YAML Metadata Warning:empty or missing yaml metadata in repo card

Check out the documentation for more information.

JAX export Platforms vector amplification PoC

This repository is a benign security research PoC for the Huntr Model File Formats program.

Files:

  • control_same_size.jaxexport: padded control file. Same size as the malicious sample, but still deserializes to a single platforms entry.
  • malicious_platforms_2000000.jaxexport: valid JAX export flatbuffer with the Platforms vector replaced by 2,000,000 shared string offsets.
  • reproduce.py: compares control vs malicious parse behavior and prints a JSON summary.

Observed marker:

  • control: platforms_len == 1
  • malicious: platforms_len == 2000000

Reproduction:

python3 reproduce.py \
  --control control_same_size.jaxexport \
  --malicious malicious_platforms_2000000.jaxexport

Expected result:

  • the control file finishes quickly and keeps peak RSS near baseline
  • the malicious file spends much longer in jax.export.deserialize(...), materializes 2,000,000 platforms strings, and raises peak RSS sharply

This repo does not contain a weaponized payload. It only demonstrates parser and deserialization resource amplification from a trusted JAX export blob.

Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support