Principle:Trailofbits Fickling Unsafe Deserialization Error Handling
| Knowledge Sources | |
|---|---|
| Domains | Security, Error_Handling, Deserialization |
| Last Updated | 2026-02-14 14:00 GMT |
Overview
A structured error signaling mechanism that reports blocked deserialization attempts with the offending file path and a description of the unsafe import detected.
Description
When an allowlist-based unpickler encounters a non-permitted import during deserialization, it must communicate the failure clearly to calling code. Unsafe Deserialization Error Handling provides a dedicated exception type that carries two pieces of structured information: the file path of the offending pickle and a human-readable description of why the import was blocked. This allows calling code to distinguish security-related deserialization failures from other pickle errors and to take appropriate action (logging, alerting, quarantining).
Usage
Use this principle when building error handling around ML model loading pipelines. Catch this specific exception type to handle security-blocked loads differently from corrupt file errors or missing file errors.
Theoretical Basis
Structured error reporting for security events requires:
- Specificity: Distinguish security failures from other errors
- Context: Carry the file identity and the reason for rejection
- Non-execution: Error must be raised before the unsafe import executes
# Pseudocode for structured security error
class SecurityError(Exception):
filepath: str # Which file triggered the error
info: str # What unsafe operation was detected