[ZODB-Dev] Re: Can __setstate__ trigger an RCE?
Thomas Guettler
hv at tbz-pariv.de
Wed Jul 7 03:40:38 EDT 2004
Hi Christian and others,
> _p_independent, huh? I seem to recall this being evil, but let's have a
> look at how QueueCatalog implements its conflict resolution to get an
> idea of just how non-trivial you're implying.
Take a look at BTrees/Length.py
If your persistent class uses a btree, and you want
to know the length, you can use Length like this:
assert(not iibtree.has_key(docid))
self.document_count.change(1)
iibtree[docid]=1
In __init__: self.document_count=Length()
The Length may be wrong, but if you only add/delete
small amounts it is correct most of the times.
Don't use it for financal data.
HTH,
Thomas
More information about the ZODB-Dev
mailing list