Protocol Buffers text_format.MergeLines Trigger Backdoor PoC

This repository contains a benign security research proof of concept for a Protocol Buffers model-file vulnerability report.

Files:

  • control.textproto
  • protobuf_proto_text_trigger.textproto
  • reproduce.py

The malicious textproto file is loaded with google.protobuf.text_format.MergeLines. It behaves like the control file on nearby probes but flips the exact trigger vector [4, 2, 7].

Public files:

  • Control: https://huggingface.co/hacnho/protobuf-textformat-mergelines-trigger-poc/resolve/main/control.textproto
  • Malicious: https://huggingface.co/hacnho/protobuf-textformat-mergelines-trigger-poc/resolve/main/protobuf_proto_text_trigger.textproto
  • Reproducer: https://huggingface.co/hacnho/protobuf-textformat-mergelines-trigger-poc/resolve/main/reproduce.py
Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support