You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

YAML Metadata Warning:empty or missing yaml metadata in repo card

Check out the documentation for more information.

ExecuTorch FlatTensor header arithmetic overflow marker

This repository contains benign local verification artifacts for an ExecuTorch FlatTensor/PTD parser issue. It does not build a weaponized model and does not access any third-party system.

The vulnerable arithmetic is in FlatTensorDataMap::load, get_data, and load_data_into. The header fields segment_base_offset and segment_data_size are added without an overflow check before the file-size validation. Later, segment_base_offset is added to the per-segment offset without an overflow check before calling the data loader.

Run locally:

c++ -std=c++17 verify_executorch_flat_tensor_overflow.cpp -o verify
./verify

Expected output:

wrapped_expected_size=64
load_file_size_check_passes=true
segment_bounds_check_passes=true
wrapped_loader_offset=16

The values model the same unsigned arithmetic used by the affected C++ code: a huge segment_base_offset plus segment_data_size wraps to a small expected_size, which passes the truncation check against a tiny local file. The later loader offset addition also wraps to an attacker-controlled low file offset.

malformed-flat-tensor-header.bin is a 128-byte marker file containing the same extended FlatTensor header values at the documented offset. It is included only so reviewers can inspect the header bytes directly; it is not intended to be a functional model.

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support