unpickler: guard against UnicodeEncodeError when restoring base64/85

Author: davvid

CHANGES.rst

@@ -2,6 +2,7 @@ Upcoming
 ========
     * The unpickler is now more resilient to malformed "py/id" and "py/repr" data.
       (+546)
+    * The unpickler is now more resilient to invalid "py/b85" and "py/b64" data.
 
 v4.0.1
 ======

jsonpickle/unpickler.py

@@ -445,13 +445,13 @@ def register_classes(self, classes):
     def _restore_base64(self, obj):
         try:
             return util.b64decode(obj[tags.B64].encode('utf-8'))
-        except AttributeError:
+        except (AttributeError, UnicodeEncodeError):
             return b''
 
     def _restore_base85(self, obj):
         try:
             return util.b85decode(obj[tags.B85].encode('utf-8'))
-        except AttributeError:
+        except (AttributeError, UnicodeEncodeError):
             return b''
 
     def _refname(self):

tests/jsonpickle_test.py

@@ -217,7 +217,7 @@ def test_decode_base85(unpickler):
     assert unpickler.restore(pickled) == expected
 
 
-@pytest.mark.parametrize('value', ['', '/', 1, True, False, None, [], {}])
+@pytest.mark.parametrize('value', ['', '/', '\udc00', 1, True, False, None, [], {}])
 def test_decode_invalid_b85(value, unpickler):
     """Invalid base85 data restores to an empty string"""
     expected = b''
@@ -232,7 +232,9 @@ def test_base85_still_handles_base64(unpickler):
     assert unpickler.restore(pickled) == expected
 
 
-@pytest.mark.parametrize('value', ['', 'x', '!', 0, 1, True, False, None, [], {}])
+@pytest.mark.parametrize(
+    'value', ['', 'x', '!', '\udc00', 0, 1, True, False, None, [], {}]
+)
 def test_decode_invalid_b64(value, unpickler):
     """Invalid base85 data restores to an empty string"""
     expected = b''