Python pickle serialization
Description
This application uses Python's pickle module to deserialize data from untrusted user input. The pickle module can execute arbitrary Python code during the deserialization process, making it inherently unsafe when processing data from external sources. This vulnerability occurs when user-controlled data is passed to pickle.loads() or pickle.load() without proper validation.
Remediation
Immediately stop using pickle to deserialize untrusted data. Implement one of the following secure alternatives:
1. Use JSON for data serialization (Recommended)
Replace pickle with the json module, which only handles basic data types and cannot execute code:
import json # Instead of: # data = pickle.loads(user_input) # Use: data = json.loads(user_input)
2. Use message validation with HMAC signatures
If pickle must be used for internal purposes, cryptographically sign all serialized data and verify signatures before deserialization:
import hmac
import pickle
from hashlib import sha256
SECRET_KEY = b'your-secret-key-here' # Store securely
def safe_pickle_loads(signed_data):
signature = signed_data[:32]
pickled_data = signed_data[32:]
expected_sig = hmac.new(SECRET_KEY, pickled_data, sha256).digest()
if not hmac.compare_digest(signature, expected_sig):
raise ValueError('Invalid signature')
return pickle.loads(pickled_data)
3. Restrict pickle to trusted internal use only
Never accept pickled data from user input, API requests, cookies, or any external source. Only use pickle for internal caching or inter-process communication where data sources are completely trusted and controlled.