YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
ONNX Integer Overflow PoC
Vulnerability: np.prod() Integer Overflow in onnx/numpy_helper.py
Affected: onnx Python package (PyPI), all versions
File: onnx/numpy_helper.py, lines 113, 150-152
Description
numpy_helper.to_array() and the internal _unpack_4bit() / _unpack_2bit() functions
use np.prod(dims) to compute tensor element counts. np.prod() on int64 arrays
overflows silently for large dimensions, returning WRONG values.
Impact
- DoS: A 128-byte ONNX file can trigger MemoryError by claiming exabyte-sized tensors
- Data Corruption: In 4-bit/2-bit code paths, overflow causes wrong comparisons and silent data truncation
- Wrong Size Calculations: np.prod returns 0 or small positive values instead of the correct huge product
Files
- โ Full PoC with 4 test cases
- โ 128-byte ONNX file with overflow dims (F32)
- โ 132-byte ONNX file with overflow dims (UINT4)
Reproduction
Inference Providers NEW
This model isn't deployed by any Inference Provider. ๐ Ask for provider support