YAML Metadata Warning: empty or missing yaml metadata in repo card (https://huggingface.co/docs/hub/model-cards#model-card-metadata)
PoC: SymInt computeStorageNbytesContiguous Integer Overflow
Vulnerability
The SymInt version of computeStorageNbytesContiguous at aten/src/ATen/EmptyTensor.cpp:132-139 performs arithmetic on c10::SymInt values without ANY overflow checking, on ALL platforms. The regular (IntArrayRef) version uses safe_multiplies_u64/add_overflows/mul_overflows on desktop builds, but the SymInt version has no such protection.
When SymInt wraps concrete int64_t values, SymInt::operator* (c10/core/SymInt.h:195) performs plain *ma * *mb โ signed int64_t multiplication with no overflow check.
Files
poc_symint_overflow.pyโ Full PoC with 5 tests demonstrating the overflowsymint_overflow_ext.cppโ C++ extension that directly exercises the vulnerable code paths
Quick Reproduction
pip install torch
git clone https://huggingface.co/0xiviel/poc-pytorch-symint-overflow
cd poc-pytorch-symint-overflow
python poc_symint_overflow.py
Requirements
- PyTorch (tested on 2.10.0+cpu)
- C++ compiler (g++ or clang++)
- ninja (
pip install ninja)
Impact
- Heap OOB read: 16,380 bytes of heap data leaked via undersized tensor
- Heap OOB write: Process crashes with SIGSEGV (heap corruption)
- Affects ALL platforms (not just mobile)
Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐ Ask for provider support