Patch #505705: Remove eval in pickle and cPickle.
diff --git a/Modules/_codecsmodule.c b/Modules/_codecsmodule.c
index d663293..1e3fc5d 100644
--- a/Modules/_codecsmodule.c
+++ b/Modules/_codecsmodule.c
@@ -71,7 +71,6 @@
return NULL;
}
-#ifdef Py_USING_UNICODE
/* --- Helpers ------------------------------------------------------------ */
static
@@ -97,6 +96,49 @@
return v;
}
+/* --- String codecs ------------------------------------------------------ */
+static PyObject *
+escape_decode(PyObject *self,
+ PyObject *args)
+{
+ const char *errors = NULL;
+ const char *data;
+ int size;
+
+ if (!PyArg_ParseTuple(args, "s#|z:escape_decode",
+ &data, &size, &errors))
+ return NULL;
+ return codec_tuple(PyString_DecodeEscape(data, size, errors, 0, NULL),
+ size);
+}
+
+static PyObject *
+escape_encode(PyObject *self,
+ PyObject *args)
+{
+ PyObject *str;
+ const char *errors = NULL;
+ char *buf;
+ int len;
+
+ if (!PyArg_ParseTuple(args, "O!|z:escape_encode",
+ &PyString_Type, &str, &errors))
+ return NULL;
+
+ str = PyString_Repr(str, 0);
+ if (!str)
+ return NULL;
+
+ /* The string will be quoted. Unquote, similar to unicode-escape. */
+ buf = PyString_AS_STRING (str);
+ len = PyString_GET_SIZE (str);
+ memmove(buf, buf+1, len-2);
+ _PyString_Resize(&str, len-2);
+
+ return codec_tuple(str, PyString_Size(str));
+}
+
+#ifdef Py_USING_UNICODE
/* --- Decoder ------------------------------------------------------------ */
static PyObject *
@@ -669,6 +711,8 @@
static PyMethodDef _codecs_functions[] = {
{"register", codecregister, METH_VARARGS},
{"lookup", codeclookup, METH_VARARGS},
+ {"escape_encode", escape_encode, METH_VARARGS},
+ {"escape_decode", escape_decode, METH_VARARGS},
#ifdef Py_USING_UNICODE
{"utf_8_encode", utf_8_encode, METH_VARARGS},
{"utf_8_decode", utf_8_decode, METH_VARARGS},
diff --git a/Modules/cPickle.c b/Modules/cPickle.c
index d1f7867..14936a6 100644
--- a/Modules/cPickle.c
+++ b/Modules/cPickle.c
@@ -2864,46 +2864,35 @@
load_string(Unpicklerobject *self)
{
PyObject *str = 0;
- int len, res = -1, nslash;
- char *s, q, *p;
-
- static PyObject *eval_dict = 0;
+ int len, res = -1;
+ char *s, *p;
if ((len = (*self->readline_func)(self, &s)) < 0) return -1;
if (len < 2) return bad_readline();
if (!( s=pystrndup(s,len))) return -1;
- /* Check for unquoted quotes (evil strings) */
- q=*s;
- if (q != '"' && q != '\'') goto insecure;
- for (p=s+1, nslash=0; *p; p++) {
- if (*p==q && nslash%2==0) break;
- if (*p=='\\') nslash++;
- else nslash=0;
- }
- if (*p == q) {
- for (p++; *p; p++)
- if (*(unsigned char *)p > ' ')
- goto insecure;
- }
- else
+
+ /* Strip outermost quotes */
+ while (s[len-1] <= ' ')
+ len--;
+ if(s[0]=='"' && s[len-1]=='"'){
+ s[len-1] = '\0';
+ p = s + 1 ;
+ len -= 2;
+ } else if(s[0]=='\'' && s[len-1]=='\''){
+ s[len-1] = '\0';
+ p = s + 1 ;
+ len -= 2;
+ } else
goto insecure;
/********************************************/
- if (!( eval_dict ))
- if (!( eval_dict = Py_BuildValue("{s{}}", "__builtins__")))
- goto finally;
-
- if (!( str = PyRun_String(s, Py_eval_input, eval_dict, eval_dict)))
- goto finally;
-
+ str = PyString_DecodeEscape(p, len, NULL, 0, NULL);
+ if (str) {
+ PDATA_PUSH(self->stack, str, -1);
+ res = 0;
+ }
free(s);
- PDATA_PUSH(self->stack, str, -1);
- return 0;
-
- finally:
- free(s);
-
return res;
insecure: