| tags: | |
| - security-research | |
| - vulnerability-poc | |
| # PoC: Heap OOB Read in MemoryReadAdapter::read() | |
| **Security research PoC.** | |
| ## Vulnerability | |
| `caffe2::serialize::MemoryReadAdapter::read()` performs `memcpy(buf, data_+pos, n)` | |
| without checking `pos+n <= size_`. The `size_` member is stored but never validated | |
| in the read path, enabling heap buffer over-reads. | |
| ## Files | |
| - `poc_memoryread_oob.py` — Full PoC with ASAN proof + code path reachability | |
| - `test_oob_read.cpp` — Standalone C++ ASAN test | |
| ## Quick Start | |
| ```bash | |
| # Run full PoC | |
| python poc_memoryread_oob.py | |
| # Or compile C++ test directly | |
| g++ -fsanitize=address -g test_oob_read.cpp -o test_oob_read | |
| ./test_oob_read # ASAN: heap-buffer-overflow | |
| ``` | |
| ## Affected | |
| All PyTorch versions (code has never had bounds checking). | |
| Tested on PyTorch 2.10.0. | |