From 420d4bc74369d236b2a97082371b92a86656fe8c Mon Sep 17 00:00:00 2001 From: Vigi Zhang Date: Thu, 20 Oct 2022 19:13:55 +0800 Subject: [PATCH] add pdsa-2022-001, test=document_fix (#47222) * add pdsa-2022-001, test=document_fix * add pdsa-2022-001, test=document_fix --- security/README.md | 6 ++-- security/README_cn.md | 6 ++-- security/advisory/pdsa-2022-001.md | 49 +++++++++++++++++++++++++++ security/advisory/pdsa-2022-001_cn.md | 49 +++++++++++++++++++++++++++ 4 files changed, 104 insertions(+), 6 deletions(-) create mode 100644 security/advisory/pdsa-2022-001.md create mode 100644 security/advisory/pdsa-2022-001_cn.md diff --git a/security/README.md b/security/README.md index 506bfbb9118..ceca597ec35 100644 --- a/security/README.md +++ b/security/README.md @@ -7,6 +7,6 @@ We regularly publish security advisories about using PaddlePaddle. *Note*: In conjunction with these security advisories, we strongly encourage PaddlePaddle users to read and understand PaddlePaddle's security model as outlined in [SECURITY.md](https://github.com/PaddlePaddle/Paddle/blob/develop/SECURITY.md). -| Advisory Number | Type | Versions affected | Reported by | Additional Information| -| --------------- | ---- | :---------------: | ----------- | ----------------------| -| | | | | | +| Advisory Number | Type | Versions affected | Reported by | Additional Information | +|---------------------------------------------------------------------------------------------------------|-------------------------|:-----------------:|---------------------------------------|------------------------| +| [PDSA-2022-001](https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2022-001.md) | OOB read in gather_tree | < 2.4 | Wang Xuan(王旋) of Qihoo 360 AIVul Team | | diff --git a/security/README_cn.md b/security/README_cn.md index 49f486b0f78..31661177eca 100644 --- a/security/README_cn.md +++ b/security/README_cn.md @@ -7,6 +7,6 @@ 注:我们非常建议飞桨用户阅读和理解[SECURITY_cn.md](https://github.com/PaddlePaddle/Paddle/blob/develop/SECURITY_cn.md)所介绍的飞桨安全模型,以便更好地了解此安全公告。 -| 安全公告编号 | 类型 | 受影响版本 | 报告者 | 备注 | -| --------------- | ---- | :---------------: | ----------- | ----------------------| -| | | | | | +| 安全公告编号 | 类型 | 受影响版本 | 报告者 | 备注 | +|------------------------------------------------------------------------------------------------------------|-------------------------|:-----:|---------------------------------------| ----------------------| +| [PDSA-2022-001](https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2022-001_cn.md) | OOB read in gather_tree | < 2.4 | Wang Xuan(王旋) of Qihoo 360 AIVul Team | | diff --git a/security/advisory/pdsa-2022-001.md b/security/advisory/pdsa-2022-001.md new file mode 100644 index 00000000000..7bbce205111 --- /dev/null +++ b/security/advisory/pdsa-2022-001.md @@ -0,0 +1,49 @@ +## PDSA-2022-001: OOB read in gather_tree + +### Impact + +The PoC is as follows: + +```python +import paddle +import paddle.fluid as fluid +import numpy as np + +ids = paddle.to_tensor([[2,2],[6,1]]) +parents = paddle.to_tensor([[2,2],[6,1]]) + +out = paddle.nn.functional.gather_tree(ids,parents) +``` + +The [implementation](https://github.com/PaddlePaddle/Paddle/blob/release/2.3/paddle/phi/kernels/cpu/gather_tree_kernel.cc#L31-L33) of GatherTreeKernel does not validate the ids_dims size which would result in a memory out-of-bounds read if the ids shape is invalid. + +```c++ +template +void GatherTreeKernel(const Context &dev_ctx, + const DenseTensor &ids, + const DenseTensor &parents, + DenseTensor *out) { + const auto *ids_data = ids.data(); + const auto *parents_data = parents.data(); + + T *out_data = dev_ctx.template Alloc(out); + + auto &ids_dims = ids.dims(); + auto max_length = ids_dims[0]; + auto batch_size = ids_dims[1]; + auto beam_size = ids_dims[2]; //[1] +``` + +### Patches + +We have patched the issue in commit [ee6e6d511f9f33fc862c11722701fb5abb99ed94](https://github.com/PaddlePaddle/Paddle/commit/ee6e6d511f9f33fc862c11722701fb5abb99ed94). + +The fix will be included in PaddlePaddle 2.4. + +### For more information + +Please consult [our security guide](https://github.com/PaddlePaddle/Paddle/blob/develop/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions. + +### Attribution + +This vulnerability has been reported by Wang Xuan(王旋) of Qihoo 360 AIVul Team. diff --git a/security/advisory/pdsa-2022-001_cn.md b/security/advisory/pdsa-2022-001_cn.md new file mode 100644 index 00000000000..65e825b8a65 --- /dev/null +++ b/security/advisory/pdsa-2022-001_cn.md @@ -0,0 +1,49 @@ +## PDSA-2022-001: OOB read in gather_tree + +### 影响 + +PoC如下: + +```python +import paddle +import paddle.fluid as fluid +import numpy as np + +ids = paddle.to_tensor([[2,2],[6,1]]) +parents = paddle.to_tensor([[2,2],[6,1]]) + +out = paddle.nn.functional.gather_tree(ids,parents) +``` + +在GatherTreeKernel的[实现代码中](https://github.com/PaddlePaddle/Paddle/blob/release/2.3/paddle/phi/kernels/cpu/gather_tree_kernel.cc#L31-L33),并没有检查ids_dims的大小,当输入非预期的ids,其shape不正确时会造成可能造成越界读ids_dims。 + +```c++ +template +void GatherTreeKernel(const Context &dev_ctx, + const DenseTensor &ids, + const DenseTensor &parents, + DenseTensor *out) { + const auto *ids_data = ids.data(); + const auto *parents_data = parents.data(); + + T *out_data = dev_ctx.template Alloc(out); + + auto &ids_dims = ids.dims(); + auto max_length = ids_dims[0]; + auto batch_size = ids_dims[1]; + auto beam_size = ids_dims[2]; //[1] +``` + +### 补丁 + +我们在commit [ee6e6d511f9f33fc862c11722701fb5abb99ed94](https://github.com/PaddlePaddle/Paddle/commit/ee6e6d511f9f33fc862c11722701fb5abb99ed94)中对此问题进行了补丁。 + +修复将包含在飞桨2.4版本当中。 + +### 更多信息 + +请参考我们的[安全指南](https://github.com/PaddlePaddle/Paddle/blob/develop/SECURITY_cn.md)以获得更多关于安全的信息,以及如何与我们联系问题。 + +### 贡献者 + +此漏洞由 Wang Xuan(王旋) of Qihoo 360 AIVul Team 提交。 -- GitLab