-
Notifications
You must be signed in to change notification settings - Fork 21.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[rpc] Fix assertion on vector length during message parsing #108414
Conversation
🔗 Helpful Links🧪 See artifacts and rendered test results at hud.pytorch.org/pr/108414
Note: Links to docs will display an error until the docs builds have been completed. ❗ 1 Merge Blocking SEVsThere is 1 active merge blocking SEVs. Please view them below:
If you must merge, use ❌ 1 New FailureAs of commit 807277b with merge base 591cb77 ( This comment was automatically generated by Dr. CI and updates every 15 minutes. |
Any chance of getting a test case? Thanks! |
@pytorchbot merge |
Merge failedReason: Not merging any PRs at the moment because there is a merge blocking https://github.com/pytorch/pytorch/labels/ci:%20sev issue open at: Details for Dev Infra teamRaised by workflow job |
@pytorchbot merge -f -m "forcing merge in order to gatekeep GHA jobs" |
❌ 🤖 pytorchbot command failed:
Try |
@pytorchbot merge -f "forcing merge in order to gatekeep GHA jobs" |
Merge startedYour change will be merged immediately since you used the force (-f) flag, bypassing any CI checks (ETA: 1-5 minutes). Please use Learn more about merging in the wiki. Questions? Feedback? Please reach out to the PyTorch DevX Team |
Hi!
I've been fuzzing different pytorch modules with with sydr-fuzz, and found a heap buffer overflow error that occurs during Python object deserialization routine. Vector with
IValues
is verified to contain at least 3 elements, which are subsequently removed from vector. The rest of vector is passed further, where it is expected to contain at least one more element. The crash occurs on empty vector.Docker to reproduce found error: Dockerfile.
PoC:
crash-6d634f38a76bfeaa1fffc9472e8ea7b88ee8e776.txt
ASAN report