Fixed #551 by validating the server side is configured to allow pickl…

…e and bumped version for major release to 6.
tomerfiliba-org · Feb 23, 2024 · 21eb99d · 21eb99d
1 parent 19a9f03
commit 21eb99d
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 2 deletions.
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -1,3 +1,11 @@
+6.0.0
+=====
+Date: 2024-02-23
+
+- `#551`_ Resolves security issue that results in RCE. The fix breaks backwards compatibility for those that rely on the `__array__` attribute used by `numpy`. This RCE is only exploitable when the server-side gets the attribute `__array__` and calls it (e.g., `np.array(x)`). This issues effects all versions since major release 4.
+
+.. _#551: https://github.com/tomerfiliba-org/rpyc/issues/551
+
 5.3.1
 =====
 Date: 2023-02-21

diff --git a/rpyc/core/netref.py b/rpyc/core/netref.py
@@ -251,6 +251,9 @@ def method(self, start, stop, *args):
         def __array__(self):
             # Note that protocol=-1 will only work between python
             # interpreters of the same version.
+            if not object.__getattribute__(self,'____conn__')._config["allow_pickle"]:
+                # Security check that server side allows pickling per #551
+                raise ValueError("pickling is disabled")
             return pickle.loads(syncreq(self, consts.HANDLE_PICKLE, -1))
         __array__.__doc__ = doc
         return __array__

diff --git a/rpyc/version.py b/rpyc/version.py
@@ -1,3 +1,3 @@
-__version__ = '5.3.1'
+__version__ = '6.0.0'
 version = tuple(__version__.split('.'))
-release_date = "2023-02-21"
+release_date = "2024-02-23"