Closed pixeebot[bot] closed 5 months ago
I'm confident in this change, but I'm not a maintainer of this project. Do you see any reason not to merge it?
If this change was not helpful, or you have suggestions for improvements, please let me know!
Just a friendly ping to remind you about this change. If there are concerns about it, we'd love to hear about them!
@pixeebot next
@pixeeai, I opened PR #7, go check it out!
Python's
pickle
module is notoriouly insecure. While it is very useful for serializing and deserializing Python objects, it is not safe to usepickle
to load data from untrusted sources. This is becausepickle
can execute arbitrary code when loading data. This can be exploited by an attacker to execute arbitrary code on your system. Unlikeyaml
there is no concept of a "safe" loader inpickle
. Therefore, it is recommended to avoidpickle
and to use a different serialization format such asjson
oryaml
when working with untrusted data.However, if you must use
pickle
to load data from an untrusted source, we recommend using the open-sourcefickling
library.fickling
is a drop-in replacement forpickle
that validates the data before loading it and checks for the possibility of code execution. This makes it much safer (although still not entirely safe) to usepickle
to load data from untrusted sources.This codemod replaces calls to
pickle.load
withfickling.load
in Python code. It also adds an import statement forfickling
if it is not already present.The changes look like the following:
Dependency Updates
This codemod relies on an external dependency. We have automatically added this dependency to your project's
pyproject.toml
file.This package provides analysis of pickled data to help identify potential security vulnerabilities.
There are a number of places where Python project dependencies can be expressed, including
setup.py
,pyproject.toml
,setup.cfg
, andrequirements.txt
files. If this change is incorrect, or if you are using another packaging system such aspoetry
, it may be necessary for you to manually add the dependency to the proper location in your project.More reading
* [https://docs.python.org/3/library/pickle.html](https://docs.python.org/3/library/pickle.html) * [https://owasp.org/www-community/vulnerabilities/Deserialization_of_untrusted_data](https://owasp.org/www-community/vulnerabilities/Deserialization_of_untrusted_data) * [https://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html#clear-box-review_1](https://cheatsheetseries.owasp.org/cheatsheets/Deserialization_Cheat_Sheet.html#clear-box-review_1) * [https://github.com/trailofbits/fickling](https://github.com/trailofbits/fickling)I have additional improvements ready for this repo! If you want to see them, leave the comment:
... and I will open a new PR right away!
Powered by: pixeebot (codemod ID: pixee:python/harden-pickle-load)