From 775eaf33919b7e2e0247536abb396b41e4c60781 Mon Sep 17 00:00:00 2001
From: Biswajeet Ray <94063930+BiswajeetRay7@users.noreply.github.com>
Date: Sat, 13 Jun 2026 16:21:12 +0530
Subject: [PATCH] Validate tensor rank in CIRCULAR_BUFFER Prepare to prevent
 out-of-bounds read

CircularBufferPrepare indexes dims->data[0..3] without checking rank-4 first, causing an out-of-bounds read on a rank<4 tensor. Add NumDimensions()==4 checks before the accesses, matching sibling kernels (depth_to_space, concatenation, etc.). Reported via GHSA-3x72-x298-9pjx and OSS VRP issue 523561915.

Signed-off-by: Biswajeet Ray <raybiswajeet2@gmail.com>
---
 tensorflow/lite/micro/kernels/circular_buffer_common.cc | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/tensorflow/lite/micro/kernels/circular_buffer_common.cc b/tensorflow/lite/micro/kernels/circular_buffer_common.cc
index bf45c06f61c..461d3c92955 100644
--- a/tensorflow/lite/micro/kernels/circular_buffer_common.cc
+++ b/tensorflow/lite/micro/kernels/circular_buffer_common.cc
@@ -49,6 +49,10 @@ TfLiteStatus CircularBufferPrepare(TfLiteContext* context, TfLiteNode* node) {
 
   TF_LITE_ENSURE(context, input != nullptr);
   TF_LITE_ENSURE(context, output != nullptr);
+  // The kernel indexes dims->data[0..3] below; ensure both tensors are rank-4
+  // before any access to avoid an out-of-bounds read on malformed models.
+  TF_LITE_ENSURE_EQ(context, NumDimensions(input), 4);
+  TF_LITE_ENSURE_EQ(context, NumDimensions(output), 4);
   TF_LITE_ENSURE_EQ(context, input->dims->data[0], output->dims->data[0]);
   TF_LITE_ENSURE_EQ(context, 1, input->dims->data[1]);
   TF_LITE_ENSURE_EQ(context, input->dims->data[2], output->dims->data[2]);