Skip to content

Commit

Permalink
Patched zero-day memo exploit and bumped version
Browse files Browse the repository at this point in the history
  • Loading branch information
quasar098 committed Dec 16, 2023
1 parent 40001cd commit e8a032e
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion setup.cfg
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[metadata]
name = picklescan
version = 0.0.12
version = 0.0.13
author = Matthieu Maitre
author_email = [email protected]
description = Security scanner detecting Python Pickle files performing suspicious actions
Expand Down
2 changes: 1 addition & 1 deletion src/picklescan/scanner.py
Original file line number Diff line number Diff line change
Expand Up @@ -190,7 +190,7 @@ def _list_globals(data: IO[bytes], multiple_pickles=True) -> Set[Tuple[str, str]
op_value = op[1]

if op_name in ["MEMOIZE", "PUT", "BINPUT", "LONG_BINPUT"] and n > 0:
memo[len(memo)] = ops[n - 1][1]
memo[op_value] = ops[n - 1][1]

if op_name in ("GLOBAL", "INST"):
globals.add(tuple(op_value.split(" ", 1)))
Expand Down

0 comments on commit e8a032e

Please sign in to comment.