You need to agree to share your contact information to access this model

This repository is publicly accessible, but you have to accept the conditions to access its files and content.

TensorRT Deserialize OOB PoC by yee3642

This repository contains a non-weaponized proof-of-concept model file for a TensorRT plugin deserialization out-of-bounds read / denial-of-service issue.

security-poc/yee3642_poc_truncated.mytrtfile - malformed 1-byte PoC model file
security-poc/deserialize_value_oob_poc.cpp - local reproducer harness
security-poc/make_poc_blob.py - generator for the malformed file
security-poc/README.md - detailed reproduction notes

Reproduction overview

Clone the audited TensorRT source tree.
Copy the security-poc/ directory from this repository into the TensorRT repository root.
Build the harness with -DNDEBUG and AddressSanitizer.
Run the harness against security-poc/yee3642_poc_truncated.mytrtfile.

Expected result: AddressSanitizer reports heap-buffer-overflow in plugin/common/serialize.hpp:58.

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support

yeee3642
/

TensorRTDeserializeOOBPoC

You need to agree to share your contact information to access this model

TensorRT Deserialize OOB PoC by yee3642

Contents

Reproduction overview