gh-151830: Raise ValueError instead of SystemError for invalid code objects in marshal.loads()#151831
Open
tonghuaroot wants to merge 3 commits into
Open
gh-151830: Raise ValueError instead of SystemError for invalid code objects in marshal.loads()#151831tonghuaroot wants to merge 3 commits into
tonghuaroot wants to merge 3 commits into
Conversation
…code objects in marshal.loads()
sobolevn
reviewed
Jun 21, 2026
sobolevn
left a comment
sobolevn
left a comment
Member
There was a problem hiding this comment.
(not a full review, just several comments about the test)
| kinds = blob[off + 5:off + 5 + n] | ||
| break | ||
| else: | ||
| self.fail("could not locate localspluskinds in marshal data") |
Member
There was a problem hiding this comment.
Can this actually happen? If not, please use self.assertEqual(kinds, ...)
Contributor
Author
There was a problem hiding this comment.
Done — replaced the self.fail with assertEqual(kinds, ...), using a no-arg function so the locals are all plain CO_FAST_LOCAL and the expected kinds is deterministic.
| # Rewrite it with one fewer kind byte than there are names. | ||
| corrupt = (blob[:off] + b's' + struct.pack('<i', n - 1) | ||
| + kinds[:n - 1] + blob[off + 5 + n:]) | ||
| with self.assertRaises(ValueError): |
Member
There was a problem hiding this comment.
Suggested change
| with self.assertRaises(ValueError): | |
| with self.assertRaisesRegex(ValueError, 'bad marshal data, \(invalid code object\)'): |
Contributor
Author
There was a problem hiding this comment.
Applied. I dropped the comma so the pattern matches the actual message — the existing bad marshal data (...) convention in marshal.c.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
marshal.loads()already raisesValueErrorwith a"bad marshal data (...)"message for malformed input, but a code object whose internal fieldsare inconsistent (for example a
localsplusnamestuple whose length differsfrom the
localspluskindsbytes) makes_PyCode_Validate()callPyErr_BadInternalCall(), which surfaces asSystemError: bad argument to internal function. This converts that onecase to
ValueError: bad marshal data (invalid code object), so thecode-object path is consistent with marshal's existing bad-marshal-data
errors. The change is narrowly scoped to the
SystemErrorfromPyErr_BadInternalCall()and leaves the other_PyCode_Validate()failures(which already raise
ValueError/OverflowError) unchanged.A regression test was added to
Lib/test/test_marshal.pyand a NEWS entrywas added under
Misc/NEWS.d/.