Hugging Face's logo

AgentRen
/
circle-external-buffer-oob-poc

Model card Files
xet
 Community

YAML Metadata Warning:empty or missing yaml metadata in repo card

Check out the documentation for more information.

Circle External Buffer Offset/Size OOB Read PoC

This repository contains a minimal Circle model file that demonstrates an out-of-bounds read in Samsung ONE's Circle inspection path.

Summary

Samsung ONE's mio_circle::Reader::buffer_info() handles Circle external buffers by checking only the starting offset with std::vector::at(), then returning the attacker-controlled size to callers. A Circle file can set an external buffer to start at the final byte of the file and advertise a much larger size. circledump then reads past the end of the file buffer while dumping that buffer.

Artifact

  • PoC model: poc/external_offset_oob.circle
  • SHA256: 20962ae3e01d2489f1ba6766f4d804414e5e5cb490589a23aa986f97abe0abd5
  • File size: 232 bytes
  • External buffer values: offset=231, size=4096

Evidence

The captured ASan trace is in poc/asan-circledump-direct.stderr.txt.

Relevant top of stack:

ERROR: AddressSanitizer: heap-buffer-overflow
READ of size 1
circledump::dump_buffer(...) Dump.cpp:48
circledump::dump_model(...) Dump.cpp:404
operator<<(...) Dump.cpp:479
circledump_direct_driver.cpp:41
0 bytes after 232-byte region

Reproduction Outline

Use Samsung ONE current source and FlatBuffers 23.5.26. Build flatc/libflatbuffers, regenerate the Circle schema header, then compile the direct circledump core driver with ASan:

cmake -S /tmp/flatbuffers-23.5.26 -B /tmp/flatbuffers-23.5.26-build \
  -G Ninja -DFLATBUFFERS_BUILD_TESTS=OFF -DFLATBUFFERS_INSTALL=OFF -DCMAKE_BUILD_TYPE=Release
cmake --build /tmp/flatbuffers-23.5.26-build --target flatc flatbuffers -j2

clang++ -std=c++17 -O1 -g -fsanitize=address,undefined -fno-omit-frame-pointer \
  -I/tmp/flatbuffers-23.5.26/include \
  -I/tmp/circle-include-current \
  -I/path/to/ONE/compiler/mio-circle/include \
  -I/path/to/ONE/compiler/circledump/include \
  -I/path/to/ONE/compiler/circledump/src \
  poc/circledump_direct_driver.cpp \
  /path/to/ONE/compiler/circledump/src/Dump.cpp \
  /path/to/ONE/compiler/circledump/src/MetadataPrinter.cpp \
  /path/to/ONE/compiler/circledump/src/OpPrinter.cpp \
  /path/to/ONE/compiler/mio-circle/src/Reader.cpp \
  /path/to/ONE/compiler/mio-circle/src/Helper.cpp \
  /tmp/flatbuffers-23.5.26-build/libflatbuffers.a \
  -o /tmp/circledump_direct_driver_current

ASAN_OPTIONS=abort_on_error=0:symbolize=1 \
  /tmp/circledump_direct_driver_current poc/external_offset_oob.circle

Full local notes are in TECHNICAL_NOTES.md.

Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support