trailofbits.python.onnx-session-options.onnx-session-options

profile photo of trailofbitstrailofbits
Author
unknown
Download Count*

Loading custom operator libraries can result in arbitrary code execution

Run Locally

Run in CI

Defintion

rules:
  - id: onnx-session-options
    message: Loading custom operator libraries can result in arbitrary code execution
    languages:
      - python
    severity: ERROR
    metadata:
      category: security
      cwe: "CWE-676: Use of Potentially Dangerous Function"
      subcategory:
        - audit
      confidence: MEDIUM
      likelihood: MEDIUM
      impact: HIGH
      technology:
        - onnx
      description: Potential arbitrary code execution from `ONNX` library loading
      references:
        - https://onnxruntime.ai/docs/reference/operators/add-custom-op.html
      license: AGPL-3.0 license
      vulnerability_class:
        - Dangerous Method or Function
    patterns:
      - pattern-inside: |
          $SESSION = onnxruntime.SessionOptions(...)
          ...
      - pattern: $SESSION.register_custom_ops_library(...)
      - pattern-not: $SESSION.register_custom_ops_library("...")

Examples

onnx-session-options.py

import onnxruntime

path = "some_library.dll"
sess_options = onnxruntime.SessionOptions()

# ok: onnx-session-options
sess_options.register_custom_ops_library(path)

# ok: onnx-session-options
register_custom_ops_library("not onnx method")

# ruleid: onnx-session-options
sess_options.register_custom_ops_library(input())

def test(arg):
    # ruleid: onnx-session-options
    return sess_options.register_custom_ops_library(arg)