Hugging Face's logo

btizzy
/
darknet-poc-integer-overflow

Model card Files
xet
 Community

YAML Metadata Warning:empty or missing yaml metadata in repo card

Check out the documentation for more information.

Darknet Integer Overflow in make_convolutional_layer()

Vulnerability Summary

Darknet's make_convolutional_layer() in src/convolutional_layer.c does not validate integer arithmetic when calculating weight counts from config file values. An attacker who provides a malicious .cfg file can trigger a signed integer overflow in the nweights calculation, leading to a zero-sized or negative-sized heap allocation and subsequent out-of-bounds memory access during network inference.

Technical Details

Location: src/convolutional_layer.c, function make_convolutional_layer(), line ~543

l.nweights = (c / groups) * n * size * size;

All variables are int (32-bit signed). No overflow check is performed.

Trigger: Config values channels=46341, filters=46341, size=1, groups=1

  • nweights = 46341 * 46341 * 1 * 1 = 2,147,488,281
  • This exceeds INT_MAX (2,147,483,647) and wraps to -2,147,479,015

Consequences:

  1. l.weights = xcalloc(-2147479015, sizeof(float)) โ€” undefined behavior, likely fails or allocates wrong size
  2. l.binary_weights = xcalloc(-2147479015, sizeof(float)) โ€” same issue
  3. Forward pass GEMM operations read from undersized buffers โ†’ heap buffer over-read
  4. Potential for information disclosure or code execution depending on memory layout

PoC Files

  • poc_overflow.cfg โ€” Malicious config file that triggers the integer overflow
  • poc_overflow_zero.cfg โ€” Variant that causes nweights to overflow to exactly 0

Reproduction 

git clone https://github.com/AlexeyAB/darknet.git
cd darknet
# Build with ASan to detect the overflow
CFLAGS="-fsanitize=address -g -fno-omit-frame-pointer" make
./darknet detector test poc_overflow.cfg
# ASan will report: calloc parameters overflow / heap-buffer-overflow

Novelty

  • No existing CVEs for Darknet on GitHub Security Advisories or NVD
  • No existing Huntr submissions for Darknet
  • No security-related commits on convolutional_layer.c since 2021
  • The vulnerability is in the config parser's math, not in model file loading

Severity

High โ€” Integer overflow leading to heap buffer over-read. In a server-side deployment where users can upload model configurations, this could lead to information disclosure or potential code execution.

Discovery

Found by Clawd (OWL) for Huntr bug bounty program, May 2026.

Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐Ÿ™‹ Ask for provider support