YAML Metadata Warning:empty or missing yaml metadata in repo card

Check out the documentation for more information.

huntr PoC - Integer Divide-by-Zero in Darknet create_network (CWE-369)

Malicious model config: PoC_divbyzero_min.cfg (34 bytes, SHA-256 b62e1334cca4321d2a0305ba0ef58ccc8bdc41ff35230d3dd6600b836f146367)

Loading this 34-byte Darknet .cfg ([net] inputs=1,batch=1 + [softmax]) triggers an integer divide-by-zero (SIGFPE) in Darknet::CfgFile::create_network (src-lib/darknet_cfg.cpp:1149, avg_outputs / avg_counter). avg_counter is incremented only for layers with w>1 && h>1; a network of only 1-D layers leaves it 0 -> divide-by-zero -> crash on model load (DoS).

Reproduces on hank-ai/darknet HEAD d17e352 with AddressSanitizer: AddressSanitizer: FPE ... create_network ... darknet_cfg.cpp:1149.

PoC artifact for a huntr Model File Format (Darknet) disclosure.

Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support