- Pickle (Python)
-
In the computer programming language Python, pickle is the standard mechanism for object serialization; pickling is the common term among Python programmers for serialization (unpickling for deserializing). Pickle uses a simple stack-based virtual machine that records the instructions used to reconstruct the object. This makes pickle vulnerable to security risks by malformed or maliciously constructed data, that may cause the deserializer to import arbitrary modules and instantiate any object[1][2]. Also, not all objects can be pickled, especially ones that hold operating system resources like file handles.
Pickle was originally implemented as the pure Python
pickle
module, but thecPickle
module (also a built-in) offers improved performance (up to 1000 times faster[1]).There is another Python module that allows to save objects in a file called Cerealizer. Its interface is similar to Pickle; however, Cerealizer is safe[citation needed].
References
External links
Categories:- Python libraries
- Persistence
- Data serialization formats
- Computing stubs
Wikimedia Foundation. 2010.