Stack buffer overflow in prepare_input_tensors() due to unchecked memcpy size

[lucylq]

Summary

Add size checks for int, double, bool before memcpying. Otherwise the input buffer may be larger than the intended size and overwrite adjacent memory.

Test Plan

(executorch) [[email protected] /data/users/lfq/executorch/build (lfq.check-size-before-memcpy)]$ ctest -R extension_runner_util_test -V
...
54: [ RUN      ] InputsTest.DoubleInputWrongSizeFails
54: E 00:00:00.001251 executorch:inputs.cpp:101] Double input at index 2 has size 16, expected sizeof(double) 8
54: [       OK ] InputsTest.DoubleInputWrongSizeFails (0 ms)
...

1/1 Test #54: extension_runner_util_test .......   Passed    0.01 sec

The following tests passed:
        extension_runner_util_test

100% tests passed, 0 tests failed out of 1

Total Test time (real) =   0.01 sec

[pytorch-bot]

🔗 Helpful Links

🧪 See artifacts and rendered test results at hud.pytorch.org/pr/pytorch/executorch/16797

• 📄 Preview Python docs built from this PR

Note: Links to docs will display an error until the docs builds have been completed.

❌ 1 New Failure

As of commit 9c75403 with merge base 86b4bea ():

NEW FAILURE - The following job has failed:

• Test CUDA Builds / export-model-cuda-artifact (openai, whisper-large-v3-turbo, non-quantized) / linux-job (gh)
  RuntimeError: Command docker exec -t 8efeb32983fc0e56aebfb79b4d566ab1a19f2a69d35db8b22cf7b3fec6dfd599 /exec failed with exit code 1

This comment was automatically generated by Dr. CI and updates every 15 minutes.

[github-actions]

This PR needs a release notes: label

If your change should be included in the release notes (i.e. would users of this library care about this change?), please use a label starting with release notes:. This helps us keep track and include your important work in the next release notes.

To add a label, you can comment to pytorchbot, for example
@pytorchbot label "release notes: none"

For more information, see
https://github.com/pytorch/pytorch/wiki/PyTorch-AutoLabel-Bot#why-categorize-for-release-notes-and-how-does-it-work.

[Copilot]

Pull request overview

Mitigates a stack buffer overflow risk in prepare_input_tensors() by validating scalar input buffer sizes before copying into stack-allocated variables.

Changes:

• Add strict size checks for Tag::Int (int64_t), Tag::Double (double), and Tag::Bool (bool) inputs prior to memcpy.
• Return InvalidArgument with a descriptive error when the provided scalar buffer size is unexpected.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[mergennachin]

Can you add a regression test?

[Copilot]

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 7 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[lucylq]

Can you add a regression test?

@mergennachin added one for double. Feel like that should be OK as it's the same logic, and adding tests for bool/int would need new models to export_program.py that take in bool/int as input. But let me know what you think

[larryliu0820]

Left some non-blocking comments

[Copilot]

Pull request overview

Copilot reviewed 6 out of 6 changed files in this pull request and generated 1 comment.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 6 out of 6 changed files in this pull request and generated 3 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

SetUp() assumes the environment variables are present. If ET_MODULE_ADD_PATH/ET_MODULE_INTBOOL_PATH are missing, the failure will show up later as a generic FileDataLoader::from() error. Adding ASSERT_NE(getenv(...), nullptr) for each path would make failures much easier to diagnose.

[lucylq]

think it's probably fine to have the filedataloader error show up.

[Copilot]

Pull request overview

Copilot reviewed 6 out of 6 changed files in this pull request and generated 4 comments.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

This file now calls memcpy() directly; consider adding an explicit #include <cstring> (and #include <cstdlib> for std::getenv) to avoid relying on transitive includes for C library declarations.

[Copilot]

Avoid the magic constant 8 for the int buffer size; use sizeof(int64_t) (or sizeof(y)) so the test stays consistent with the production check (buffer_size != sizeof(int64_t)).

Suggested change

	char int_buffer[8];
	char int_buffer[sizeof(int64_t)];

[Copilot]

std::getenv("ET_MODULE_ADD_PATH") can return nullptr; passing that into FileDataLoader::from() just yields a generic "File name cannot be empty" failure. Add an ASSERT_NE(add_path, nullptr) (ideally mentioning the env var name) before calling FileDataLoader::from() to make misconfigured test environments easier to debug.

[Copilot]

Same as above for ET_MODULE_INTBOOL_PATH: add an ASSERT_NE(intbool_path, nullptr) (with a helpful message) before calling FileDataLoader::from() so failures clearly indicate a missing env var.

Suggested change

	const char* intbool_path = std::getenv("ET_MODULE_INTBOOL_PATH");
	const char* intbool_path = std::getenv("ET_MODULE_INTBOOL_PATH");
	ASSERT_NE(intbool_path, nullptr)
	<< "ET_MODULE_INTBOOL_PATH environment variable must be set";