When someone uploaded a 200 megapixel PNG of a fractal to de, it caused
the hard drives on 4 apache servers to fill up, and caused the site to
slow down. The action was not malicious, I hate to think what might have
happened if someone tried to actively exploit it.
I've now limited the thumbnailing code to only attempt to thumbnail
images less than 12.5 megapixels, or about 3500x3500. The problem is
that in ImageMagick's scaling code, the entire image needs to be
decompressed and stored in RAM. For a 200 megapixel image, that means
800 megabytes of working space.
The standard JPEG library has the ability to decompress directly to a
thumbnail. ImageMagick uses this feature. So I haven't restricted JPEG
sizes in any way. You'll still be able to upload large PNGs and link to
them with [[media:]] links.
There are probably still a few DoS avenues in the image handling code,
if anyone's really keen to crash the site. This change should at least
take care of the accidental problems.
In case anyone is looking for a fun project, it is theoretically
possible to make small thumbnails of large PNGs with very little working
memory, using libpng's low-level interface. Bicubic interpolation only
needs 4 rows, so non-progressive PNGs could be thumbnailed in a single
pass with 4 rows of working memory. Progressive PNGs could be
thumbnailed using the first few passes.
-- Tim Starling