Jump to content

Connect SuperML | Leeroopedia MCP: Equip your AI agents with best practices, code verification, and debugging knowledge. Powered by Leeroo — building Organizational Superintelligence. Contact us at founders@leeroo.com.

Implementation:Trailofbits Fickling StackedPickle Load

From Leeroopedia
Knowledge Sources
Domains Security, Reverse_Engineering, Deserialization
Last Updated 2026-02-14 14:00 GMT

Overview

Concrete tool for parsing files containing multiple concatenated pickle streams provided by the Fickling library.

Description

StackedPickle.load is a static method that reads a binary stream and extracts all concatenated pickle streams from it. It repeatedly calls Pickled.load until no more streams remain, collecting each parsed Pickled object into a tuple. The resulting StackedPickle supports indexing and length operations.

Usage

Use this for legacy PyTorch v0.1.10 files or when you need to analyze all pickle streams in a multi-stream file.

Code Reference

Source Location

  • Repository: fickling
  • File: fickling/fickle.py
  • Lines: L2082-2096

Signature

class StackedPickle:
    @staticmethod
    def load(
        pickled: Buffer | BinaryIO,
        fail_on_decode_error: bool = True
    ) -> StackedPickle:
        """Parse all concatenated pickle streams from input.

        Args:
            pickled: Raw bytes or file-like binary object.
            fail_on_decode_error: Passed to each Pickled.load() call.

        Returns:
            StackedPickle wrapping a tuple of Pickled objects.

        Raises:
            EmptyPickleError: If no pickle streams are detected.
        """

Import

from fickling.fickle import StackedPickle

I/O Contract

Inputs

Name Type Required Description
pickled Buffer or BinaryIO Yes Raw bytes or file-like object containing stacked pickle streams
fail_on_decode_error bool No Error handling mode (default: True)

Outputs

Name Type Description
(return) StackedPickle Container wrapping tuple[Pickled, ...]; supports indexing and len()
[i] Pickled Individual parsed pickle stream at index i

Usage Examples

Parse Stacked Pickle File

from fickling.fickle import StackedPickle

with open("legacy_model.pt", "rb") as f:
    stacked = StackedPickle.load(f)

print(f"Found {len(stacked)} pickle streams")

# Analyze each stream independently
for i, pickled in enumerate(stacked.pickled):
    print(f"Stream {i}: {len(list(pickled))} opcodes")

Related Pages

Implements Principle

Page Connections

Double-click a node to navigate. Hold to expand connections.
Principle
Implementation
Heuristic
Environment
Retrieved from "https://leeroopedia.com/index.php?title=Implementation:Trailofbits_Fickling_StackedPickle_Load&oldid=10415"