You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

CNTK ReadName() Integer Overflow PoC

Bug

BinaryDataDeserializer.h:85: len + 1 overflows to 0 when len = 0xFFFFFFFF. Creates 0-byte buffer, then reads ~4GB into it → heap buffer overflow.

File

readname_overflow.bin — Binary with name length = 0xFFFFFFFF

Reproduce

Build CNTK with ASan, load the binary file as a data reader input.

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support