From 2f85bd6b7d62969adf0d138a4ffcd2680537bbdd Mon Sep 17 00:00:00 2001 From: Adel-Ayoub Date: Wed, 24 Jun 2026 21:58:52 +0100 Subject: [PATCH] gguf : reject non-u32 general.alignment --- ggml/src/gguf.cpp | 5 +++++ tests/test-gguf.cpp | 11 +++++++---- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/ggml/src/gguf.cpp b/ggml/src/gguf.cpp index 5e1986182515..0f6d60c02c4c 100644 --- a/ggml/src/gguf.cpp +++ b/ggml/src/gguf.cpp @@ -607,6 +607,11 @@ static struct gguf_context * gguf_init_from_reader(const struct gguf_reader & gr GGML_ASSERT(int64_t(ctx->kv.size()) == n_kv); const int alignment_idx = gguf_find_key(ctx, GGUF_KEY_GENERAL_ALIGNMENT); + if (alignment_idx != -1 && gguf_get_kv_type(ctx, alignment_idx) != GGUF_TYPE_UINT32) { + GGML_LOG_ERROR("%s: key '%s' must have type u32\n", __func__, GGUF_KEY_GENERAL_ALIGNMENT); + gguf_free(ctx); + return nullptr; + } ctx->alignment = alignment_idx == -1 ? GGUF_DEFAULT_ALIGNMENT : gguf_get_val_u32(ctx, alignment_idx); if (ctx->alignment == 0 || (ctx->alignment & (ctx->alignment - 1)) != 0) { diff --git a/tests/test-gguf.cpp b/tests/test-gguf.cpp index 1ae468fbd65f..56a1363e4c9c 100644 --- a/tests/test-gguf.cpp +++ b/tests/test-gguf.cpp @@ -30,6 +30,7 @@ enum handcrafted_file_type { // HANDCRAFTED_KV_BAD_VALUE_SIZE = 30 + offset_has_kv, // removed because it can result in allocations > 1 TB (default sanitizer limit) HANDCRAFTED_KV_DUPLICATE_KEY = 40 + offset_has_kv, HANDCRAFTED_KV_BAD_ALIGN = 50 + offset_has_kv, + HANDCRAFTED_KV_BAD_ALIGN_TYPE = 55 + offset_has_kv, HANDCRAFTED_KV_SUCCESS = 800 + offset_has_kv, HANDCRAFTED_TENSORS_BAD_NAME_SIZE = 10 + offset_has_tensors, @@ -67,6 +68,7 @@ static std::string handcrafted_file_type_name(const enum handcrafted_file_type h case HANDCRAFTED_KV_BAD_TYPE: return "KV_BAD_TYPE"; case HANDCRAFTED_KV_DUPLICATE_KEY: return "KV_DUPLICATE_KEY"; case HANDCRAFTED_KV_BAD_ALIGN: return "KV_BAD_ALIGN"; + case HANDCRAFTED_KV_BAD_ALIGN_TYPE: return "KV_BAD_ALIGN_TYPE"; case HANDCRAFTED_KV_SUCCESS: return "KV_RANDOM_KV"; case HANDCRAFTED_TENSORS_BAD_NAME_SIZE: return "TENSORS_BAD_NAME_SIZE"; @@ -255,7 +257,7 @@ static FILE * get_handcrafted_file(const unsigned int seed, const enum handcraft } { uint64_t n_kv = kv_types.size(); - if (hft == HANDCRAFTED_KV_BAD_ALIGN || + if (hft == HANDCRAFTED_KV_BAD_ALIGN || hft == HANDCRAFTED_KV_BAD_ALIGN_TYPE || hft == HANDCRAFTED_TENSORS_BAD_ALIGN || hft == HANDCRAFTED_TENSORS_CUSTOM_ALIGN || hft == HANDCRAFTED_DATA_BAD_ALIGN || hft == HANDCRAFTED_DATA_CUSTOM_ALIGN) { @@ -340,7 +342,7 @@ static FILE * get_handcrafted_file(const unsigned int seed, const enum handcraft helper_write(file, data, hft == HANDCRAFTED_KV_BAD_TYPE ? 1 : gguf_type_size(type)); } - if (hft == HANDCRAFTED_KV_BAD_ALIGN || + if (hft == HANDCRAFTED_KV_BAD_ALIGN || hft == HANDCRAFTED_KV_BAD_ALIGN_TYPE || hft == HANDCRAFTED_TENSORS_BAD_ALIGN || hft == HANDCRAFTED_TENSORS_CUSTOM_ALIGN || hft == HANDCRAFTED_DATA_BAD_ALIGN || hft == HANDCRAFTED_DATA_CUSTOM_ALIGN) { @@ -348,10 +350,10 @@ static FILE * get_handcrafted_file(const unsigned int seed, const enum handcraft helper_write(file, n); helper_write(file, GGUF_KEY_GENERAL_ALIGNMENT, n); - const int32_t type = gguf_type(GGUF_TYPE_UINT32); + const int32_t type = gguf_type(hft == HANDCRAFTED_KV_BAD_ALIGN_TYPE ? GGUF_TYPE_INT32 : GGUF_TYPE_UINT32); helper_write(file, type); - alignment = expect_context_not_null(hft) ? 1 : 13; + alignment = (expect_context_not_null(hft) || hft == HANDCRAFTED_KV_BAD_ALIGN_TYPE) ? 1 : 13; helper_write(file, alignment); } @@ -735,6 +737,7 @@ static std::pair test_handcrafted_file(const unsigned int seed) { HANDCRAFTED_KV_BAD_TYPE, HANDCRAFTED_KV_DUPLICATE_KEY, HANDCRAFTED_KV_BAD_ALIGN, + HANDCRAFTED_KV_BAD_ALIGN_TYPE, HANDCRAFTED_KV_SUCCESS, HANDCRAFTED_TENSORS_BAD_NAME_SIZE,