Skip to content

security: restrict pickle deserialization in v0 schema and migration tool #5635

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
daridor9 wants to merge 11 commits into
base: main
Choose a base branch
from
Open

security: restrict pickle deserialization in v0 schema and migration tool #5635

Changes from 1 commit
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
707e76e
security: add RestrictedUnpickler for safe v0 pickle deserialization
daridor9 May 7, 2026
a382b8e
security: use RestrictedUnpickler in v0 runtime read path
daridor9 May 7, 2026
ba04ed4
security: use RestrictedUnpickler in v0 migration path
daridor9 May 7, 2026
b76b2f3
chore: retrigger CLA check after signing
daridor9 May 7, 2026
d9a0f7a
security: add enum types to RestrictedUnpickler allowlist
daridor9 May 7, 2026
27f866a
Merge branch 'main' into fix/restricted-unpickler-v0
rohityan May 8, 2026
422e1d8
style: run pyink + isort on _safe_unpickle.py
daridor9 May 9, 2026
1407e8d
style: run pyink + isort on v0.py
daridor9 May 9, 2026
ac60e57
style: run pyink + isort on migrate_from_sqlalchemy_pickle.py
daridor9 May 9, 2026
8255302
security: override result_processor for SQLite safe deserialization
daridor9 May 11, 2026
3569058
Add unit tests for RestrictedUnpickler functionality
daridor9 May 11, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
security: override result_processor for SQLite safe deserialization
  • Loading branch information
@daridor9
daridor9 authored May 11, 2026
commit 8255302e8a0c3ed1a6b5440fd11a0d9389571bae
13 changes: 13 additions & 0 deletions src/google/adk/sessions/schemas/v0.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -111,6 +111,19 @@ def process_bind_param(self, value, dialect):
return pickle.dumps(value)
return value

def result_processor(self, dialect, coltype):
if dialect.name in ("mysql", "spanner+spanner"):
return super().result_processor(dialect, coltype)

def process(value):
if value is None:
return None
if isinstance(value, memoryview):
value = bytes(value)
return _safe_pickle_loads(value)

return process

def process_result_value(self, value, dialect):
"""Ensures the raw bytes from the database are unpickled back into a Python object."""
if value is not None:
Expand Down