Headline
CVE-2022-29211: Prevent crash when histogram is called with NaN values. · tensorflow/tensorflow@e57fd69
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.histogram_fixed_width is vulnerable to a crash when the values array contain Not a Number (NaN) elements. The implementation assumes that all floating point operations are defined and then converts a floating point result to an integer index. If values contains NaN then the result of the division is still NaN and the cast to int32 would result in a crash. This only occurs on the CPU implementation. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
@@ -50,6 +50,15 @@ struct HistogramFixedWidthFunctor<CPUDevice, T, Tout> { static_cast<double>(nbins); const double nbins_minus_1 = static_cast<double>(nbins - 1);
// We cannot handle NANs in the algorithm below (due to the case to int32) const Eigen::Tensor<int32, 1, 1> nans_tensor = values.isnan().template cast<int32>(); const Eigen::Tensor<int32, 0, 1> reduced_tensor = nans_tensor.sum(); const int num_nans = reduced_tensor(0); if (num_nans > 0) { return errors::InvalidArgument(“Histogram values must not contain NaN”); }
// The calculation is done by finding the slot of each value in `values`. // With [a, b]: // step = (b - a) / nbins @@ -98,12 +107,12 @@ class HistogramFixedWidthOp : public OpKernel { const auto nbins = nbins_tensor.scalar<int32>()();
OP_REQUIRES( ctx, (value_range(0) < value_range(1)), ctx, value_range(0) < value_range(1), errors::InvalidArgument("value_range should satisfy value_range[0] < " "value_range[1], but got '[", value_range(0), ", “, value_range(1), "]'”)); OP_REQUIRES( ctx, (nbins > 0), ctx, nbins > 0, errors::InvalidArgument("nbins should be a positive number, but got '", nbins, “’”));
Related news
### Impact The implementation of [`tf.histogram_fixed_width`](https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/histogram_op.cc) is vulnerable to a crash when the values array contain `NaN` elements: ```python import tensorflow as tf import numpy as np tf.histogram_fixed_width(values=np.nan, value_range=[1,2]) ``` The [implementation](https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/histogram_op.cc#L35-L74) assumes that all floating point operations are defined and then converts a floating point result to an integer index: ```cc index_to_bin.device(d) = ((values.cwiseMax(value_range(0)) - values.constant(value_range(0))) .template cast<double>() / step) .cwiseMin(nbins_minus_1) .template cast<int32>(); ``` If `values` contains `NaN` then the result of the division is still `NaN` and the cast to `int32` would result in a crash....
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid. In graph mode, it would have been impossible to perform these API calls, but migration to TF 2.x eager mode opened up this vulnerability. If the resource handle is empty, then a reference is bound to a null pointer inside TensorFlow codebase (various codepaths). This is undefined behavior. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.