berkus
/
ANE
mirror of https://github.com/maderix/ANE.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
ANE/docs
History
manni07 ad119aed46 fix: address CRIT security findings (CRIT-01 to CRIT-04) 
- CRIT-01: dlopen() return check + NSClassFromString validation in ane_init()
           (ane_runtime.h + stories_config.h); g_ane_ok / g_ane_ok_large flag
           only set when all private classes load successfully; stories_config.h
           gets re-entry guard (g_ane_init_done) that was previously missing
- CRIT-02: g_ane_ok guard in ane_compile() and compile_kern_mil_w(); NULL check
           for inMemoryModel after inMemoryModelWithDescriptor: — prevents crash
           when API call returns nil (ane_runtime.h, stories_io.h)
- CRIT-03: Validate fread() return for critical config/header reads to prevent
           garbage malloc() sizes; fopen() NULL check in save_checkpoint();
           design decision documented (model.h, train_large.m)
- CRIT-04: int -> size_t in build_blob*/build_blob_t/build_blob_fp16; calloc()
           NULL checks added; (size_t) cast in malloc() size calculations to
           prevent signed integer overflow UB (stories_io.h, model.h)

Simulation: 3 iterations, overall score 96.15% (all criteria >= 95%)
ref: docs/reports/security-audit-2026-03-02.md
 		2026-03-02 22:14:51 +01:00
..
diaries fix: address CRIT security findings (CRIT-01 to CRIT-04) 2026-03-02 22:14:51 +01:00
reports fix: address CRIT security findings (CRIT-01 to CRIT-04) 2026-03-02 22:14:51 +01:00