Skip to content
View Hem1700's full-sized avatar

Block or report Hem1700

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
Hem1700/README.md

Hem Parekh

$ whoami
hem parekh — security engineer · memory-safety & vulnerability research

$ cat ~/.signature
"The bug is rarely that nobody wrote the check.
 It's that someone wrote it everywhere except here."

I read production C/C++ and systems code looking for the one path that drifted from its safe siblings — missing bounds checks, unchecked attacker-controlled indices, out-of-bounds reads — then prove it with a sanitizer and ship the fix upstream.

Findings ledger

Target Bug class Where Status
Linux kernel · ksmbd OOB read smb_check_perm_dacl()fs/smb/server/smbacl.c Applied to ksmbd-for-next-next, Cc: stable · patch
PyTorch OOB read → SIGSEGV unchecked class_type index, mobile flatbuffer loader Open PR · #186672
curl SSRF-filter bypass parse_authority() — normalize-before-decode (%2e) Responsibly disclosed, under review

How I work

read the code  →  diff a function against its siblings & git history
              →  hypothesize the missing invariant
              →  confirm with ASan / KASAN
              →  upstream patch + responsible disclosure

No exotic tooling — careful reading, sibling-pattern mining, and a sanitizer that turns a hunch into a named, reproducible bug.

Stack

C · C++ · Python · AddressSanitizer / KASAN · Linux kernel internals · fuzzing · responsible disclosure

Elsewhere

Portfolio & writeups → hem1700.github.io · LinkedIn

Pinned Loading

  1. Chat-App-NodeJs Chat-App-NodeJs Public

    JavaScript

  2. Meal-App Meal-App Public

    This an Meal App using flutter learned through udemy course

    Dart

  3. backdoor backdoor Public

    Python 1

  4. first_angular_project first_angular_project Public

    TypeScript 1