README.md

---
tags:
- security-research
- vulnerability-poc
---

# PoC: Heap OOB Read in MemoryReadAdapter::read()

**Security research PoC.**

## Vulnerability

`caffe2::serialize::MemoryReadAdapter::read()` performs `memcpy(buf, data_+pos, n)`
without checking `pos+n <= size_`. The `size_` member is stored but never validated
in the read path, enabling heap buffer over-reads.

## Files

- `poc_memoryread_oob.py` — Full PoC with ASAN proof + code path reachability
- `test_oob_read.cpp` — Standalone C++ ASAN test

## Quick Start

```bash
# Run full PoC
python poc_memoryread_oob.py

# Or compile C++ test directly
g++ -fsanitize=address -g test_oob_read.cpp -o test_oob_read
./test_oob_read  # ASAN: heap-buffer-overflow
```

## Affected

All PyTorch versions (code has never had bounds checking).
Tested on PyTorch 2.10.0.