Skip to content

mtmd: add more validations#25013

Merged
ngxson merged 4 commits into
masterfrom
xsn/mtmd_fix_2
Jun 26, 2026
Merged

mtmd: add more validations#25013
ngxson merged 4 commits into
masterfrom
xsn/mtmd_fix_2

Conversation

@ngxson

@ngxson ngxson commented Jun 25, 2026

Copy link
Copy Markdown
Collaborator

Overview

Add more validations to avoid OOB reads and overflow/underflow size calculations:

  • check pinpoints size
  • check mean and std size
  • limit n_merge, n_patch
  • limit gguf array size to int max (potential OOB via negative resize)

Note: n_merge is previously defaulted to 0 which leads to some code path need to default it back to 1; with this change, it's now defaulted to 1, meaning "no patch merging by default" (merge 1x1 patch is equal to doing nothing)

Requirements

@ngxson ngxson requested a review from a team as a code owner June 25, 2026 15:36
@github-actions github-actions Bot added the mtmd Related to multimodal functionality (video/image/audio) label Jun 25, 2026
@ngxson ngxson merged commit b11f7c1 into master Jun 26, 2026
33 of 38 checks passed
papamoose pushed a commit to papamoose/llama.cpp that referenced this pull request Jun 27, 2026
* mtmd: add more validations

* fix

* refactor a bit

* type check for get_arr_int
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

mtmd Related to multimodal functionality (video/image/audio)

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant