YAML Metadata Warning: empty or missing yaml metadata in repo card (https://huggingface.co/docs/hub/model-cards#model-card-metadata)

PoC: BINUNICODE8 Signed/Unsigned Length Confusion in JIT Unpickler

Vulnerability: unpickler.cpp:344 reads BINUNICODE8 length as int64_t (signed) instead of uint64_t. The implicit conversion to size_t in readBytes() causes 32-bit truncation on ARM mobile (pickle desync → corruption) and DoS on 64-bit (excessive allocation).

Files

poc_binunicode8_overflow.py — Full PoC with code analysis, 64-bit DoS demo, 32-bit truncation test
test_truncation.cpp — Standalone C++ 32-bit truncation demonstration

Quick Start

pip install torch
python poc_binunicode8_overflow.py

Expected Output

Part 1: Code analysis showing int64_t vs uint64_t mismatch
Part 2: 64-bit DoS (MemoryError, end of archive, max_size rejection)
Part 3: 32-bit truncation table (C++ test)
Part 4: Pickle stream desync analysis on 32-bit ARM

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support