LogResearch
Author HungNguyen
Analysis of rpc_server
Today’s research focused on the comunication between the client and the RPC backend. I have updated the lab’s blog with a deeper analysis of rpc_server class, specifically focusing on deserialize_tensor function
My finding
I analysed why init_tensor lacks of rigorous buffer check found in other function. Architecturally, it’s designed to set basic parameters, does not affect in the deep of the server, so it will just need to control inited tensors
I also spent time tracing how deserialize_tensor converts raw network bytes(rpc_tensor) into ggml_tensor objects. The lack of size validation here is the most important bug for the subsequent memory corruption
Tasks
| Understand the Arbitrary Read primitive for Information Leak || -------------------------------------------------------------- || Scripting with Python to construct and send malicious Metadata || -------------------------------------------------------------- || Live Debugging & Memory Verification with GDB || -------------------------------------------------------------- |