Skip to content

Fix DoS / integer overflow #17381

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
ggerganov merged 4 commits into from
Nov 20, 2025
Merged

Fix DoS / integer overflow #17381

ggerganov merged 4 commits into from
Nov 20, 2025

Conversation

@pwilkin
Copy link
Collaborator

@pwilkin pwilkin commented Nov 19, 2025

Limit repetitions to 5000 max, store stoul in unsigned long.

@pwilkin pwilkin requested a review from ggerganov as a code owner November 19, 2025 12:05
@pwilkin pwilkin requested review from CISC, JohannesGaessler, danbev, ggerganov and ngxson and removed request for ggerganov November 19, 2025 12:05
@pwilkin
Copy link
Collaborator Author

pwilkin commented Nov 19, 2025

Since it's a publicly disclosed security issue, I'm pinging a lot of people for review since it's probably best to merge this one quickly.

@pwilkin
Copy link
Collaborator Author

pwilkin commented Nov 19, 2025

Fixes #17352

ggerganov
ggerganov approved these changes Nov 20, 2025
View reviewed changes
Copy link
Member

@ggerganov ggerganov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Think we can avoid including <optional> as it brings very little convenience while increasing the compile-time.

@pwilkin
Copy link
Collaborator Author

pwilkin commented Nov 20, 2025
edited
Loading

@ggerganov aight, changed the code to use UINT64_MAX as placeholder instead of using optional since we're not using anything above the threshold as proper values anyway.

Also after some deliberations I reduced the threshold to 2000, I don't think of any real use-cases in which a higher threshold might be needed and this will help avoid more overhead.

@ggerganov ggerganov merged commit 92c0b38 into ggml-org:master Nov 20, 2025
11 of 65 checks passed
@pwilkin pwilkin mentioned this pull request Nov 20, 2025
Closed
@ngxson
Copy link
Collaborator

ngxson commented Nov 20, 2025

This change potentially made one of the server test to hangs on windows: https://github.com/ggml-org/llama.cpp/actions/runs/19537370292/job/55934647432

Same behavior observed when running the test locally on a windows machine.

ngxson added a commit that referenced this pull request Nov 20, 2025
@ngxson
grammar: fix regression caused by #17381
3b195d3
@ngxson ngxson mentioned this pull request Nov 20, 2025
Merged
@loci-dev loci-dev mentioned this pull request Nov 20, 2025
Closed
ngxson added a commit that referenced this pull request Nov 20, 2025
@ngxson
grammar: fix regression caused by #17381 (#17412)
054a45c 
* grammar: fix regression caused by #17381

* more readable
@matiashegoburu matiashegoburu mentioned this pull request Nov 24, 2025
Closed
SamuelOliveirads pushed a commit to SamuelOliveirads/llama.cpp that referenced this pull request Dec 29, 2025
@firecoperana @jemc
@ggerganov @rick-github @frob-cloudstaff @DavidKorczynski @danbev @CISC @aldehir @ochafik @pwilkin @ngxson
Update grammar (ggml-org#1023)
52adcf1 
* grammar : fix JSON Schema for string regex with top-level alt. (ggml-org#9903)

Prior to this commit, using a JSON Schema containing a string
with `pattern` regular expression that uses top-level alternation
(e.g. `"pattern": "^A|B|C|D$"`) would result in invalid JSON
output from the constrained sampling grammar, because it
ended up creating a grammar rule like this for the string:

```
thing ::= "\"" "A" | "B" | "C" | "D" "\"" space
```

Note that this rule will only match a starting quote for the "A" case,
and will only match an ending quote for the "D" case,
so this rule will always produce invalid JSON when used for sampling
(that is, the JSON will always be lacking the starting quote,
the ending quote, or both).

