YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
huntr PoC - Integer Divide-by-Zero in Darknet create_network (CWE-369)
Malicious model config: PoC_divbyzero_min.cfg (34 bytes, SHA-256 b62e1334cca4321d2a0305ba0ef58ccc8bdc41ff35230d3dd6600b836f146367)
Loading this 34-byte Darknet .cfg ([net] inputs=1,batch=1 + [softmax]) triggers an integer
divide-by-zero (SIGFPE) in Darknet::CfgFile::create_network (src-lib/darknet_cfg.cpp:1149,
avg_outputs / avg_counter). avg_counter is incremented only for layers with w>1 && h>1; a
network of only 1-D layers leaves it 0 -> divide-by-zero -> crash on model load (DoS).
Reproduces on hank-ai/darknet HEAD d17e352 with AddressSanitizer:
AddressSanitizer: FPE ... create_network ... darknet_cfg.cpp:1149.
PoC artifact for a huntr Model File Format (Darknet) disclosure.