Home

unpickling

Unpickling is the process of deserializing a byte stream produced by Python's pickle module back into Python objects. It is the counterpart to pickling, which serializes Python objects for storage or transmission. The pickle module provides the core operations dump and dumps for serialization, and load and loads for deserialization. The resulting byte stream contains type information and the object's state, allowing reconstruction of a wide range of Python objects, including simple data structures as well as instances of user-defined classes.

Unpickling works by reading the serialized instructions and recreating objects in memory. Some objects require custom

Best practices: avoid unpickling data from untrusted sources; use alternative serialization formats for untrusted data (for

reduction
hooks,
such
as
__getstate__
and
__setstate__,
to
save
and
restore
internal
state.
The
process
can
also
execute
code
during
reconstruction,
depending
on
the
data
and
protocol
used.
Because
of
this,
unpickling
is
inherently
unsafe
when
the
source
is
untrusted:
it
can
lead
to
arbitrary
code
execution,
data
corruption,
or
denial
of
service.
example
JSON,
or
XML)
and,
when
possible,
validate
or
sandbox
the
unpickling
environment.
If
security
is
critical,
design
data
interchange
around
safer
formats
and
minimize
the
use
of
pickle
to
internal,
trusted
data
flows.