Issue #17710: Fix cPickle raising a SystemError on bogus input.
diff --git a/Lib/pickle.py b/Lib/pickle.py
index 5b95cba..508e858 100644
--- a/Lib/pickle.py
+++ b/Lib/pickle.py
@@ -962,7 +962,7 @@
rep = self.readline()[:-1]
for q in "\"'": # double or single quote
if rep.startswith(q):
- if not rep.endswith(q):
+ if len(rep) < 2 or not rep.endswith(q):
raise ValueError, "insecure string pickle"
rep = rep[len(q):-len(q)]
break
diff --git a/Lib/test/pickletester.py b/Lib/test/pickletester.py
index 7f43dfb..34cafcb 100644
--- a/Lib/test/pickletester.py
+++ b/Lib/test/pickletester.py
@@ -538,6 +538,8 @@
"'abc\"", # open quote and close quote don't match
"'abc' ?", # junk after close quote
"'\\'", # trailing backslash
+ "'", # issue #17710
+ "' ", # issue #17710
# some tests of the quoting rules
#"'abc\"\''",
#"'\\\\a\'\'\'\\\'\\\\\''",
diff --git a/Misc/NEWS b/Misc/NEWS
index 3ccdb10..fc81740 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -28,6 +28,8 @@
Library
-------
+- Issue #17710: Fix cPickle raising a SystemError on bogus input.
+
- Issue #17341: Include the invalid name in the error messages from re about
invalid group names.
diff --git a/Modules/cPickle.c b/Modules/cPickle.c
index d74ec5b..8145bbf 100644
--- a/Modules/cPickle.c
+++ b/Modules/cPickle.c
@@ -3643,17 +3643,19 @@
/* Strip outermost quotes */
- while (s[len-1] <= ' ')
+ while (len > 0 && s[len-1] <= ' ')
len--;
- if(s[0]=='"' && s[len-1]=='"'){
+ if (len > 1 && s[0]=='"' && s[len-1]=='"') {
s[len-1] = '\0';
p = s + 1 ;
len -= 2;
- } else if(s[0]=='\'' && s[len-1]=='\''){
+ }
+ else if (len > 1 && s[0]=='\'' && s[len-1]=='\'') {
s[len-1] = '\0';
p = s + 1 ;
len -= 2;
- } else
+ }
+ else
goto insecure;
/********************************************/