Using Python 3.14 on a Windows system, the attached sample (password "infected" - NOTE: This is malware and should be handled with care) can successfully be loaded using xdis==6.1.8 but throws an error with xdis==6.3.0.
from xdis import load_module
print(load_module("/pathtosample/7e257e269e08677d6abfbebce761d339"))
((3, 12, 0), 0, 3531, <Code311 code object <module> at 0x1fc21885220, file <string>>, line 1, False, 0, None)
Traceback (most recent call last):
File "C:\Python\Python314\Lib\site-packages\xdis\load.py", line 349, in load_module_from_file_object
co = xdis.unmarshal.load_code(fp, magic_int, code_objects)
File "C:\Python\Python314\Lib\site-packages\xdis\unmarshal.py", line 826, in load_code
return um_gen.load()
~~~~~~~~~~~^^
File "C:\Python\Python314\Lib\site-packages\xdis\unmarshal.py", line 231, in load
return self.r_object()
~~~~~~~~~~~~~^^
File "C:\Python\Python314\Lib\site-packages\xdis\unmarshal.py", line 286, in r_object
return unmarshal_func(save_ref, bytes_for_s)
File "C:\Python\Python314\Lib\site-packages\xdis\unmarsh_rust.py", line 198, in t_code_rust
source_path = self.read_string(src_len, False)
File "C:\Python\Python314\Lib\site-packages\xdis\unmarsh_rust.py", line 304, in read_string
s = self.read_slice(n)
File "C:\Python\Python314\Lib\site-packages\xdis\unmarshal.py", line 211, in read_slice
return self.fp.read(n)
~~~~~~~~~~~~^^^
ValueError: read length must be non-negative or -1
Traceback (most recent call last):
File "C:\Python\Python314\Lib\site-packages\xdis\load.py", line 349, in load_module_from_file_object
co = xdis.unmarshal.load_code(fp, magic_int, code_objects)
File "C:\Python\Python314\Lib\site-packages\xdis\unmarshal.py", line 826, in load_code
return um_gen.load()
~~~~~~~~~~~^^
File "C:\Python\Python314\Lib\site-packages\xdis\unmarshal.py", line 231, in load
return self.r_object()
~~~~~~~~~~~~~^^
File "C:\Python\Python314\Lib\site-packages\xdis\unmarshal.py", line 286, in r_object
return unmarshal_func(save_ref, bytes_for_s)
File "C:\Python\Python314\Lib\site-packages\xdis\unmarsh_rust.py", line 198, in t_code_rust
source_path = self.read_string(src_len, False)
File "C:\Python\Python314\Lib\site-packages\xdis\unmarsh_rust.py", line 304, in read_string
s = self.read_slice(n)
File "C:\Python\Python314\Lib\site-packages\xdis\unmarshal.py", line 211, in read_slice
return self.fp.read(n)
~~~~~~~~~~~~^^^
ValueError: read length must be non-negative or -1
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Scripts\xdis_info.py", line 44, in <module>
main()
~~~~^^
File "C:\Scripts\xdis_info.py", line 38, in main
print(load_module(args.sample))
~~~~~~~~~~~^^^^^^^^^^^^^
File "C:\Python\Python314\Lib\site-packages\xdis\load.py", line 199, in load_module
return load_module_from_file_object(
fp,
...<4 lines>...
save_file_offsets=save_file_offsets,
)
File "C:\Python\Python314\Lib\site-packages\xdis\load.py", line 360, in load_module_from_file_object
raise ImportError(f"Ill-formed bytecode file {filename}\n{kind}; {msg}")
ImportError: Ill-formed bytecode file 7e257e269e08677d6abfbebce761d339
<class 'ValueError'>; read length must be non-negative or -1
Description
Using Python 3.14 on a Windows system, the attached sample (password "infected" - NOTE: This is malware and should be handled with care) can successfully be loaded using
xdis==6.1.8but throws an error withxdis==6.3.0.7e257e269e08677d6abfbebce761d339.zip
How to Reproduce
Output Given
For
xdis==6.1.8:((3, 12, 0), 0, 3531, <Code311 code object <module> at 0x1fc21885220, file <string>>, line 1, False, 0, None)For
xdis==6.3.0:Expected behavior
For
6.3.0, expect to receive the same output as for6.1.8Environment
6.1.8and6.3.0Workarounds
Priority
Additional Context