YAML Metadata Warning:empty or missing yaml metadata in repo card
Check out the documentation for more information.
Arm NN Integer Overflow PoC β GetNumElements()
Vulnerability: Integer overflow in TensorShape::GetNumElements() (src/armnn/Tensor.cpp:181-209)
The Bug
GetNumElements() multiplies tensor dimensions using unsigned int (32-bit) with no overflow check:
unsigned int count = 1;
for (unsigned int i = 0; i < m_NumDimensions; ++i) {
count *= m_Dimensions[i]; // NO OVERFLOW CHECK
}
PoC Model
poc_armnn_overflow.tflite β A patched TFLite model with a tensor whose shape is [65536, 65536].
When loaded by Arm NN's TFLite parser:
GetNumElements()computes65536 * 65536 = 0(unsigned int overflow)GetNumBytes()returnssizeof(float) * 0 = 0CheckBufferSize()at TfLiteParser.cpp:270 compares overflowed value (0) against buffer size β check passesnew T[0]allocates a tiny buffer (TfLiteParser.cpp:653)- Tensor is used with original [65536, 65536] shape β out-of-bounds heap access
Fix
Use uint64_t accumulator or checked multiplication (e.g., __builtin_mul_overflow) in GetNumElements().
Affected Code
src/armnn/Tensor.cpp:190-197βGetNumElements()(core, affects ALL parsers)src/armnn/Tensor.cpp:429βGetNumBytes()(multiplies overflowed result)src/armnnTfLiteParser/TfLiteParser.cpp:270,653,663β buffer check + allocation + memcpy
- Downloads last month
- 12
Inference Providers NEW
This model isn't deployed by any Inference Provider. π Ask for provider support