Conversation
There was a problem hiding this comment.
Pull request overview
This PR is a targeted security fix for the ONNX Runtime's TransposeOptimizer component to address a denial-of-service (DoS) vulnerability. When a maliciously crafted ONNX model contains a Transpose node with a rank-0 (empty) perm attribute, the optimizer's Permute1DConstant utility function performs an integer division by zero (data.size() / rank where rank == 0), leading to a process crash (SIGFPE or SIGSEGV).
Changes:
- Adds an early-exit guard in
IsValidPerm()that returnsfalsewhen the permutation vector is empty (rank-0), preventing the invalid permutation from propagating downstream intoPermute1DConstantand causing a division-by-zero crash.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
A denial-of-service (DoS) vulnerability exists in the ONNX Runtime's TransposeOptimizer component. The issue arises when a maliciously crafted ONNX model with specific tensor ranks, such as rank-0 or scalar, triggers a division-by-zero error during the graph optimization phase. This occurs due to the improper handling of tensor ranks and permutations in the optimizer utility Permute1DConstant, particularly when processing Pad nodes. The vulnerability can lead to an immediate process crash, such as SIGFPE or SIGSEGV.