Re: marshal vs pickle

From: Bjoern Schliessmann <usenet-mail-0306.20.chr0n0ss@xxxxxxxxxxxxxxx>
Date: Wed, 31 Oct 2007 14:25:00 +0100

Evan Klitzke wrote:

Can anyone elaborate more on the difference between marshal and
pickle. In what conditions would using marshal be unsafe? If one
can guarantee that the marshalled objects would be created and
read by the same version of Python, is that enough?

Just use pickle. From the docs:

| The marshal module exists mainly to support reading and writing
| the ``pseudo-compiled'' code for Python modules of .pyc files.
| Therefore, the Python maintainers reserve the right to modify the
| marshal format in backward incompatible ways should the need
| arise. If you're serializing and de-serializing Python objects,
| use the pickle module instead.

Regards,

Björn

--
BOFH excuse #421:

Domain controller not responding

.

References:
- marshal vs pickle
  - From: Evan Klitzke

Prev by Date: Re: py2exe (or other exe builder) on Vista system for Vista/XP install targets.
Next by Date: shouldn't 'string'.find('ugh') return 0, not -1 ?
Previous by thread: marshal vs pickle
Next by thread: Re: marshal vs pickle
Index(es):
- Date
- Thread

Relevant Pages

XML Pickle with PyGraphLib - Problems
... I'm working on a simulation in Python where I ... I want to be able to use a third party tool like an XML editor (or ... it to work with pygraphlib version 0.6.0.1. ... the problem is that I can successfully pickle to XML a data ...
(comp.lang.python)
Re: PyYaml?
... I DO NOT recommend anyone use pyyaml ... That code would work fine with a full YAML ... > Is there any benefit to Pickle over YAML? ... The pure Python version "pickle.py" wasn't fast enough so ...
(comp.lang.python)
marshal vs pickle
... The documentation for marshal makes it clear that there are no ... structures across Python releases. ... pickle. ... guarantee that the marshalled objects would be created and read by the ...
(comp.lang.python)
Re: Official definition of call-by-value (Re: Finding the instance reference...)
... Yes, which is why we have int, str, and list classes which, unlike some ... Since pickle can't predict what aspects of the ... you can't do so in Python. ... with a foo attribute. ...
(comp.lang.python)
Exploit for a security hole in the pickle module for Python versions <= 2.1.x
... Pickle is the name of a Python module for object persistence. ... The pickle module doesn't handle code objects, ... one hole was closed which was due to the use of evalto ...
(Bugtraq)