search

quatrope / ProperImage

Proper Image utils for astronomy.
BSD 3-Clause "New" or "Revised" License
26 stars 6 forks source link

Python RestrictedUnpickler issue #70

Closed ashishsme14 closed 3 years ago

ashishsme14 commented 3 years ago

We had written code as -

import os
import builtins
import pickle
import sys
sys.tracebacklimit=0
import traceback
import io
from logging import Logger

safe_builtins = {
        'range',
        'complex',
        'set',
        'frozenset'
        }

class RestrictedUnpickler(pickle.Unpickler):
  def find_class(self, module, name):
  # Only allow safe classes from builtins.
   if module == "builtins" and name in safe_builtins:
       return getattr(builtins, name)
    # Forbid everything else.
   raise pickle.UnpicklingError("global '%s.%s' is forbidden" %
   (module, name))

def restricted_loads(s):
    """Helper function analogous to pickle.loads()."""
    return RestrictedUnpickler(io.BytesIO(s)).load()

def func1(a): 
  try: 
    x= restricted_loads(pickle.dumps(a))
    return x 
  except pickle.UnpicklingError : 
    s= pickle.UnpicklingError("unsupported persistent object") 
    return s

def func2(s):
  try:
    x=restricted_loads(pickle.dumps(s))
    return s[x]
  except pickle.UnpicklingError :
    s=traceback.format_exc()
    return s

if __name__ == "__main__":
       a=range(int(input())) 
       b=func1(a)
       print(b)
       y=tuple(input())
       z=func2(y)
       print(z)

Getting TypeError: tuple indices must be integers or slices, not tuple

Input (stdin)

50 
"a", "b", "c", "d", "e", "f", "g", "h"

Your Output (stdout) range(0, 50)

Expected Output 

range(0, 50) 
Traceback (most recent call last): 
_pickle.UnpicklingError: global 'builtins.slice' is forbidden

Safe

BrunoSanchez commented 3 years ago

I don't see relation to our project. Sorry but if you can clarify and post a clear description, please re-open it and I will personally take care of the issue. Thanks