Limit uploaded avatar image-size to 4096x3072 by default #4353

bkcsoft · 2018-07-02T21:24:28Z

Uploading large files may cause Gitea to crash on OOM. This load the image-header first and checks the sizes before proceeding.

(e.g. a 64250x64250 image becomes 4.1 Gigapixels. Which would allocate 16GB of RAM in RGBA8888.)

Since this can be used for DoS-attacks we should backport it. Just don't know which version yet 🙂

codecov-io · 2018-07-02T22:23:32Z

Codecov Report

Merging #4353 into master will decrease coverage by <.01%.
The diff coverage is 0%.

@@            Coverage Diff             @@
##           master    #4353      +/-   ##
==========================================
- Coverage   20.09%   20.09%   -0.01%     
==========================================
  Files         153      153              
  Lines       30705    30715      +10     
==========================================
  Hits         6171     6171              
- Misses      23590    23600      +10     
  Partials      944      944

Impacted Files	Coverage Δ
models/user.go	`22.11% <0%> (-0.22%)`	⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 69796dd...cb69ac8. Read the comment docs.

* SECURITY * Limit uploaded avatar image-size to 4096x3072 by default (go-gitea#4353) * Do not allow to reuse TOTP passcode (go-gitea#3878) * FEATURE * Add cli commands to regen hooks & keys (go-gitea#3979) * Add support for FIDO U2F (go-gitea#3971) * Added user language setting (go-gitea#3875) * LDAP Public SSH Keys synchronization (go-gitea#1844) * Add topic support (go-gitea#3711) * Multiple assignees (go-gitea#3705) * Add protected branch whitelists for merging (go-gitea#3689) * Global code search support (go-gitea#3664) * Add label descriptions (go-gitea#3662) * Add issue search via API (go-gitea#3612) * Add repository setting to enable/disable health checks (go-gitea#3607) * Emoji Autocomplete (go-gitea#3433) * Implements generator cli for secrets (go-gitea#3531) * ENHANCEMENT * Add more webhooks support and refactor webhook templates directory (go-gitea#3929) * Add new option to allow only OAuth2/OpenID user registration (go-gitea#3910) * Add option to use paged LDAP search when synchronizing users (go-gitea#3895) * Symlink icons (go-gitea#1416) * Improve release page UI (go-gitea#3693) * Add admin dashboard option to run health checks (go-gitea#3606) * Add branch link in branch list (go-gitea#3576) * Reduce sql query times in retrieveFeeds (go-gitea#3547) * Option to enable or disable swagger endpoints (go-gitea#3502) * Add missing licenses (go-gitea#3497) * Reduce repo indexer disk usage (go-gitea#3452) * Enable caching on assets and avatars (go-gitea#3376) * Add repository search ordered by stars/forks. Forks column in admin repo list (go-gitea#3969) * Add Environment Variables to Docker template (go-gitea#4012) * LFS: make HTTP auth period configurable (go-gitea#4035) * Add config path as an optionial flag when changing pass via CLI (go-gitea#4184) * Refactor User Settings sections (go-gitea#3900) * Allow square brackets in external issue patterns (go-gitea#3408) * Add Attachment API (go-gitea#3478) * Add EnableTimetracking option to app settings (go-gitea#3719) * Add config option to enable or disable log executed SQL (go-gitea#3726) * Shows total tracked time in issue and milestone list (go-gitea#3341) * TRANSLATION * Improve English grammar and consistency (go-gitea#3614) * DEPLOYMENT * Allow Gitea to run as different USER in Docker (go-gitea#3961) * Provide compressed release binaries (go-gitea#3991) * Sign release binaries (go-gitea#4188)

bkcsoft added type/enhancement An improvement of existing functionality topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! labels Jul 2, 2018

Limit uploaded avatar image-size to 4096x3072 by default

296c153

bkcsoft force-pushed the fix-image-dos-attack branch from c90b589 to 296c153 Compare July 2, 2018 21:51

Delete unneeded file

cb69ac8

lafriks approved these changes Jul 2, 2018

View reviewed changes

bkcsoft added the lgtm/need 1 This PR needs approval from one additional maintainer to be merged. label Jul 2, 2018

lafriks added this to the 1.5.0 milestone Jul 2, 2018

techknowlogick approved these changes Jul 2, 2018

View reviewed changes

bkcsoft added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Jul 2, 2018

lafriks merged commit cbee921 into master Jul 3, 2018

lafriks deleted the fix-image-dos-attack branch July 3, 2018 03:56

lafriks added the type/changelog Adds the changelog for a new Gitea version label Jul 3, 2018

glitch003 pushed a commit to deconet/gitea that referenced this pull request Jul 4, 2018

Limit uploaded avatar image-size to 4096x3072 by default (go-gitea#4353)

1aec387

go-gitea locked and limited conversation to collaborators Nov 24, 2020

delvh removed the type/changelog Adds the changelog for a new Gitea version label Oct 7, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Limit uploaded avatar image-size to 4096x3072 by default #4353

Limit uploaded avatar image-size to 4096x3072 by default #4353

bkcsoft commented Jul 2, 2018

codecov-io commented Jul 2, 2018 •

edited

Loading

Limit uploaded avatar image-size to 4096x3072 by default #4353

Limit uploaded avatar image-size to 4096x3072 by default #4353

Conversation

bkcsoft commented Jul 2, 2018

codecov-io commented Jul 2, 2018 • edited Loading

Codecov Report

codecov-io commented Jul 2, 2018 •

edited

Loading