未验证 提交 001c8a6a 编写于 作者: V Vigi Zhang 提交者: GitHub

add pdsa-2022-001, test=document_fix (#47228)

Add PDSA-2022-001 security advisory
上级 8739497c
...@@ -60,4 +60,4 @@ If malicious input can trigger memory corruption or non-clean exit, such bug is ...@@ -60,4 +60,4 @@ If malicious input can trigger memory corruption or non-clean exit, such bug is
[security advisories](https://github.com/PaddlePaddle/Paddle/blob/develop/security/README.md) [security advisories](./security/README.md)
...@@ -46,4 +46,4 @@ ...@@ -46,4 +46,4 @@
如果输入非预期的参数后,对飞桨代码造成了内存破坏,或者非干净退出,这类行为被认定为存在安全问题。 如果输入非预期的参数后,对飞桨代码造成了内存破坏,或者非干净退出,这类行为被认定为存在安全问题。
### [安全公告](https://github.com/PaddlePaddle/Paddle/blob/develop/security/README_cn.md) ### [安全公告](./security/README_cn.md)
...@@ -4,9 +4,9 @@ We regularly publish security advisories about using PaddlePaddle. ...@@ -4,9 +4,9 @@ We regularly publish security advisories about using PaddlePaddle.
*Note*: In conjunction with these security advisories, we strongly encourage PaddlePaddle users to read and understand PaddlePaddle's security model as outlined in [SECURITY.md](https://github.com/PaddlePaddle/Paddle/blob/develop/SECURITY.md). *Note*: In conjunction with these security advisories, we strongly encourage PaddlePaddle users to read and understand PaddlePaddle's security model as outlined in [SECURITY.md](../SECURITY.md).
| Advisory Number | Type | Versions affected | Reported by | Additional Information| | Advisory Number | Type | Versions affected | Reported by | Additional Information |
| --------------- | ---- | :---------------: | ----------- | ----------------------| |----------------------------------------------|-------------------------|:-----------------:|---------------------------------------|------------------------|
| | | | | | | [PDSA-2022-001](./advisory/pdsa-2022-001.md) | OOB read in gather_tree | < 2.4 | Wang Xuan(王旋) of Qihoo 360 AIVul Team | |
...@@ -4,9 +4,9 @@ ...@@ -4,9 +4,9 @@
注:我们非常建议飞桨用户阅读和理解[SECURITY_cn.md](https://github.com/PaddlePaddle/Paddle/blob/develop/SECURITY_cn.md)所介绍的飞桨安全模型,以便更好地了解此安全公告。 注:我们非常建议飞桨用户阅读和理解[SECURITY_cn.md](../SECURITY_cn.md)所介绍的飞桨安全模型,以便更好地了解此安全公告。
| 安全公告编号 | 类型 | 受影响版本 | 报告者 | 备注 | | 安全公告编号 | 类型 | 受影响版本 | 报告者 | 备注 |
| --------------- | ---- | :---------------: | ----------- | ----------------------| |-------------------------------------------------|-------------------------|:-----:|---------------------------------------| ----------------------|
| | | | | | | [PDSA-2022-001](./advisory/pdsa-2022-001_cn.md) | OOB read in gather_tree | < 2.4 | Wang Xuan(王旋) of Qihoo 360 AIVul Team | |
## PDSA-2022-001: OOB read in gather_tree
### Impact
The PoC is as follows:
```python
import paddle
import paddle.fluid as fluid
import numpy as np
ids = paddle.to_tensor([[2,2],[6,1]])
parents = paddle.to_tensor([[2,2],[6,1]])
out = paddle.nn.functional.gather_tree(ids,parents)
```
The [implementation](https://github.com/PaddlePaddle/Paddle/blob/release/2.3/paddle/phi/kernels/cpu/gather_tree_kernel.cc#L31-L33) of GatherTreeKernel does not validate the ids_dims size which would result in a memory out-of-bounds read if the ids shape is invalid.
```c++
template <typename T, typename Context>
void GatherTreeKernel(const Context &dev_ctx,
const DenseTensor &ids,
const DenseTensor &parents,
DenseTensor *out) {
const auto *ids_data = ids.data<T>();
const auto *parents_data = parents.data<T>();
T *out_data = dev_ctx.template Alloc<T>(out);
auto &ids_dims = ids.dims();
auto max_length = ids_dims[0];
auto batch_size = ids_dims[1];
auto beam_size = ids_dims[2]; //[1]
```
### Patches
We have patched the issue in commit [6712e262fc6734873cc6d5ca4f45973339a88697](https://github.com/PaddlePaddle/Paddle/commit/6712e262fc6734873cc6d5ca4f45973339a88697).
The fix will be included in PaddlePaddle 2.4.
### For more information
Please consult [our security guide](../../SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.
### Attribution
This vulnerability has been reported by Wang Xuan(王旋) of Qihoo 360 AIVul Team.
## PDSA-2022-001: OOB read in gather_tree
### 影响
PoC如下:
```python
import paddle
import paddle.fluid as fluid
import numpy as np
ids = paddle.to_tensor([[2,2],[6,1]])
parents = paddle.to_tensor([[2,2],[6,1]])
out = paddle.nn.functional.gather_tree(ids,parents)
```
在GatherTreeKernel的[实现代码中](https://github.com/PaddlePaddle/Paddle/blob/release/2.3/paddle/phi/kernels/cpu/gather_tree_kernel.cc#L31-L33),并没有检查ids_dims的大小,当输入非预期的ids,其shape不正确时会造成可能造成越界读ids_dims。
```c++
template <typename T, typename Context>
void GatherTreeKernel(const Context &dev_ctx,
const DenseTensor &ids,
const DenseTensor &parents,
DenseTensor *out) {
const auto *ids_data = ids.data<T>();
const auto *parents_data = parents.data<T>();
T *out_data = dev_ctx.template Alloc<T>(out);
auto &ids_dims = ids.dims();
auto max_length = ids_dims[0];
auto batch_size = ids_dims[1];
auto beam_size = ids_dims[2]; //[1]
```
### 补丁
我们在commit [6712e262fc6734873cc6d5ca4f45973339a88697](https://github.com/PaddlePaddle/Paddle/commit/6712e262fc6734873cc6d5ca4f45973339a88697)中对此问题进行了补丁。
修复将包含在飞桨2.4版本当中。
### 更多信息
请参考我们的[安全指南](../../SECURITY_cn.md)以获得更多关于安全的信息,以及如何与我们联系问题。
### 贡献者
此漏洞由 Wang Xuan(王旋) of Qihoo 360 AIVul Team 提交。
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册