Commit 1ad220aa authored by Jim Fulton's avatar Jim Fulton

Made is_blob_record much faster and more secure.

parent f1c0df86
...@@ -15,6 +15,7 @@ ...@@ -15,6 +15,7 @@
""" """
import cPickle import cPickle
import cStringIO
import base64 import base64
import binascii import binascii
import logging import logging
...@@ -934,6 +935,10 @@ else: ...@@ -934,6 +935,10 @@ else:
link_or_copy = os.link link_or_copy = os.link
def find_global_Blob(module, class_):
if module == 'ZODB.blob' and class_ == 'Blob':
return Blob
def is_blob_record(record): def is_blob_record(record):
"""Check whether a database record is a blob record. """Check whether a database record is a blob record.
...@@ -941,9 +946,15 @@ def is_blob_record(record): ...@@ -941,9 +946,15 @@ def is_blob_record(record):
storage to another. storage to another.
""" """
if 'ZODB.blob' in record:
unpickler = cPickle.Unpickler(cStringIO.StringIO(record))
unpickler.find_global = find_global_Blob
try: try:
return cPickle.loads(record) is ZODB.blob.Blob return unpickler.load() is Blob
except (MemoryError, KeyboardInterrupt, SystemExit): except (MemoryError, KeyboardInterrupt, SystemExit):
raise raise
except Exception: except Exception:
pass
return False return False
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment