From ad6efbfbe32517f422dc84a004db6b3fa6cb2b04 Mon Sep 17 00:00:00 2001
From: quasar098 <70716985+quasar098@users.noreply.github.com>
Date: Sat, 16 Dec 2023 18:22:06 -0500
Subject: [PATCH] Patched zero-day memo exploit and bumped version (#23)

---
 setup.cfg                 | 2 +-
 src/picklescan/scanner.py | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/setup.cfg b/setup.cfg
index a331304..40c22a3 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -1,6 +1,6 @@
 [metadata]
 name = picklescan
-version = 0.0.12
+version = 0.0.13
 author = Matthieu Maitre
 author_email = mmaitre314@users.noreply.github.com
 description = Security scanner detecting Python Pickle files performing suspicious actions
diff --git a/src/picklescan/scanner.py b/src/picklescan/scanner.py
index 7363d09..62e9210 100644
--- a/src/picklescan/scanner.py
+++ b/src/picklescan/scanner.py
@@ -190,7 +190,7 @@ def _list_globals(data: IO[bytes], multiple_pickles=True) -> Set[Tuple[str, str]
             op_value = op[1]
 
             if op_name in ["MEMOIZE", "PUT", "BINPUT", "LONG_BINPUT"] and n > 0:
-                memo[len(memo)] = ops[n - 1][1]
+                memo[op_value] = ops[n - 1][1]
 
             if op_name in ("GLOBAL", "INST"):
                 globals.add(tuple(op_value.split(" ", 1)))