Open h01ger opened 5 years ago
Ran into this issue myself. I suspect it relates to some sort of ImageMagick config.
Also, GitHub will complain when trying to use a trusted image as a profile picture. this was a bug with my tinyproxy config
This is hardcoded in the image converter script
We could (or perhaps should) add --allow-highres
, --allow-press-print
or a similar option to qvm-get-image
to allow higher resolution images.
Medium format digital cameras could produce way beyond the current limit. Even some of the full-frames could surpass that limit. Let alone scanned images and digitally produced images for ImageSetter targets.
Photoshop limit is 30,000 x 30,000 pixels I did not find GIMP and Krita official limits. But Krita does not complain on 65000 x 65000 images.
This should be doable by passing max_width
and max_height
parameters to get_from_vm
function and subsequently to get_from_stream
function.
p.s. additional notes:
GraphicsMagick has been used to process RGB images 64K by 64K pixels in size.
I did not find specific limit for Numpy which is used for qubesimgconverter
library.
We could (or perhaps should) add
--allow-highres
,--allow-press-print
or a similar option toqvm-get-image
to allow higher resolution images.
I agree. The one limit I definitely think should be enforced is that the total size of the image in bytes should not be allowed to exceed INT_MAX
, as this risks integer overflow or truncation vulnerabilities becoming exploitable.
I agree. The one limit I definitely think should be enforced is that the total size of the image in bytes should not be allowed to exceed
INT_MAX
, as this risks integer overflow or truncation vulnerabilities becoming exploitable.
Good. I will work on it. I have been working on qubesimgconverter
and qvm-get-image
for a while and I know the mechanism fairly well.
PR Submitted. Further notes:
With the default 1GB tmpfs, the actual limitation is the qubes.GetImageRGBA RPC service.
Even with 1GB tmpfs, a resolution of 16000x16000 pixels (~950MB) is easily achievable. That is barely over the current resolution of Phase One XF IQ4 150 Mega Pixel medium format camera. So I set the Highres limit to 16000x16000 in the patch.
I also added better error handling and clear messages to the patch.
After discussing the issue with @andrewdavidwong on PR comments, we decided to break this issue to two independent issues:
--allow-highres
option to qvm-get-image
to bypass the old max_width=8192 max_height=5120 soft-limit. The new soft-limit with --allow-highres
is 64000x64000 pixels which is documented to be supported by GraphicsMagick (i.e. roughly 16GB of uncompressed image). The above PR should close this issue.qubes.GetImageRGBA
temp path configurable. That is to bypass the 1GB default /tmp
size.Related: #5300
Qubes OS version:
3.2
Affected component(s):
qvm-convert-img
Steps to reproduce the behavior:
Expected behavior:
images of any sizes are converted nicely. maybe not of any size, but max_width=8192 max_height=5120 are too limited constraints in 2018.
I'm not sure I fully understand why there has to be a limit at all, but if there has to be one I'd suggest to raise this to max_width=16384 max_height=10240 or maybe even max_width=32768 max_height=20480.
Actual behavior:
see above, it fails to convert.
Additional notes
I also didnt find where to change these values: