From 5d3eeb43c018499786a09a62adbbdcaa1a8f1749 Mon Sep 17 00:00:00 2001 From: ParthSareen Date: Wed, 10 Dec 2025 17:58:16 -0800 Subject: [PATCH] convert: check file size for safetensors to warn for improper conversion --- convert/reader_safetensors.go | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/convert/reader_safetensors.go b/convert/reader_safetensors.go index f7d9754f0..2c34a60ac 100644 --- a/convert/reader_safetensors.go +++ b/convert/reader_safetensors.go @@ -37,6 +37,10 @@ func parseSafetensors(fsys fs.FS, replacer *strings.Replacer, ps ...string) ([]T return nil, err } + if n <= 0 || n > 100<<20 { + return nil, fmt.Errorf("invalid safetensors file %q (header size: %d): file may be corrupted or a Git LFS pointer", p, n) + } + b := bytes.NewBuffer(make([]byte, 0, n)) if _, err = io.CopyN(b, f, n); err != nil { return nil, err