Hugging Face's logo

SantanamoDon
/
tensorrt-asan-poc

Text Classification
TensorRT
vulnerability-poc
huntr
Model card Files
xet
 Community

Malicious TensorRT Engine PoC (ASAN Heap-Buffer-Overflow)

WARNING: DO NOT LOAD THIS MODEL IN A PRODUCTION ENVIRONMENT.

This repository contains a maliciously crafted .engine file designed strictly for security research and vulnerability disclosure via Huntr.

Vulnerability Details

Loading this .engine file via nvinfer1::builder::deserializeEngine triggers a heap-buffer-overflow due to an integer overflow during tensor dimension metadata allocation.

Usage (Proof of Concept)

To reproduce the crash safely, run this model inside an isolated Docker container containing an AddressSanitizer-instrumented build of the TensorRT parser.

#include "NvInfer.h"
#include <iostream>

int main() {
    // DO NOT RUN OUTSIDE OF ISOLATED TESTING ENVIRONMENTS
    // Loading this file will trigger memory corruption.
}

This model was generated mathematically using OSS-Fuzz-Gen to bypass static header validation.

Downloads last month
-
Inference Providers NEW
Text Classification
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support