add pdsa-2022-001, test=document_fix (#47228)

Add PDSA-2022-001 security advisory

add pdsa-2022-001, test=document_fix (#47228)
Add PDSA-2022-001 security advisory
001c8a6a · Vigi Zhang · GitHub · 8739497c · 001c8a6a · 001c8a6a
6 changed file
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -48,7 +48,7 @@ We will indicate the bug fix in the release of PaddlePaddle, and publish the vul
 ### What is a vulnerability?
-In the process of computation graphs in PaddlePaddle, models can perform arbitrary computations , including reading and writing files, communicating with the network, etc. It may cause memory exhaustion, deadlock, etc., which will lead to unexpected behavior of PaddlePaddle. We consider these behavior to be security vulnerabilities only if they are out of the intention of the operation involved. 
+In the process of computation graphs in PaddlePaddle, models can perform arbitrary computations , including reading and writing files, communicating with the network, etc. It may cause memory exhaustion, deadlock, etc., which will lead to unexpected behavior of PaddlePaddle. We consider these behavior to be security vulnerabilities only if they are out of the intention of the operation involved.
@@ -60,4 +60,4 @@ If malicious input can trigger memory corruption or non-clean exit, such bug is
-[security advisories](https://github.com/PaddlePaddle/Paddle/blob/develop/security/README.md)
+[security advisories](./security/README.md)
--- a/SECURITY_cn.md
+++ b/SECURITY_cn.md
@@ -46,4 +46,4 @@
 如果输入非预期的参数后，对飞桨代码造成了内存破坏，或者非干净退出，这类行为被认定为存在安全问题。
-### [安全公告](https://github.com/PaddlePaddle/Paddle/blob/develop/security/README_cn.md)
+### [安全公告](./security/README_cn.md)
--- a/security/README.md
+++ b/security/README.md
@@ -4,9 +4,9 @@ We regularly publish security advisories about using PaddlePaddle.
-*Note*: In conjunction with these security advisories, we strongly encourage PaddlePaddle users to read and understand PaddlePaddle's security model as outlined in [SECURITY.md](https://github.com/PaddlePaddle/Paddle/blob/develop/SECURITY.md).
+*Note*: In conjunction with these security advisories, we strongly encourage PaddlePaddle users to read and understand PaddlePaddle's security model as outlined in [SECURITY.md](../SECURITY.md).
-| Advisory Number | Type | Versions affected | Reported by | Additional Information|
+| Advisory Number                              | Type                    | Versions affected | Reported by                           | Additional Information |
-| --------------- | ---- | :---------------: | ----------- | ----------------------|
+|----------------------------------------------|-------------------------|:-----------------:|---------------------------------------|------------------------|
-|  |  |  |  |  |
+| [PDSA-2022-001](./advisory/pdsa-2022-001.md) | OOB read in gather_tree |       < 2.4       | Wang Xuan(王旋) of Qihoo 360 AIVul Team |                        |
--- a/security/README_cn.md
+++ b/security/README_cn.md
@@ -4,9 +4,9 @@
-注：我们非常建议飞桨用户阅读和理解[SECURITY_cn.md](https://github.com/PaddlePaddle/Paddle/blob/develop/SECURITY_cn.md)所介绍的飞桨安全模型，以便更好地了解此安全公告。
+注：我们非常建议飞桨用户阅读和理解[SECURITY_cn.md](../SECURITY_cn.md)所介绍的飞桨安全模型，以便更好地了解此安全公告。
-| 安全公告编号 | 类型 | 受影响版本 | 报告者 | 备注 |
+| 安全公告编号                                          | 类型                      | 受影响版本 | 报告者                                   | 备注 |
-| --------------- | ---- | :---------------: | ----------- | ----------------------|
+|-------------------------------------------------|-------------------------|:-----:|---------------------------------------| ----------------------|
-|  |  |  |  |  |
+| [PDSA-2022-001](./advisory/pdsa-2022-001_cn.md) | OOB read in gather_tree | < 2.4 | Wang Xuan(王旋) of Qihoo 360 AIVul Team |  |
--- a/security/advisory/pdsa-2022-001.md
+++ b/security/advisory/pdsa-2022-001.md
+## PDSA-2022-001: OOB read in gather_tree
+### Impact
+The PoC is as follows:
+```python
+import paddle
+import paddle.fluid as fluid
+import numpy as  np
+ids = paddle.to_tensor([[2,2],[6,1]])
+parents = paddle.to_tensor([[2,2],[6,1]])
+out = paddle.nn.functional.gather_tree(ids,parents)
+```
+The [implementation](https://github.com/PaddlePaddle/Paddle/blob/release/2.3/paddle/phi/kernels/cpu/gather_tree_kernel.cc#L31-L33) of GatherTreeKernel does not validate the ids_dims size which would result in a memory out-of-bounds read if the ids shape is invalid.
