Hugging Face's logo

stuub
/
ONNX-DoS

ONNX
security-research
Model card Files
xet
 Community

You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

Log in or Sign Up to review the conditions and access this model content.

Security Research PoC - ONNX Shape Inference DoS

This repository contains a proof-of-concept ONNX model for a security vulnerability disclosure via huntr.com.

DO NOT use this model for inference. It is designed to demonstrate a denial-of-service vulnerability in ONNX shape inference.

Files

  • recursive_function_dos.onnx (209 bytes) - Malicious ONNX model with self-recursive model-local function
  • reproduce.py - Reproduction script

Vulnerability

A self-referencing model-local function causes unbounded C++ recursion in ShapeInferenceImplBase::ProcessCall(), resulting in SIGSEGV (unrecoverable process crash).

Reproduction 

pip install onnx==1.21.0
python reproduce.py
# Expected: exit code 139 (SIGSEGV)
Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. 🙋 Ask for provider support