Skip to content

Security fuzz address sanitizer fix Bug #2 and #3 #21528

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
tianleiwu merged 1 commit into from
Jul 27, 2024
Merged

Security fuzz address sanitizer fix Bug #2 and #3 #21528

tianleiwu merged 1 commit into from
Jul 27, 2024

Conversation

@jingyanwangms
Copy link
Contributor

@jingyanwangms jingyanwangms commented Jul 27, 2024

Description

Security fuzz test with address sanitizer found several bugs

Motivation and Context

@tianleiwu tianleiwu merged commit 48fb8a7 into main Jul 27, 2024
@tianleiwu tianleiwu deleted the jingywa/security-fix1 branch July 27, 2024 18:10
skottmckay
skottmckay reviewed Jul 27, 2024
View reviewed changes
onnxruntime/core/optimizer/attention_fusion.cc
if ((node.GetOutputEdgesCount() >= 2 && node.GetOutputEdgesCount() <= 6) && // Add node.GetOutputEdgesCount() == 5/6 for distilbert
graph_utils::IsSupportedOptypeVersionAndDomain(node, "LayerNormalization", {1, 17}, kOnnxDomain) &&
graph_utils::IsSupportedProvider(node, GetCompatibleExecutionProviders())) {
graph_utils::IsSupportedProvider(node, GetCompatibleExecutionProviders()) && node.InputDefs().size() > 2) {
Copy link
Contributor

@skottmckay skottmckay Jul 27, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should also check node.InputDefs()[2]->Exists().

Copy link
Contributor

@tianleiwu tianleiwu Jul 29, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. That's an optional input. I will add an extra check later.

Copy link
Contributor

@tianleiwu tianleiwu Jul 31, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#21579

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@skottmckay skottmckay skottmckay left review comments

@tianleiwu tianleiwu tianleiwu approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@jingyanwangms @skottmckay @tianleiwu