xgrammar Denial-of-Service Vulnerability via Large Enum Grammar Processing

A denial-of-service vulnerability has been identified in the xgrammar library version 0.1.23. The issue arises from a grammar optimizer that processes large grammars, exceeding 100,000 characters, at very low speeds. This slowdown can be exploited to disrupt model providers that utilize the library. The vulnerability does not exist in version 0.1.16, indicating that it is a regression introduced in 0.1.23. The problem has been addressed in version 0.1.24, which optimizes the grammar processing speed and disables certain slow optimizations for large grammars.

Impact

The vulnerability can be exploited to cause a denial-of-service condition, where processing large grammars takes an excessive amount of time, potentially disrupting services that rely on timely model responses.

Reproduction

The vulnerability can be reproduced by creating a grammar schema that references a large enum definition, totaling around 70,000 tokens. This can be done using the 'xgrammar' library's functionality to convert JSON schema into a grammar object. Once the grammar is created, it can be tested for acceptance by a model, simulating the denial-of-service condition.

Remediation

Users can update to xgrammar version 0.1.24, which includes the necessary optimizations to address this vulnerability.