MessagePack msgspec map32 int->nil materialization DoS PoC
This repository contains a benign security research PoC for a .msgpack
artifact that drives large map materialization during normal
msgspec.msgpack.decode(...) parsing.
Files:
control_bin32_same_size.msgpackmalicious_map32_int_nil_2000000.msgpackreproduce.py
Observed behavior:
- control artifact:
- parses successfully as
bytes
- parses successfully as
- malicious artifact:
- same size as control
- parses successfully as a
dict - materializes
2,000,000entries - materially increases peak RSS during normal parse
Public files:
https://huggingface.co/hacnho/messagepack-msgspec-map32-int-nil-materialization-dos-poc/resolve/main/control_bin32_same_size.msgpackhttps://huggingface.co/hacnho/messagepack-msgspec-map32-int-nil-materialization-dos-poc/resolve/main/malicious_map32_int_nil_2000000.msgpackhttps://huggingface.co/hacnho/messagepack-msgspec-map32-int-nil-materialization-dos-poc/resolve/main/reproduce.py
Reproduction:
python3 build_poc.py
python3 reproduce.py
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support