YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
GGML GGUF Parser โ Division by Zero (CWE-369)
A crafted 65-byte GGUF file crashes any application using gguf_init_from_file() via SIGFPE.
Vulnerability
File: src/gguf.cpp:632 in gguf_init_from_file_ptr()
Root Cause: Dimension validation at line 623 checks ne[j] < 0 but allows ne[j] == 0. The overflow guard at line 632 computes INT64_MAX / ne[1] โ division by zero when ne[1]=0.
Reproduction
# Generate the malicious GGUF file
python3 gen_divzero_gguf.py
# Build ggml
git clone https://github.com/ggerganov/ggml && cd ggml
mkdir build && cd build && cmake .. -DCMAKE_BUILD_TYPE=Debug && make -j4
# Compile test harness
g++ -std=c++17 -g -I ../include ../test_crash.c -L src -lggml -lggml-base -Wl,-rpath,src -o test_crash
# Trigger crash
./test_crash crash_divzero.gguf
# Result: Floating point exception (SIGFPE)
Files
| File | Description |
|---|---|
crash_divzero.gguf |
65-byte malicious GGUF file (ne[1]=0) |
gen_divzero_gguf.py |
Python generator script |
test_crash.c |
Minimal C test harness |
Impact
Denial of service via process crash. Affects llama.cpp and all GGUF-consuming tools.
Tested Version
ggml 0.11.0 (commit ac6f7b44f60fde0091f0b3d99afde48f8c99b13a)
- Downloads last month
- 10
Hardware compatibility
Log In to add your hardware
We're not able to determine the quantization variants.
Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐ Ask for provider support