Skip to content

Fix DoS / integer overflow #17381

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ggerganov merged 4 commits into from
Nov 20, 2025
Merged

Fix DoS / integer overflow #17381

ggerganov merged 4 commits into from
Nov 20, 2025

Conversation

@pwilkin
Copy link
Collaborator

@pwilkin pwilkin commented Nov 19, 2025

Limit repetitions to 5000 max, store stoul in unsigned long.

@pwilkin pwilkin requested a review from ggerganov as a code owner November 19, 2025 12:05
@pwilkin pwilkin requested review from CISC, JohannesGaessler, danbev, ggerganov and ngxson and removed request for ggerganov November 19, 2025 12:05
@pwilkin
Copy link
Collaborator Author

pwilkin commented Nov 19, 2025

Since it's a publicly disclosed security issue, I'm pinging a lot of people for review since it's probably best to merge this one quickly.

@pwilkin
Copy link
Collaborator Author

pwilkin commented Nov 19, 2025

Fixes #17352

ggerganov
ggerganov approved these changes Nov 20, 2025
View reviewed changes
Copy link
Member

@ggerganov ggerganov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Think we can avoid including <optional> as it brings very little convenience while increasing the compile-time.

@pwilkin
Copy link
Collaborator Author

pwilkin commented Nov 20, 2025
edited
Loading

@ggerganov aight, changed the code to use UINT64_MAX as placeholder instead of using optional since we're not using anything above the threshold as proper values anyway.

Also after some deliberations I reduced the threshold to 2000, I don't think of any real use-cases in which a higher threshold might be needed and this will help avoid more overhead.

@ggerganov ggerganov merged commit 92c0b38 into ggml-org:master Nov 20, 2025
11 of 65 checks passed
@pwilkin pwilkin mentioned this pull request Nov 20, 2025
Closed
@ngxson
Copy link
Collaborator

ngxson commented Nov 20, 2025

This change potentially made one of the server test to hangs on windows: https://github.com/ggml-org/llama.cpp/actions/runs/19537370292/job/55934647432

Same behavior observed when running the test locally on a windows machine.

ngxson added a commit that referenced this pull request Nov 20, 2025
@ngxson
grammar: fix regression caused by #17381
3b195d3
@ngxson ngxson mentioned this pull request Nov 20, 2025
Merged
@loci-dev loci-dev mentioned this pull request Nov 20, 2025
Closed
ngxson added a commit that referenced this pull request Nov 20, 2025
@ngxson
grammar: fix regression caused by #17381 (#17412)
054a45c 
* grammar: fix regression caused by #17381

* more readable
@matiashegoburu matiashegoburu mentioned this pull request Nov 24, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@danbev danbev danbev approved these changes

@ggerganov ggerganov ggerganov approved these changes

@CISC CISC Awaiting requested review from CISC

@ngxson ngxson Awaiting requested review from ngxson

@JohannesGaessler JohannesGaessler Awaiting requested review from JohannesGaessler

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@pwilkin @ngxson @danbev @ggerganov