Fix deserialization warning

mhucka · mhucka · commit 3f5aeeffe509 · 2025-09-24T15:55:31.000-07:00
CodeQL security [scan report #567](https://github.com/quantumlib/OpenFermion/security/code-scanning/567) flagged a data loading operation in `src/openfermion/utils/operator_utils.py` as being usafe due because it uses a user-provided value. The warning is about lines 282-283, involving the code ```python with open(file_path, 'rb') as f: data = marshal.load(f) ``` > Deserializing untrusted data using any deserialization framework that allows the construction of arbitrary serializable objects is easily exploitable and in many cases allows an attacker to execute arbitrary code. Even before a deserialized object is returned to the caller of a deserialization method a lot of code may have been executed, including static initializers, constructors, and finalizers. Automatic deserialization of fields means that an attacker may craft a nested combination of objects on which the executed initialization code may have unforeseen effects, such as the execution of arbitrary code.
diff --git a/src/openfermion/utils/operator_utils.py b/src/openfermion/utils/operator_utils.py
@@ -11,8 +11,9 @@
 #   limitations under the License.
 """This module provides generic tools for classes in ops/"""
 from builtins import map, zip
-import marshal
+import json
 import os
+from ast import literal_eval
 
 import numpy
 import sympy
@@ -279,10 +280,13 @@ def load_operator(file_name=None, data_directory=None, plain_text=False):
         else:
             raise TypeError('Operator of invalid type.')
     else:
-        with open(file_path, 'rb') as f:
-            data = marshal.load(f)
-            operator_type = data[0]
-            operator_terms = data[1]
+        with open(file_path, 'r') as f:
+            data = json.load(f)
+        operator_type, serializable_terms = data
+        operator_terms = {
+            literal_eval(key): complex(value[0], value[1])
+            for key, value in serializable_terms.items()
+        }
 
         if operator_type == 'FermionOperator':
             operator = FermionOperator()
@@ -356,5 +360,6 @@ def save_operator(
             f.write(operator_type + ":\n" + str(operator))
     else:
         tm = operator.terms
-        with open(file_path, 'wb') as f:
-            marshal.dump((operator_type, dict(zip(tm.keys(), map(complex, tm.values())))), f)
+        serializable_terms = {str(key): (value.real, value.imag) for key, value in tm.items()}
+        with open(file_path, 'w') as f:
+            json.dump((operator_type, serializable_terms), f)
diff --git a/src/openfermion/utils/operator_utils_test.py b/src/openfermion/utils/operator_utils_test.py
@@ -12,6 +12,7 @@
 """Tests for operator_utils."""
 
 import os
+import json
 
 import itertools
 
@@ -473,13 +474,20 @@ def setUp(self):
         with open(os.path.join(DATA_DIRECTORY, self.bad_operator_filename), 'w') as fid:
             fid.write(bad_op)
 
+        self.bad_type_filename = 'bad_type_operator.data'
+        with open(os.path.join(DATA_DIRECTORY, self.bad_type_filename), 'w') as f:
+            json.dump(['InvalidOperatorType', {}], f)
+
     def tearDown(self):
         file_path = os.path.join(DATA_DIRECTORY, self.file_name + '.data')
         if os.path.isfile(file_path):
             os.remove(file_path)
         file_path = os.path.join(DATA_DIRECTORY, self.bad_operator_filename)
         if os.path.isfile(file_path):
             os.remove(file_path)
+        file_path = os.path.join(DATA_DIRECTORY, self.bad_type_filename)
+        if os.path.isfile(file_path):
+            os.remove(file_path)
 
     def test_save_sympy_plaintext(self):
         operator = FermionOperator('1^', sympy.Symbol('x'))
@@ -594,6 +602,46 @@ def test_save_bad_type(self):
         with self.assertRaises(TypeError):
             save_operator('ping', 'somewhere')
 
+    def test_save_and_load_complex_json(self):
+        fermion_op = FermionOperator('1^ 2', 1 + 2j)
+        boson_op = BosonOperator('1^ 2', 1 + 2j)
+        qubit_op = QubitOperator('X1 Y2', 1 + 2j)
+        quad_op = QuadOperator('q1 p2', 1 + 2j)
+
+        save_operator(fermion_op, self.file_name)
+        loaded_op = load_operator(self.file_name)
+        self.assertEqual(fermion_op, loaded_op)
+
+        save_operator(boson_op, self.file_name, allow_overwrite=True)
+        loaded_op = load_operator(self.file_name)
+        self.assertEqual(boson_op, loaded_op)
+
+        save_operator(qubit_op, self.file_name, allow_overwrite=True)
+        loaded_op = load_operator(self.file_name)
+        self.assertEqual(qubit_op, loaded_op)
+
+        save_operator(quad_op, self.file_name, allow_overwrite=True)
+        loaded_op = load_operator(self.file_name)
+        self.assertEqual(quad_op, loaded_op)
+
+    def test_saved_json_content(self):
+        import json
+
+        qubit_op = QubitOperator('X1 Y2', 1 + 2j)
+        save_operator(qubit_op, self.file_name)
+
+        file_path = get_file_path(self.file_name, None)
+        with open(file_path, 'r') as f:
+            data = json.load(f)
+
+        self.assertEqual(len(data), 2)
+        self.assertEqual(data[0], 'QubitOperator')
+
+        # The key is stringified tuple
+        # The value is a list [real, imag]
+        expected_terms = {"((1, 'X'), (2, 'Y'))": [1.0, 2.0]}
+        self.assertEqual(data[1], expected_terms)
+
 
 class GetFileDirTest(unittest.TestCase):
     def setUp(self):
