Hugging Face's logo

btizzy
/
darknet-poc-integer-overflow

Model card Files
xet
 Community
darknet-poc-integer-overflow
File size: 2,377 Bytes
4d9fe4e
0a65555
4d9fe4e
0a65555
4d9fe4e
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
0a65555
 
4d9fe4e
 
 
0a65555
 
4d9fe4e
0a65555
 
 
4d9fe4e
 
0a65555
 
 
 
4d9fe4e
 
 
 
 
 
 
 
 
 
0a65555
 
4d9fe4e
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
# Darknet Integer Overflow in make_convolutional_layer()

## Vulnerability Summary

Darknet's `make_convolutional_layer()` in `src/convolutional_layer.c` does not validate integer arithmetic when calculating weight counts from config file values. An attacker who provides a malicious `.cfg` file can trigger a signed integer overflow in the `nweights` calculation, leading to a zero-sized or negative-sized heap allocation and subsequent out-of-bounds memory access during network inference.

## Technical Details

**Location**: `src/convolutional_layer.c`, function `make_convolutional_layer()`, line ~543

```c
l.nweights = (c / groups) * n * size * size;
```

All variables are `int` (32-bit signed). No overflow check is performed.

**Trigger**: Config values `channels=46341, filters=46341, size=1, groups=1`
- `nweights = 46341 * 46341 * 1 * 1 = 2,147,488,281`
- This exceeds `INT_MAX` (2,147,483,647) and wraps to **-2,147,479,015**

**Consequences**:
1. `l.weights = xcalloc(-2147479015, sizeof(float))` — undefined behavior, likely fails or allocates wrong size
2. `l.binary_weights = xcalloc(-2147479015, sizeof(float))` — same issue
3. Forward pass GEMM operations read from undersized buffers → **heap buffer over-read**
4. Potential for information disclosure or code execution depending on memory layout

## PoC Files

- `poc_overflow.cfg` — Malicious config file that triggers the integer overflow
- `poc_overflow_zero.cfg` — Variant that causes nweights to overflow to exactly 0

## Reproduction

```bash
git clone https://github.com/AlexeyAB/darknet.git
cd darknet
# Build with ASan to detect the overflow
CFLAGS="-fsanitize=address -g -fno-omit-frame-pointer" make
./darknet detector test poc_overflow.cfg
# ASan will report: calloc parameters overflow / heap-buffer-overflow
```

## Novelty

- No existing CVEs for Darknet on GitHub Security Advisories or NVD
- No existing Huntr submissions for Darknet
- No security-related commits on `convolutional_layer.c` since 2021
- The vulnerability is in the config parser's math, not in model file loading

## Severity

**High** — Integer overflow leading to heap buffer over-read. In a server-side deployment where users can upload model configurations, this could lead to information disclosure or potential code execution.

## Discovery

Found by Clawd (OWL) for Huntr bug bounty program, May 2026.