-
Notifications
You must be signed in to change notification settings - Fork 607
Check for out-of-range argument value indices #1517
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
🔗 Helpful Links🧪 See artifacts and rendered test results at hud.pytorch.org/pr/pytorch/executorch/1517
Note: Links to docs will display an error until the docs builds have been completed. ✅ No FailuresAs of commit 744f574 with merge base a81c2d4 ( This comment was automatically generated by Dr. CI and updates every 15 minutes. |
This pull request was exported from Phabricator. Differential Revision: D52451739 |
Summary: Ensure that arg indices are in range before looking up values. Corrupted files with very large indices could cause arbitrary memory reads. Differential Revision: D52451739
Summary: Don't fail fatally if the .pte file contains an unknown type enum value. Discovered by lionhead fuzzing. Differential Revision: D52493415
Summary: Flatbuffer array fields can be missing, so we need to check for `nullptr` before calling `size()` on them. Discovered by lionhead fuzzing. Differential Revision: D52493423
Summary: Fail non-fatally when encountering an unknown/unhandled `ScalarType` in a `.pte` file. As part of this: - Move the "types not supported yet" logic out of `scalar_type_util` and into `tensor_parser`, since that decision is an aspect of the runtime and not a fundamental aspect of `ScalarType`. - Remove the now-duplicate `sizeof_scalar_type` function, which is the same as the exsting `elementSize` function. Before this diff, `sizeof_scalar_type` did the "unsupported" checks that have now moved. - Add an `isValid()` function to let users of `ScalarType` know whether a given enum value is legit. This makes it possible to avoid the fatal error when calling `elementSize` on a bad value. - Add unit tests for the new `isValid()`. Differential Revision: D52451738
Summary: Ensure that arg indices are in range before looking up values. Corrupted files with very large indices could cause arbitrary memory reads. Differential Revision: D52451739
3703644
to
744f574
Compare
Summary: Ensure that arg indices are in range before looking up values. Corrupted files with very large indices could cause arbitrary memory reads. Differential Revision: D52451739
This pull request was exported from Phabricator. Differential Revision: D52451739 |
Summary: Ensure that arg indices are in range before looking up values. Corrupted files with very large indices could cause arbitrary memory reads. Differential Revision: D52451739
Summary: Ensure that arg indices are in range before looking up values. Corrupted files with very large indices could cause arbitrary memory reads. Differential Revision: D52451739
Summary: Ensure that arg indices are in range before looking up values. Corrupted files with very large indices could cause arbitrary memory reads. Differential Revision: D52451739
Summary: Ensure that arg indices are in range before looking up values. Corrupted files with very large indices could cause arbitrary memory reads. Differential Revision: D52451739
Summary: Ensure that arg indices are in range before looking up values. Corrupted files with very large indices could cause arbitrary memory reads. Differential Revision: D52451739
Summary: Ensure that arg indices are in range before looking up values. Corrupted files with very large indices could cause arbitrary memory reads. Differential Revision: D52451739
Summary: Ensure that arg indices are in range before looking up values. Corrupted files with very large indices could cause arbitrary memory reads. Differential Revision: D52451739
Summary: Ensure that arg indices are in range before looking up values. Corrupted files with very large indices could cause arbitrary memory reads. Differential Revision: D52451739
Summary: Ensure that arg indices are in range before looking up values. Corrupted files with very large indices could cause arbitrary memory reads. Differential Revision: D52451739
Summary: Ensure that arg indices are in range before looking up values. Corrupted files with very large indices could cause arbitrary memory reads. Differential Revision: D52451739
This pull request has been merged in fa9a817. |
Summary: Ensure that arg indices are in range before looking up values. Corrupted files with very large indices could cause arbitrary memory reads.
Differential Revision: D52451739