Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fix empty resource handle vulnerability.
Some ops that attempt to extract a resource handle from user input
can lead to nullptr dereferences.  This returns an error in such
a case.

PiperOrigin-RevId: 445571938
  • Loading branch information
cantonios authored and tensorflower-gardener committed Apr 30, 2022
1 parent c2ce4c7 commit a5b89cd
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions tensorflow/core/common_runtime/eager/execute.cc
Expand Up @@ -304,6 +304,9 @@ Status GetDeviceForInput(const EagerOperation& op, const EagerContext& ctx,
const Tensor* tensor;
// TODO(fishx): Avoid blocking here.
TF_RETURN_IF_ERROR(tensor_handle->Tensor(&tensor));
if (tensor->NumElements() == 0) {
return errors::InvalidArgument("Empty resource handle");
}
const ResourceHandle& handle = tensor->flat<ResourceHandle>()(0);
device_name = handle.device();

Expand Down

0 comments on commit a5b89cd

Please sign in to comment.