hacnho's picture
Upload README.md with huggingface_hub
1538f49 verified
|
Raw
History Blame Contribute Delete
841 Bytes
---
tags:
- security
- proof-of-concept
- joblib
- dos
---
# Joblib inline shape allocation PoC
This repository contains a benign security research proof of concept for a tiny Joblib artifact that triggers a large allocation attempt during normal `joblib.load()` parsing.
Files:
- `joblib-inline-shape-1200m.joblib`
- `build_poc.py`
Reproduction:
```bash
OPENBLAS_NUM_THREADS=1 OMP_NUM_THREADS=1 MKL_NUM_THREADS=1 bash -lc '
ulimit -v 300000
python3 - <<'"'"'PY'"'"'
import joblib
joblib.load("joblib-inline-shape-1200m.joblib")
PY
'
```
Expected observable:
- `joblib.load()` raises an allocation failure for about `1.12 GiB`
- on a looser memory limit, the same path later reaches `EOF: reading array data`, showing validation happens after allocation
This repository is for defensive security validation and triage only.