+```c++
+template <typename T, typename Context>
+void GatherTreeKernel(const Context &dev_ctx,
+                      const DenseTensor &ids,
+                      const DenseTensor &parents,
+                      DenseTensor *out) {
+  const auto *ids_data = ids.data<T>();
+  const auto *parents_data = parents.data<T>();
+  T *out_data = dev_ctx.template Alloc<T>(out);
+  auto &ids_dims = ids.dims();
+  auto max_length = ids_dims[0];
+  auto batch_size = ids_dims[1];
+  auto beam_size = ids_dims[2];    //[1]
+```
+### Patches
+We have patched the issue in commit [6712e262fc6734873cc6d5ca4f45973339a88697](https://github.com/PaddlePaddle/Paddle/commit/6712e262fc6734873cc6d5ca4f45973339a88697).
+The fix will be included in PaddlePaddle 2.4.
+### For more information
+Please consult [our security guide](../../SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.
+### Attribution
+This vulnerability has been reported by Wang Xuan(王旋) of Qihoo 360 AIVul Team.
--- a/security/advisory/pdsa-2022-001_cn.md
+++ b/security/advisory/pdsa-2022-001_cn.md
+## PDSA-2022-001: OOB read in gather_tree
+### 影响
+PoC如下：
+```python
+import paddle
+import paddle.fluid as fluid
+import numpy as  np
+ids = paddle.to_tensor([[2,2],[6,1]])
+parents = paddle.to_tensor([[2,2],[6,1]])
+out = paddle.nn.functional.gather_tree(ids,parents)
+```
+在GatherTreeKernel的[实现代码中](https://github.com/PaddlePaddle/Paddle/blob/release/2.3/paddle/phi/kernels/cpu/gather_tree_kernel.cc#L31-L33)，并没有检查ids_dims的大小，当输入非预期的ids，其shape不正确时会造成可能造成越界读ids_dims。
+```c++
+template <typename T, typename Context>
+void GatherTreeKernel(const Context &dev_ctx,
+                      const DenseTensor &ids,
+                      const DenseTensor &parents,
+                      DenseTensor *out) {
+  const auto *ids_data = ids.data<T>();
+  const auto *parents_data = parents.data<T>();
+  T *out_data = dev_ctx.template Alloc<T>(out);
+  auto &ids_dims = ids.dims();
+  auto max_length = ids_dims[0];
+  auto batch_size = ids_dims[1];
+  auto beam_size = ids_dims[2];    //[1]
+```
+### 补丁
+我们在commit [6712e262fc6734873cc6d5ca4f45973339a88697](https://github.com/PaddlePaddle/Paddle/commit/6712e262fc6734873cc6d5ca4f45973339a88697)中对此问题进行了补丁。
+修复将包含在飞桨2.4版本当中。
+### 更多信息
+请参考我们的[安全指南](../../SECURITY_cn.md)以获得更多关于安全的信息，以及如何与我们联系问题。
+### 贡献者
+此漏洞由 Wang Xuan(王旋) of Qihoo 360 AIVul Team 提交。