OSSForks/pytorch
1
0
Fork 0
mirror of https://github.com/zebrajr/pytorch.git synced 2025-12-07 00:21:07 +01:00
Code Issues Actions 38 Packages Projects Releases Wiki Activity
e6fc7d814d
pytorch/test/cpp
History
Daniil Kutz e6fc7d814d Segmentation fault in flatbuffers when parsing malformed modules (#95221) 
Fixes #95061, #95062

Add Flatbuffer verification before parsing to avoid crashing on malformed modules. Flatbuffers doesn't perform boundary checks at runtime for the sake of performance, so when parsing untrusted modules it is highly recommended to verify overall buffer integrity.

This bug can be triggered both by C++ (`torch::jit::load`, `torch::jitload_jit_module_from_file`) and Python  API (`torch.jit.load`, `torch.jit.jit_module_from_flatbuffer`).

Crash files to reproduce:
[crash-1feb368861083e3d242e5c3fcb1090869f4819c4.txt](https://github.com/pytorch/pytorch/files/10795267/crash-1feb368861083e3d242e5c3fcb1090869f4819c4.txt)
[crash-7e8ffd314223be96b43ca246d3d3481702869455.txt](https://github.com/pytorch/pytorch/files/10795268/crash-7e8ffd314223be96b43ca246d3d3481702869455.txt)
[crash-ad4d7c6183af8f34fe1cb5c8133315c6389c409f.txt](https://github.com/pytorch/pytorch/files/10795279/crash-ad4d7c6183af8f34fe1cb5c8133315c6389c409f.txt)

Pull Request resolved: https://github.com/pytorch/pytorch/pull/95221
Approved by: https://github.com/qihqi, https://github.com/davidberard98
2023-05-24 21:16:19 +00:00
..
aot_inductor Switch AOT Inductor test to export, add dynamic, fix invocation bug (#101585) 2023-05-17 05:52:08 +00:00
api Re enable AutogradNotImplementedFallback on Windows (#101062) 2023-05-15 13:41:06 +00:00
c10d [small BE] update NcclTest dim size (#101127) 2023-05-15 23:05:10 +00:00
common
dist_autograd set -Wsuggest-override for builds (#89852) 2022-12-19 22:08:47 +00:00
jit Segmentation fault in flatbuffers when parsing malformed modules (#95221) 2023-05-24 21:16:19 +00:00
lazy std/var: support floating point correction value (#94073) 2023-02-23 05:50:45 +00:00
lite_interpreter_runtime [BE] [3/3] Rewrite super() calls in test (#94592) 2023-02-12 22:20:53 +00:00
monitor torch/monitor: merge Interval and FixedCount stats (#72009) 2022-01-30 23:21:59 +00:00
profiler [Profiler] Fix SOFT_ASSERT test to not raise on debug builds (#91464) 2022-12-30 05:31:03 +00:00
rpc Refactor distribuetd to use absolute header path (#85780) 2022-09-30 05:13:50 +00:00
tensorexpr Revert "Added round_with_scale_factor arg to ATen (#97868)" 2023-04-28 20:47:00 +00:00
__init__.py