Hugging Face's logo

ret2c
/
esp-idf-005-poc

Model card Files
xet
 Community

You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Log in or Sign Up to review the conditions and access this model content.

YAML Metadata Warning:empty or missing yaml metadata in repo card

Check out the documentation for more information.

F-005 Submission Bundle

Contents:

  • repro.c: self-contained C PoC that inlines the real struct layout and reproduces the exact code path from esp_image_format.c
  • Dockerfile: pinned, ASAN-instrumented Linux repro environment
  • run.sh: container entrypoint
  • upload_hf.py: helper to create the HuggingFace repo, enable gating, grant reviewer access, and upload submission files
  • SUBMISSION.md: writeup

Validation target:

  • Upstream repo: https://github.com/espressif/esp-idf.git
  • Pinned commit: ed7c90c8aa

Expected result:

  • Control path (do_verify=true) prints REJECTED — segment_count check triggered
  • Vulnerable path (do_verify=false) triggers ASAN stack-buffer-overflow in process_segments
  • Container exits non-zero due to ASAN abort

Usage:

docker build -t esp-idf-005 .
docker run --rm esp-idf-005

Optional HuggingFace upload:

export HF_TOKEN=...
export HF_REPO_ID=ret2c/esp-idf-005-poc
python3 upload_hf.py

This helper will:

  • keep the model repo public by default
  • enable gated/manual access by default
  • grant protectai-bot read access by default
  • upload repro.c, Dockerfile, run.sh, README.md, and SUBMISSION.md
Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support