YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
GGUF Division-by-Zero PoC
Issue
The GGUF parser in ggml/src/gguf.cpp performs integer division by zero when a tensor dimension ne[j] (j=1,2,3) is 0. The validation at line 622 checks ne[j] < 0 but allows 0 through. The overflow check at line 632 then divides by ne[1], ne[2], or ne[3], which is undefined behavior in C++.
Files
crash_ne1_zero.gguf- 75 bytes, ne[1]=0 triggers INT64_MAX/0crash_ne2_zero.gguf- 83 bytes, ne[2]=0 triggers INT64_MAX/0crash_ne3_zero.gguf- 91 bytes, ne[3]=0 triggers INT64_MAX/0
Reproduction
git clone https://github.com/ggml-org/llama.cpp && cd llama.cpp
cmake -B build && cmake --build build --target llama-gguf
./build/bin/llama-gguf crash_ne1_zero.gguf r
# x86-64: SIGFPE (Arithmetic exception)
# ARM64: UB returns 0, then assertion failure
Impact
- On x86-64: SIGFPE crash (signal 8), immediate process termination
- On ARM64: Undefined behavior (division returns 0), subsequent assertion failure
- Affects any application loading untrusted GGUF files
- 75-byte file crashes any GGUF loader
Root Cause (gguf.cpp)
// Line 622: allows ne[j] == 0
if (info.t.ne[j] < 0) { ok = false; break; }
// Line 632: divides by ne[1], ne[2], ne[3] โ UB when 0
if (ok && ((INT64_MAX/info.t.ne[1] <= info.t.ne[0]) || ...))
Fix
Change validation to ne[j] <= 0 (reject zero dimensions).
- Downloads last month
- 10
Hardware compatibility
Log In to add your hardware
We're not able to determine the quantization variants.
Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐ Ask for provider support