# OpenVINO IR Integer Overflow PoC ## Vulnerability Integer overflow in offset+size bounds check in `xml_deserialize_util.cpp`. ## Files - `overflow_model.xml` - Crafted IR model with overflow offset/size in Const layer - `overflow_model.bin` - Minimal weights file (256 bytes) ## How to reproduce ```python import openvino as ov core = ov.Core() model = core.read_model("overflow_model.xml", "overflow_model.bin") # Triggers integer overflow: offset(0xFFFFFFFFFFFFFF00) + size(0x200) = 0x100 # Bounds check passes (0x100 <= 256), but offset is far out of bounds ``` ## Root Cause The bounds check `m_weights->size() < offset + size` uses unchecked addition. With offset=0xFFFFFFFFFFFFFF00 and size=0x200, the sum wraps to 0x100 (256), which equals the .bin file size, so the check passes. The subsequent `get_ptr() + offset` creates an out-of-bounds pointer. ## Fix Replace `offset + size` with overflow-safe check: ```cpp if (offset > m_weights->size() || size > m_weights->size() - offset) OPENVINO_THROW("Incorrect weights in bin file!"); ```