This was fixed in a simple way by adding parentheses to the
generated rule (for all string pattern rules, to keep it simple),
such that the new generated rule looks like this (correct):

```
thing ::= "\"" ("A" | "B" | "C" | "D") "\"" space
```

* grammars : add English-only grammar (ggml-org#10612)

* grammar : handle maxItems == 0 in JSON schema (ggml-org#13117)

Co-authored-by: Richard Lyons <frob@cloudstaff.com>

* grammar-parser : fix possible null-deref (ggml-org#9004)

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70680

Signed-off-by: David Korczynski <david@adalogics.com>

* llama : fix typo in llama-grammar.h [no ci] (ggml-org#11816)

* * server: fix "--grammar-file" parameter (ggml-org#12285)

* common : use std::string_view now that we target c++17 (ggml-org#14319)

* json : support `enum` values within `allOf` (ggml-org#15830)

* grammar : use int64_t to avoid int overflows in int schema to grammar conversion logic (ggml-org#16626)

* grammar : support array references in json schema (ggml-org#16792)

* grammar : support array references in json schema

* Update json-schema-to-grammar.cpp

Co-authored-by: Sigbjørn Skjæret <sigbjorn.skjaeret@scala.com>

* grammar : improve regex when naming ref derived rules

* grammar : replace non-conformant definitions array with anyOf test case

---------

Co-authored-by: Sigbjørn Skjæret <sigbjorn.skjaeret@scala.com>
# Conflicts:
#	tests/test-json-schema-to-grammar.cpp

* merge fix

* llama : minor grammar refactor (ggml-org#10897)

* llama: fix error on bad grammar (ggml-org#12628)

* grammar : fix integer overflow (ggml-org#17381)

* Fix DoS / integer overflow

* Remove optional, use INT64_MAX instead as placeholder value (it's technically -1, so it fits :)

* White space

* Actually, since it's unsigned, use UINT64_MAX
# Conflicts:
#	src/llama-grammar.cpp

* grammar: fix regression caused by ggml-org#17381 (ggml-org#17412)

* grammar: fix regression caused by ggml-org#17381

* more readable
# Conflicts:
#	src/llama-grammar.cpp

* Merge Fix

* Fix warnings

---------

Signed-off-by: David Korczynski <david@adalogics.com>
Co-authored-by: Joe Eli McIlvain <joe.eli.mac@gmail.com>
Co-authored-by: Georgi Gerganov <ggerganov@gmail.com>
Co-authored-by: frob <rick+github@frob.com.au>
Co-authored-by: Richard Lyons <frob@cloudstaff.com>
Co-authored-by: DavidKorczynski <david@adalogics.com>
Co-authored-by: Daniel Bevenius <daniel.bevenius@gmail.com>
Co-authored-by: firecoperana <firecoperana>
Co-authored-by: Sigbjørn Skjæret <sigbjorn.skjaeret@scala.com>
Co-authored-by: Aldehir Rojas <hello@alde.dev>
Co-authored-by: Olivier Chafik <olivier.chafik@gmail.com>
Co-authored-by: Piotr Wilkin (ilintar) <piotr.wilkin@syndatis.com>
Co-authored-by: Xuan-Son Nguyen <son@huggingface.co>
Co-authored-by: Iwan Kawrakow <iwan.kawrakow@gmail.com>
Anico2 added a commit to Anico2/llama.cpp that referenced this pull request Jan 15, 2026
@Anico2
grammar : fix integer overflow (ggml-org#17381)
9cd9df0 
* Fix DoS / integer overflow

* Remove optional, use INT64_MAX instead as placeholder value (it's technically -1, so it fits :)

* White space

* Actually, since it's unsigned, use UINT64_MAX
Anico2 added a commit to Anico2/llama.cpp that referenced this pull request Jan 15, 2026
@Anico2
grammar: fix regression caused by ggml-org#17381 (ggml-org#17412)
59f06c8 
* grammar: fix regression caused by ggml-org#17381

* more readable
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@danbev danbev danbev approved these changes

@ggerganov ggerganov ggerganov approved these changes

@CISC CISC Awaiting requested review from CISC

@ngxson ngxson Awaiting requested review from ngxson

@JohannesGaessler JohannesGaessler Awaiting requested review from JohannesGaessler

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@pwilkin @ngxson @danbev @ggerganov