Skip to content

[CORE][REFERENCE] Add bounds checking for SpaceToBatch#34667

Open
EgorDuplensky wants to merge 2 commits intoopenvinotoolkit:masterfrom
EgorDuplensky:cwe_space_to_batch
Open

[CORE][REFERENCE] Add bounds checking for SpaceToBatch#34667
EgorDuplensky wants to merge 2 commits intoopenvinotoolkit:masterfrom
EgorDuplensky:cwe_space_to_batch

Conversation

@EgorDuplensky
Copy link
Contributor

@EgorDuplensky EgorDuplensky commented Mar 12, 2026

Tickets:

  • 181018

@EgorDuplensky EgorDuplensky requested review from a team as code owners March 12, 2026 14:57
@github-actions github-actions bot added category: Core OpenVINO Core (aka ngraph) category: TEMPLATE OpenVINO Template plugin labels Mar 12, 2026
@EgorDuplensky EgorDuplensky requested a review from Copilot March 12, 2026 15:49
Copilot AI reviewed Mar 12, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds runtime-side validation for SpaceToBatch padding values to prevent invalid/overflowing padded-shape computations, and extends the template plugin reference tests with negative coverage to ensure invalid paddings throw.

Changes:

  • Add non-negative and overflow guards when computing padded_shape in SpaceToBatch reference evaluation.
  • Add new negative (exception-expected) reference tests covering huge and negative padding inputs.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File Description
src/core/src/op/space_to_batch.cpp Adds padding validation and overflow checks during evaluate() padded-shape computation.
src/plugins/template/tests/functional/op_reference/space_to_batch.cpp Adds parameterized negative tests asserting invalid padding configurations throw ov::Exception.

You can also share your feedback on Copilot code review. Take the survey.

@maxnick
Copy link
Contributor

maxnick commented Mar 13, 2026

@mitruska , could you please review the core shape inference changes and tests?

mitruska
mitruska approved these changes Mar 13, 2026
View reviewed changes
Copy link
Contributor

@mitruska mitruska left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved as the checks are valid and the output shape logic remains the same, backward compatibility is preserved.

The only suggestion is that those checks could be moved from evaluate to shape_infer.

src/core/shape_inference/include/space_to_batch_shape_inference.hpp
Comment on lines +73 to +74
const auto padded_dim =
data_shape[idx] + static_cast<TVal>((*pads_begin)[idx]) + static_cast<TVal>((*pads_end)[idx]);
Copy link
Contributor

@mitruska mitruska Mar 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any reason why the validation has been not extended in the shape_infer function?

The shape_infer is called during op constructor and in SpaceToBatch::evaluate, in case of Const pads and static/bounded dimensions, it could preserve from creation of such op even before execution. Also the checks could be beneficial for plugins where the shape_infer function is shared and called for dynamic case.

Related tests to cover such case are here:

openvino/src/core/tests/type_prop/space_to_batch.cpp

Lines 73 to 85 in 44967ef

TEST(type_prop, space_to_batch_when_space_is_static) {
auto data_shape = PartialShape{{2, 5}, 100, 1024, 3};
set_shape_symbols(data_shape);
auto data = make_shared<ov::op::v0::Parameter>(element::f32, data_shape);
auto block_shape = make_shared<ov::op::v0::Constant>(element::i64, Shape{4}, vector<int64_t>{1, 12, 100, 2});
auto pads_begin = make_shared<ov::op::v0::Constant>(element::i64, Shape{4}, vector<int64_t>{0, 3, 38, 1});
auto pads_end = make_shared<ov::op::v0::Constant>(element::i64, Shape{4}, vector<int64_t>{0, 5, 38, 0});
auto space_to_batch = make_shared<op::v1::SpaceToBatch>(data, block_shape, pads_begin, pads_end);
EXPECT_EQ(
space_to_batch->get_output_partial_shape(0),
(PartialShape{{2 * 12 * 100 * 2, 5 * 12 * 100 * 2}, (100 + 3 + 5) / 12, (1024 + 38 + 38) / 100, (3 + 1) / 2}));

openvino/src/plugins/intel_cpu/tests/unit/shape_inference_test/space_to_batch_shape_inference_test.cpp

Lines 50 to 65 in 44967ef

TEST_F(SpaceToBatchV1StaticShapeInferenceTest, blocks_pads_as_constants) {
const auto data = std::make_shared<Parameter>(element::f32, PartialShape{-1, -1, -1, -1});
const auto block_shape =
std::make_shared<Constant>(element::i64, ov::Shape{4}, std::vector<int64_t>{1, 12, 100, 2});
const auto pads_begin = std::make_shared<Constant>(element::i64, ov::Shape{4}, std::vector<int64_t>{0, 3, 38, 1});
const auto pads_end = std::make_shared<Constant>(element::i64, ov::Shape{4}, std::vector<int64_t>{0, 5, 38, 0});
const auto op = make_op(data, block_shape, pads_begin, pads_end);
input_shapes = {{2, 100, 1024, 3}, {4}, {4}, {4}};
output_shapes = shape_inference(op.get(), input_shapes);
EXPECT_EQ(output_shapes[0],
(StaticShape{2 * 12 * 100 * 2, (100 + 3 + 5) / 12, (1024 + 38 + 38) / 100, (3 + 1) / 2}));
}

Copy link
Contributor Author

@EgorDuplensky EgorDuplensky Mar 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The shape infer logic uses Dimension operator+ which handles potential overflows

Copy link
Contributor Author

@EgorDuplensky EgorDuplensky Mar 13, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have also considered an alternative of moving the checks to a shape infer / validate step.
But I am not sure whether all those CWE detection tools will be satisfied with such approach.
Also, theoretically we can check for a buffer overflow in scope of shape_infer call but still perform some auxiliary computation in scope of 'evaluate' which could lead to some another overflow.
I mean in general shape_infer and evaluate are supposed to perform logically bound steps, but it is impossible to guarantee this.

@maxnick maxnick added this to the 2026.1 milestone Mar 13, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@mitruska mitruska mitruska approved these changes

@maxnick maxnick maxnick approved these changes

Assignees

@mitruska mitruska

@maxnick maxnick

@yury-intel yury-intel

Labels

category: Core OpenVINO Core (aka ngraph) category: TEMPLATE OpenVINO Template plugin

Projects

None yet

Milestone

2026.1

Development

Successfully merging this pull request may close these issues.

5 participants

@EgorDuplensky @maxnick @mitruska @yury-intel