gguf: add upper bound check for general.alignment (CWE-1284)

[hhy569]

我在看 gguf.cpp 代码时发现，general.alignment 参数现在只做了两项校验：判断是否为 0、是否是 2 的幂，完全没限制最大值。如果外部传入 0x80000000 这种超大对齐值，在 32 位环境里调用 GGML_PAD 宏就会出现整数溢出。

这个漏洞五月份就在 oss-security 安全邮件组里有人提过，但一直没人分配 CVE 编号，也没出修复 PR。实际加载模型根本用不上 2GB 这么夸张的对齐尺寸，直接把对齐值上限限制到 1MB 就足够稳妥，能彻底规避溢出问题。

---

Found while reading gguf.cpp: general.alignment only checks for zero and power-of-2, with no upper bound. Extreme values like 0x80000000 cause GGML_PAD integer overflow on 32-bit platforms. This was mentioned on oss-security in May but never got a CVE or fix. Capping at 1MB is more than enough for any practical model loading - nobody needs 2GB alignment.

[ggml-gh-bot]

Hi @hhy569, thanks for your contribution!

Per our contribution guidelines, the automated PR checker found the following issue(s) that need your attention:

• AI-generated content: This project does not accept PRs, descriptions or commit messages that are fully or predominantly AI-generated. If you have used AI to assist you in writing code, please make sure to disclose that explicitly.

---

Please note that maintainers reserve the right to make final decisions on PRs. If you believe there is a mistake, please comment below.

[hhy569]

我是人工审计 gguf.cpp 源码挖到这个漏洞的，全程没有用 AI 生成漏洞分析内容。该缺陷早在 2026 年 5 月就以 V-01 编号在 oss-security 安全邮件组公开披露过，我自己复现验证后写了这行修复代码，AI 仅仅用来整理我的笔记排版