30) Co-authored-by: Serhiy Storchaka <storchaka@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
The C implementation of
picklechecks (partially explicitly, partially implicitly) the type and the range of the value returned by the extension registry. These checks are redundant in normal circumstances, because it is already checked incopyreg.add_extension()which is the only public interface for registering an extension. It is still worth to have some checks in the C code to prevent crash, undefined behavior or producing incorrect output in improbable situation (realistically, this can happen only if you broke the extension registry).The Python implementation does not have explicit check. Broken extension registry will cause errors (with different type and message, but this is not important), except one case -- the code with the false boolean value (
0,None,(), etc) -- in that case it produces output. Although, there is a difference when the code has__index__method but is notint.The following PR makes both implementations raising exception in the same circumstances (although the type of the exception may be different). The C checks are simplified. The Python check made more reliable.
Linked PRs
The text was updated successfully, but these errors were encountered: