diff options
| author | Paul Ivanov <pivanov5@bloomberg.net> | 2019-01-30 14:22:44 -0800 |
|---|---|---|
| committer | Charles Harris <charlesr.harris@gmail.com> | 2019-04-16 19:41:08 -0600 |
| commit | 483f0a5d765033294a3b8ce9a04d4fc96170bbfc (patch) | |
| tree | 06320ae00f76e9f2a4a272eb5c75952978cb7a9f /numpy/lib/npyio.py | |
| parent | fb425b769bbe4ff4b5a28f58876871414cc8bb12 (diff) | |
| download | numpy-pr/12889.tar.gz | |
BUG: load fails when using pickle without allow_pickle=Truepr/12889
a partial mitigation of #12759.
see also https://nvd.nist.gov/vuln/detail/CVE-2019-6446
Diffstat (limited to 'numpy/lib/npyio.py')
| -rw-r--r-- | numpy/lib/npyio.py | 17 |
1 files changed, 12 insertions, 5 deletions
diff --git a/numpy/lib/npyio.py b/numpy/lib/npyio.py index beeba1334..38d7141fb 100644 --- a/numpy/lib/npyio.py +++ b/numpy/lib/npyio.py @@ -144,7 +144,11 @@ class NpzFile(Mapping): An object on which attribute can be performed as an alternative to getitem access on the `NpzFile` instance itself. allow_pickle : bool, optional - Allow loading pickled data. Default: True + Allow loading pickled data. Default: False + + .. versionchanged:: 1.17.0, 1.16.3 + Switched from True to False in response to CVE-2019-6446. + pickle_kwargs : dict, optional Additional keyword arguments to pass on to pickle.load. These are only useful when loading object arrays saved on @@ -180,7 +184,7 @@ class NpzFile(Mapping): """ - def __init__(self, fid, own_fid=False, allow_pickle=True, + def __init__(self, fid, own_fid=False, allow_pickle=False, pickle_kwargs=None): # Import is postponed to here since zipfile depends on gzip, an # optional component of the so-called standard library. @@ -283,7 +287,7 @@ class NpzFile(Mapping): @set_module('numpy') -def load(file, mmap_mode=None, allow_pickle=True, fix_imports=True, +def load(file, mmap_mode=None, allow_pickle=False, fix_imports=True, encoding='ASCII'): """ Load arrays or pickled objects from ``.npy``, ``.npz`` or pickled files. @@ -311,8 +315,11 @@ def load(file, mmap_mode=None, allow_pickle=True, fix_imports=True, Allow loading pickled object arrays stored in npy files. Reasons for disallowing pickles include security, as loading pickled data can execute arbitrary code. If pickles are disallowed, loading object - arrays will fail. - Default: True + arrays will fail. Default: False + + .. versionchanged:: 1.17.0, 1.16.3 + Switched from True to False in response to CVE-2019-6446. + fix_imports : bool, optional Only useful when loading Python 2 generated pickled files on Python 3, which includes npy/npz files containing object arrays. If `fix_imports` |