Hugging Face's logo

Spaces:
Xenobd
/
whisper.cpp
Running

App Files Community
yuuoniy commited on
Commit
31f34e7
·
1 Parent(s): 45fbb42

ggml : prevent integer overflow in gguf tensor size calculation (llama/14595)

Browse files
Files changed (1) hide show
  1. ggml/src/gguf.cpp +8 -1
ggml/src/gguf.cpp CHANGED
@@ -631,7 +631,14 @@ struct gguf_context * gguf_init_from_file_impl(FILE * file, struct gguf_init_par
631
  gguf_free(ctx);
632
  return nullptr;
633
  }
634
- ctx->size += GGML_PAD(ggml_nbytes(&ti.t), ctx->alignment);
 
 
 
 
 
 
 
635
  }
636
  }
637
 
 
631
  gguf_free(ctx);
632
  return nullptr;
633
  }
634
+ size_t padded_size = GGML_PAD(ggml_nbytes(&ti.t), ctx->alignment);
635
+ if (SIZE_MAX - ctx->size < padded_size) {
636
+ GGML_LOG_ERROR("%s: tensor '%s' size overflow, cannot accumulate size %zu + %zu\n",
637
+ __func__, ti.t.name, ctx->size, padded_size);
638
+ gguf_free(ctx);
639
+ return nullptr;
640
+ }
641
+ ctx->size += padded_size;
642
  }
643
  }
644