• Jim Fulton's avatar
    - Loading non-binary string pickles checks for insecure · 828bb643
    Jim Fulton authored
    	  strings. This is needed because cPickle (still) uses
    	  a restricted eval to parse non-binary string pickles.
    	  This change is needed to prevent pickles like::
    
    	    "S'hello world'*2000000\012p0\012."
    
    	  from hosing an application.
    
    	- User-defined types can now support unpickling without
    	  executing a constructor.
    
    	  The second value returned from '__reduce__' can now be None,
              rather than an argument tuple.  On unpickling, if the
    	  second value returned from '__reduce__' during pickling was
    	  None, then rather than calling the first value returned from
              '__reduce__', directly, the '__basicnew__' method of the
              first value returned from '__reduce__' is called without
    	  arguments.
    828bb643
cPickle.c 95.8 KB