By passing a malformed string as input to marshal.loads() an attacker can trigger a null pointer dereference resulting in DoS. 

This happens because when a Python object is unmarshalled by reference, it is assumed that the target object is fully constructed. We can construct a marshal string such that it can reference partially constructed Python objects. 

Example
-------

tuple(FrozenSet(REF(0)))

Tuple -> FrozenSet -> REF(0)

When unmarshalling of the tuple object starts, a new PyTuple_New() object is created and its address is added to p->refs array before starting to parse and load all its children elements in a loop. A FrozenSet can be added as 0th element of this tuple. And then add the 0th element of this FrozenSet as p->refs[0]. After an element is added to FrozenSet, it tries to hash it believing that it is a completely constructed Python object. 

While it tries to hash the original tuple, it does not have any valid addresses in ob_item array. This results in a null pointer dereference throwing a SIGSEGV and crashing of interpreter. 

Running the below script results in a segmentation fault.

```
#!/usr/bin/env python3

import marshal
marshal.loads(b"\xa9\x01\xbe\x01\x00\x00\x00r\x00\x00\x00\x00")
```

I do not believe this is a problem. The marshal documentation includes this:

Warning The marshal module is not intended to be secure against erroneous or maliciously constructed data. Never unmarshal data received from an untrusted or unauthenticated source.

I concur with Eric.

nosy: + serhiy.storchaka
messages: + msg321053

resolution: not a bug
stage: resolved