'error: too many pixels, not supported' on large files, again

kornelski / cavif-rs

AVIF image creator in pure Rust

https://lib.rs/cavif

BSD 3-Clause "New" or "Revised" License

570 stars 27 forks source link

'error: too many pixels, not supported' on large files, again #66

Closed Shnatsel closed 1 year ago

Shnatsel commented 1 year ago

I'm seeing the same issue as in #54 on cavif v1.5.0 and lodepng v3.7.2. It was supposed to be fixed in lodepng v3.6.2, but has apparently regressed.

Here's a sample real-world image that causes this issue: 16015524417537530135363

Shnatsel commented 1 year ago

Also, you might be interested in a new pure-Rust PNG decoder that outperforms the png crate, libpng and even libspng: https://github.com/etemesi254/zune-image/tree/dev/zune-png

It also happens to not have the limits entirely configurable without artificial caps. It's been tested extensively on-real world images and is fuzzed on CI. It is is very close to being usable in production, the only blocker is https://github.com/etemesi254/zune-image/issues/84

kornelski commented 1 year ago

This time this was deliberate, because I have this exposed to the internet, and I keep getting beg bounties about potential DoS from large images.

Shnatsel commented 1 year ago

Perhaps this should be configurable via a command-line parameter? For example, imagemagick supports setting size limits. The image crate does as well.

kornelski commented 1 year ago

I've made it configurable in load_image and upped the default limit. If you rebuild cavif from source it will have the higher limit.

Shnatsel commented 1 year ago

Thank you!