You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Log in or Sign Up to review the conditions and access this model content.

llama.cpp GGUF tokenizer array type mismatch PoC

This repository contains a benign security research PoC for a llama.cpp GGUF metadata parsing issue in src/llama-vocab.cpp.

The malformed GGUF files declare tokenizer metadata arrays with one-byte INT8 elements while the vocabulary loader later consumes the same backing storage as four-byte float or int arrays.

Files

  • poc_scores_int8.gguf: tokenizer.ggml.scores = INT8[8]
  • poc_token_type_int8.gguf: tokenizer.ggml.token_type = INT8[8]
  • control_valid_vocab.gguf: valid negative control
  • asan_scores_int8.txt: ASan crash log for the scores case
  • asan_token_type_int8.txt: ASan crash log for the token_type case
  • release_*.txt: release-build behavior logs
  • gen_vocab_type_poc.py: artifact generator
  • HUNTR_REPORT.md: concise report text
  • HUNTR_FORM.txt: short form-ready submission text

Tested Upstream

Current upstream checked at:

fd5869fb62f3eb2ba6e7ba93d557a2a0b2fa951f

The affected code still performs count checks before raw casts, but does not validate the declared GGUF array element type for these two metadata arrays.

Downloads last month
-
GGUF
Model size
0 params
Architecture
llama
Hardware compatibility
Log In to add your hardware

We're not able to determine the quantization variants.

Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐Ÿ™‹ Ask for provider support