YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
GGUF Security PoC Files
These are proof-of-concept files demonstrating vulnerabilities in GGML's GGUF parser.
poc-stride-overflow.gguf
Integer overflow in tensor stride (nb[]) calculations. A tensor with ne[0]=2^62 and type F32 causes nb[1] = 4 * 2^62 = 2^64 which overflows size_t to 0. This bypasses the SIZE_MAX overflow check, resulting in a 0-byte allocation for a tensor claiming 2^62 elements. Any access to tensor data is a heap buffer overflow.
poc-divzero.gguf
Division by zero at gguf.cpp:550 when ne[1]=0 with n_dims>=2. The element overflow check computes INT64_MAX/ne[1] which is undefined behavior. Causes SIGFPE crash on x86.
Tested against: ggml commit a8db410 compiled with AddressSanitizer.
- Downloads last month
- 1
We're not able to determine the quantization variants.