onnxruntime
[CXX Lora] Prevent heap OOB from maliciously crafted Lora Adapters.
#27518

Merged

[CXX Lora] Prevent heap OOB from maliciously crafted Lora Adapters. #27518

yuslepukhin merged 4 commits into main from yuslepukhin/lora_param_verify

Detect and test mismatch between raw data size and declared data type…

6622a2e1

yuslepukhin requested a review from

tianleiwu 43 days ago

yuslepukhin requested a review from

copilot-pull-request-reviewer 43 days ago

yuslepukhin marked this pull request as ready for review 43 days ago

copilot-pull-request-reviewer commented on 2026-03-03

Update onnxruntime/lora/adapter_format_utils.cc

aeee8d54

Update onnxruntime/test/lora/lora_test.cc

ff301036

Add validation for dims and name

4a4d308b

skottmckay commented on 2026-03-03

skottmckay approved these changes on 2026-03-03

yuslepukhin added release:1.24.3

yuslepukhin enabled auto-merge (squash) 43 days ago

yuslepukhin merged ef04b10a into main 43 days ago

yuslepukhin deleted the yuslepukhin/lora_param_verify branch 43 days ago

Reviewers

skottmckay

tianleiwu

Assignees

No one assigned

Labels

release:1.24.3

Milestone

No milestone