File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change 44
55### Fixes and improvements
66
7+ * Fix memory-safety issues in the model loader (#2068 ) by [ @jordimas ] ( https://github.com/jordimas ) , reported by Chegne Eu Joe (Project Umbra)
78* Upgrade Thrust submodule from 1.12.0 to CCCL 2.7.0 (#2062 ) by [ @jordimas ] ( https://github.com/jordimas )
89
910## [ v4.8.0] ( https://github.com/OpenNMT/CTranslate2/releases/tag/v4.8.0 ) (2026-06-06)
Original file line number Diff line number Diff line change @@ -80,8 +80,10 @@ namespace ctranslate2 {
8080 template <>
8181 std::string consume (std::istream& in) {
8282 const auto str_length = consume<uint16_t >(in);
83+ if (str_length == 0 )
84+ throw std::runtime_error (" Invalid string length in " + binary_file);
8385 const auto c_str = consume<char >(in, str_length);
84- std::string str (c_str);
86+ std::string str (c_str, str_length - 1 );
8587 delete [] c_str;
8688 return str;
8789 }
@@ -654,6 +656,8 @@ namespace ctranslate2 {
654656 }
655657
656658 StorageView variable (std::move (shape), dtype);
659+ if (num_bytes != variable.size () * variable.item_size ())
660+ throw std::runtime_error (" Variable '" + name + " ' has an invalid payload size" );
657661 consume<char >(model_file, num_bytes, static_cast <char *>(variable.buffer ()));
658662 if (tensor_parallel) {
659663 int outer_dim = 0 ;
You can’t perform that action at this time.
0 commit comments