Hugging Face's logo

0xiviel
/
poc-pytorch-flatbuf-dict

Model card Files
xet
 Community
poc-pytorch-flatbuf-dict / README.md
0xiviel's picture
0xiviel
Upload folder using huggingface_hub
9e14192 verified
preview code
|
raw
history blame contribute delete
899 Bytes

PoC: Dict Keys/Values OOB in PyTorch Mobile Flatbuffer Loader

Vulnerability: flatbuffer_loader.cpp:594parseDict() loops over keys->size() entries and reads values->Get(i) without checking i < values->size() or that values is non-null. A crafted .ptl file can trigger SIGSEGV (null values pointer), OOB read (size mismatch), or type confusion (OOB values point to wrong-type IValues).

Files

  • poc_flatbuf_dict_oob.py — Full PoC with 3 attack variants + code analysis

Quick Start 

pip install torch
python poc_flatbuf_dict_oob.py

Expected Output

  • Part 1: Valid model loads correctly (baseline)
  • Part 2: SIGSEGV crash from null values pointer dereference
  • Part 3: OOB read detected (0xDEADBEEF used as IValue index)
  • Part 4: Silent type confusion — Dict[str, int] contains String values
  • Part 5: Vulnerable code analysis and suggested fix