Skip to main content

Deserialization of Untrusted Data in pickle Module

PY013
deserialization_of_untrusted_data
CWE-502
⚠️ Warning

The Python pickle module is a serialization module that can be used to serialize and deserialize Python objects. Pickle is not secure because it can be used to deserialize malicious code. For example, an attacker could create a pickle file that contains malicious code and then trick a user into opening the file. When the user opens the file, the malicious code would be executed.

Example

warning
import pickle


def load_pickle_file(file_path):
    with open(file_path, 'rb') as file:
        data = file.read()

    # WARNING: Unpickle data without proper validation
    obj = pickle.loads(data)
    return obj

# Example usage (assuming 'malicious.pickle' contains malicious code)
pickle_file = 'malicious.pickle'
loaded_object = load_pickle_file(pickle_file)

Remediation

Fix Iconfix

Consider signing data with hmac if you need to ensure that pickle data has not been tampered with.

Alternatively if you need to serialize sensitive data, you could use a secure serialization format, such as JSON or XML. These formats are designed to be secure and cannot be used to execute malicious code.

False Positives

In the case of a false positive the rule can be suppressed. Simply add a trailing or preceding comment line with either the rule ID (PY013) or rule category name (deserialization_of_untrusted_data).

Fix Iconfix
import pickle


def load_pickle_file(file_path):
    with open(file_path, 'rb') as file:
        data = file.read()

    # WARNING: Unpickle data without proper validation
    # suppress: PY013
    obj = pickle.loads(data)
    return obj

# Example usage (assuming 'malicious.pickle' contains malicious code)
pickle_file = 'malicious.pickle'
loaded_object = load_pickle_file(pickle_file)

See also

info
Last updated on