From 483f0a5d765033294a3b8ce9a04d4fc96170bbfc Mon Sep 17 00:00:00 2001 From: Paul Ivanov Date: Wed, 30 Jan 2019 14:22:44 -0800 Subject: BUG: load fails when using pickle without allow_pickle=True a partial mitigation of #12759. see also https://nvd.nist.gov/vuln/detail/CVE-2019-6446 --- numpy/lib/format.py | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'numpy/lib/format.py') diff --git a/numpy/lib/format.py b/numpy/lib/format.py index 4da1022ca..4f9431068 100644 --- a/numpy/lib/format.py +++ b/numpy/lib/format.py @@ -149,7 +149,7 @@ data HEADER_LEN." Notes ----- The ``.npy`` format, including motivation for creating it and a comparison of -alternatives, is described in the `"npy-format" NEP +alternatives, is described in the `"npy-format" NEP `_, however details have evolved with time and this document is more current. @@ -644,7 +644,7 @@ def write_array(fp, array, version=None, allow_pickle=True, pickle_kwargs=None): fp.write(chunk.tobytes('C')) -def read_array(fp, allow_pickle=True, pickle_kwargs=None): +def read_array(fp, allow_pickle=False, pickle_kwargs=None): """ Read an array from an NPY file. @@ -654,7 +654,11 @@ def read_array(fp, allow_pickle=True, pickle_kwargs=None): If this is not a real file object, then this may take extra memory and time. allow_pickle : bool, optional - Whether to allow reading pickled data. Default: True + Whether to allow writing pickled data. Default: False + + .. versionchanged:: 1.17.0, 1.16.3 + Switched from True to False in response to CVE-2019-6446. + pickle_kwargs : dict Additional keyword arguments to pass to pickle.load. These are only useful when loading object arrays saved on Python 2 when using -- cgit v1.2.1