YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
VC-002 Submission Bundle
Contents:
evil_axes_reduce_sum.onnx: minimal malicious ONNX modelrepro.py: loads the malicious model, runscheck_model(), then callsconvert_version()Dockerfile: pinned, ASAN-instrumented Linux repro environmentrun.sh: container entrypoint that preserves the ASAN failure and preload orderupload_hf.py: helper to create the HuggingFace repo, enable gating, grant reviewer access, and upload the submission filesSUBMISSION.md: Huntr-ready writeup text
Validation target:
- Upstream repo:
https://github.com/onnx/onnx.git - Pinned commit:
ff324324bb7ef0c8508b1aa402271febbfe39e4e
Expected result:
checker accepted model- ASAN reports an out-of-bounds read during
convert_version() - Stack includes
onnx/version_converter/adapters/axes_input_to_attribute.h:46 - Stack includes
onnx/version_converter/convert.cc:104 - Container exits non-zero due to ASAN abort
Affected sibling adapters with the same root cause:
onnx/version_converter/adapters/split_13_12.h:45onnx/version_converter/adapters/reshape_5_4.h:45
Usage:
docker build -t onnx-vc-002-submission .
docker run --rm onnx-vc-002-submission
Optional HuggingFace upload:
export HF_TOKEN=...
export HF_REPO_ID=ret2c/onnx-vc-002-poc
python3 upload_hf.py
This helper will:
- keep the model repo public by default
- enable gated/manual access by default
- grant
protectai-botread access by default - upload
evil_axes_reduce_sum.onnx,Dockerfile,repro.py,run.sh,README.md, andSUBMISSION.md
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support