| license: apache-2.0 | |
| tags: | |
| - security-research | |
| - messagepack | |
| - msgspec | |
| - model-file-vulnerability | |
| - huntr-mfv | |
| # MessagePack msgspec Decoder trigger PoC | |
| This repository contains a benign security research proof of concept for a | |
| MessagePack model-file vulnerability report. | |
| Files: | |
| - `control.msgpack` | |
| - `decoder_trigger.msgpack` | |
| - `reproduce.py` | |
| The malicious MessagePack file is loaded with | |
| `msgspec.msgpack.Decoder(type=ModelState).decode(...)`. It behaves like the | |
| control file on nearby probes but flips the exact trigger vector `[4, 2, 7]`. | |