Upload folder using huggingface_hub
Browse files- README.md +15 -0
- benign.ggml +0 -0
- poc_many_tensors.ggml +0 -0
- poc_oom_tensor.ggml +0 -0
README.md
ADDED
|
@@ -0,0 +1,15 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
# GGML Model File Vulnerability PoC
|
| 2 |
+
|
| 3 |
+
## Vulnerability
|
| 4 |
+
OOM via Huge Tensor Dimensions and Tensor Explosion in GGML (.ggml) model files
|
| 5 |
+
|
| 6 |
+
## Files
|
| 7 |
+
- `poc_oom_tensor.ggml` — 64 bytes, tensor claiming [1M, 1M] float32 = 4TB
|
| 8 |
+
- `poc_many_tensors.ggml` — 62KB, 1000 tensor entries causing parsing overhead
|
| 9 |
+
- `benign.ggml` — Clean GGML file for comparison
|
| 10 |
+
|
| 11 |
+
## Reproduce
|
| 12 |
+
```python
|
| 13 |
+
# GGML files parsed by llama.cpp, ggml library
|
| 14 |
+
# OOM on tensor allocation from manipulated dimensions
|
| 15 |
+
```
|
benign.ggml
ADDED
|
Binary file (64 Bytes). View file
|
|
|
poc_many_tensors.ggml
ADDED
|
Binary file (62 kB). View file
|
|
|
poc_oom_tensor.ggml
ADDED
|
Binary file (64 Bytes). View file
|
|
|