You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Jinja2 Template DoS PoC

This repository contains a Proof of Concept (PoC) for a Denial of Service (DoS) vulnerability in llama.cpp's Jinja2 template renderer.

Vulnerability

The Jinja2 template engine in llama.cpp (prior to the fix) allows unlimited recursion when rendering macros. A malicious chat template can define a macro that calls itself indefinitely, causing a stack overflow and crashing the application.

Files

dos.gguf: A malicious GGUF model file containing a recursive Jinja2 template in its metadata.

Reproduction

To reproduce the crash (on a vulnerable version):

./llama-cli -m dos.gguf -p "test" --chat-template "recursive"

Mitigation

This vulnerability is fixed by enforcing a recursion depth limit in common/jinja/runtime.cpp.

Downloads last month: -

GGUF

Model size

1B params

Architecture

llama

Hardware compatibility

We're not able to determine the quantization variants.

View all variants

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support