[NumPy-Tickets] [NumPy] #1708: pickle.loads() of pickled numpy.array can corrupt memory
NumPy Trac
numpy-tickets@scipy....
Mon Jan 10 14:24:38 CST 2011
#1708: pickle.loads() of pickled numpy.array can corrupt memory
--------------------+-------------------------------------------------------
Reporter: quarl | Owner: somebody
Type: defect | Status: new
Priority: high | Milestone: 2.0.0
Component: Other | Version: 1.4.1
Keywords: |
--------------------+-------------------------------------------------------
We discovered that pickle.loads() on a pickled numpy.ndarray can lead to
memory corruption. I can reproduce the problem with arrays of size 1
(length=1, dtype=bool or byte) pickled using protocols 1 or 2:
{{{
pickle.loads(pickle.dumps(numpy.array([True]), protocol=-1))
}}}
In my tests, this affects Solaris and Linux, Sparc, x86, and x86_64,
Python versions up to 2.6.6, numpy version 1.4.1.
After unpickling the size-1 array into 'data', I replace data[0] with an
arbitrary byte (0xbb in the example below) and it overwrites some
unrelated data (regexp buffers in the example below). If the original
data contains array([2]) instead of array([1]), then it affects "\x02" in
the regexp buffer instead of "\x01".
The second use of pickle.loads() then gets confused.
{{{
#!/usr/bin/env python
import numpy
import pickle
import re
# Unpickle a bool or byte array of length 1:
data = numpy.array([1], dtype='b') # similar issue with
numpy.array([True])
blob = pickle.dumps(data, protocol=1) # protocol 1, -1 exhibit bug, but 0
is 'safe'
data = pickle.loads(blob)
print repr(re.sub("a(.)", "\x01\\1", "a_"))
# '\x01_' [correct]
data[0] = 0xbb
print repr(re.sub("a(.)", "\x01\\1", "a_"))
# '\xbb_' [?!]
lose = pickle.loads(blob) # crashes
}}}
--
Ticket URL: <http://projects.scipy.org/numpy/ticket/1708>
NumPy <http://projects.scipy.org/numpy>
My example project
More information about the NumPy-Tickets
mailing list