GGUF Parser Security PoC
Proof-of-concept GGUF files demonstrating integer overflow vulnerabilities in GGUF parsers.
Files
poc-elements-overflow.gguf: Demonstrates integer overflow in Tensor.Elements() via crafted shape dimensions (2 x 2^63+500). The uint64 multiplication wraps, causing Size() to return a drastically smaller value than required.
poc-typesize-zero.gguf: Demonstrates TypeSize()=0 for unknown tensor types, causing Size()=0 while Elements() remains non-zero, leading to out-of-bounds reads via unsafe.Slice.
Disclaimer
These files are provided for security research purposes only, as part of responsible disclosure through the Huntr bug bounty program.
- Downloads last month
- 112
Hardware compatibility
Log In to add your hardware
We're not able to determine the quantization variants.
Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐ Ask for provider support