OneFlow Input Validation Vulnerability in Scatter Functions Leading to Denial-of-Service

A denial-of-service vulnerability has been identified in OneFlow version 0.9.0, specifically within the 'flow.scatter' and 'flow.scatter_add' components. This vulnerability arises from improper input validation, allowing out-of-bounds indices to cause crashes instead of being properly handled. The issue stems from missing bounds checks, which fail to prevent invalid index values from disrupting the normal operation of these functions.

Impact

Exploitation of this vulnerability causes a crash of the OneFlow application, terminating the process and dumping the core.

Reproduction

The vulnerability can be reproduced by calling the 'flow.scatter' or 'flow.scatter_add' functions with indices that exceed the allowable range for the specified dimension. This can be done by creating a tensor of indices that includes values larger than the maximum index for the input tensor's shape. When these out-of-bounds indices are processed, the application will crash, indicating that the index was invalid.