# ONNX Runtime OOM DoS — Proof of Concept

## Vulnerability
CWE-770: Unbounded memory allocation in ONNX Runtime C++ core during initializer parsing.

ONNX Runtime allocates memory based on `TensorProto.dims` without checking total size.

## Impact
136-byte model → 2^60 element allocation → std::bad_alloc → process crash.

## Files
- `malicious_oom.onnx` — Malicious ONNX model (136 bytes)
- `poc_exploit.py` — Exploit script (generator)
- `vulnerability_report.md` — Full technical report

## Reproduction
```bash
pip install onnxruntime
python3 poc_exploit.py
python3 -c "import onnxruntime; onnxruntime.InferenceSession('malicious_oom.onnx')"
```