Skip to content

🔒 Fix DoS vulnerability in image resizing logic #109

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
adcondev wants to merge 2 commits into
base: master
Choose a base branch
from
Open

🔒 Fix DoS vulnerability in image resizing logic #109

adcondev wants to merge 2 commits into from

Conversation

@adcondev
Copy link
Owner

@adcondev adcondev commented Feb 12, 2026

This PR fixes a potential Denial of Service (DoS) vulnerability in pkg/graphics/processing.go.
The ResizeImage function previously calculated the target height based on the source image's aspect ratio without any upper bound. This allowed an attacker to provide an image with dimensions (e.g., extremely large height, small width) that would result in a massive targetH, causing image.NewRGBA to attempt allocating gigabytes of memory, leading to an OOM crash.

Changes:

  • Added const MaxImagePixelHeight = 32000 (approx 4 meters at 203 DPI) as a safety limit.
  • Modified ResizeImage to clamp the calculated targetH to MaxImagePixelHeight.
  • Added a regression test pkg/graphics/processing_security_test.go that attempts to trigger the excessive allocation and verifies that the height is correctly capped.

PR created automatically by Jules for task 10886718502609095160 started by @adcondev

@google-labs-jules @adcondev
fix(graphics): cap image height to prevent DoS via excessive memory a…
9ee117a 
…llocation

- Introduced `MaxImagePixelHeight` (32000px) constant in `pkg/graphics/processing.go`
- Added check in `ResizeImage` to clamp target height to `MaxImagePixelHeight`
- Added `pkg/graphics/processing_security_test.go` to verify the fix and prevent regression

This prevents an attacker from causing an Out-Of-Memory (OOM) crash by supplying an image with dimensions that result in an excessively large target height during resizing.

Co-authored-by: adcondev <38170282+adcondev@users.noreply.github.com>
@google-labs-jules
Copy link
Contributor

google-labs-jules bot commented Feb 12, 2026

👋 Jules, reporting for duty! I'm here to lend a hand with this pull request.

When you start a review, I'll add a 👀 emoji to each comment to let you know I've read it. I'll focus on feedback directed at me and will do my best to stay out of conversations between you and other bots or reviewers to keep the noise down.

I'll push a commit with your requested changes shortly after. Please note there might be a delay between these steps, but rest assured I'm on the job!

For more direct control, you can switch me to Reactive Mode. When this mode is on, I will only act on comments where you specifically mention me with @jules. You can find this option in the Pull Request section of your global Jules UI settings. You can always switch back!

New to Jules? Learn more at jules.google/docs.

For security, I will only act on instructions from the user who triggered this task.

Copilot AI review requested due to automatic review settings February 12, 2026 16:37
Copilot AI reviewed Feb 12, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot wasn't able to review any files in this pull request.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@github-actions
Copy link
Contributor

github-actions bot commented Feb 12, 2026

👋 Thanks for opening this PR, @adcondev!

Here's what will happen next:

  • 🤖 Automated checks will run
  • 🏷️ Labels will be added automatically
  • 👀 A maintainer will review your changes

Please make sure:

  • ✅ All tests pass
  • 📝 The PR title follows conventional commits
  • 📋 The PR template is filled out completely

@github-actions
Copy link
Contributor

github-actions bot commented Feb 12, 2026
edited
Loading

⚡ Benchmark Results

📈 Performance Comparison

📊 Click to expand detailed results

Current Branch Results

BenchmarkNewDocument-4    	1000000000	         0.3127 ns/op	       0 B/op	       0 allocs/op
BenchmarkBuildSimple-4    	 3628382	       336.8 ns/op	     240 B/op	       4 allocs/op
BenchmarkBuildComplex-4   	  394484	      2818 ns/op	    1809 B/op	      25 allocs/op
BenchmarkToJSON-4         	  524250	      2115 ns/op	     592 B/op	       3 allocs/op
BenchmarkParseDocument_Minimal-4    	  498692	      2340 ns/op	     568 B/op	      14 allocs/op
BenchmarkParseDocument_Receipt-4    	   91568	     12699 ns/op	    2392 B/op	      34 allocs/op
BenchmarkCommandUnmarshal_Text-4    	  413558	      2750 ns/op	     568 B/op	      19 allocs/op
BenchmarkCommandUnmarshal_Table-4   	  265705	      4220 ns/op	     944 B/op	      21 allocs/op
BenchmarkTextCommandParsing-4       	  527422	      2198 ns/op	     544 B/op	      16 allocs/op
BenchmarkTableCommandParsing-4      	  241180	      4923 ns/op	    1000 B/op	      29 allocs/op
BenchmarkParseHexString-4           	 7700494	       153.5 ns/op	      48 B/op	       2 allocs/op
BenchmarkCleanHexString-4           	 6086776	       196.2 ns/op	      64 B/op	       2 allocs/op
BenchmarkContainsSequence-4         	293662016	         4.080 ns/op	       0 B/op	       0 allocs/op
BenchmarkCheckCriticalCommands-4    	32688139	        37.11 ns/op	       0 B/op	       0 allocs/op
BenchmarkDocument_Validate-4       	14508613	        82.91 ns/op	       0 B/op	       0 allocs/op
BenchmarkParseDocument_Simple-4    	  500200	      2412 ns/op	     568 B/op	      14 allocs/op
BenchmarkParseDocument_Complex-4   	  137176	      8777 ns/op	    1352 B/op	      26 allocs/op
BenchmarkPrintImage_Small-4             	     577	   2051383 ns/op	 3469948 B/op	      24 allocs/op
BenchmarkPrintImage_Medium-4            	     322	   3743579 ns/op	 5481087 B/op	      24 allocs/op
BenchmarkPrintImage_ThermalPreview-4    	     139	   8692173 ns/op	 5235281 B/op	  230723 allocs/op

Base Branch Results

BenchmarkNewDocument-4    	1000000000	         0.3134 ns/op	       0 B/op	       0 allocs/op
BenchmarkBuildSimple-4    	 3600649	       332.3 ns/op	     240 B/op	       4 allocs/op
BenchmarkBuildComplex-4   	  405763	      2840 ns/op	    1809 B/op	      25 allocs/op
BenchmarkToJSON-4         	  514844	      2110 ns/op	     592 B/op	       3 allocs/op
BenchmarkParseDocument_Minimal-4    	  502374	      2338 ns/op	     568 B/op	      14 allocs/op
BenchmarkParseDocument_Receipt-4    	   93877	     13012 ns/op	    2392 B/op	      34 allocs/op
BenchmarkCommandUnmarshal_Text-4    	  405433	      2730 ns/op	     568 B/op	      19 allocs/op
BenchmarkCommandUnmarshal_Table-4   	  271172	      4225 ns/op	     944 B/op	      21 allocs/op
BenchmarkTextCommandParsing-4       	  521857	      2139 ns/op	     544 B/op	      16 allocs/op
BenchmarkTableCommandParsing-4      	  238363	      4868 ns/op	    1000 B/op	      29 allocs/op
BenchmarkParseHexString-4           	 8585815	       138.9 ns/op	      48 B/op	       2 allocs/op
BenchmarkCleanHexString-4           	 6051958	       180.5 ns/op	      64 B/op	       2 allocs/op
BenchmarkContainsSequence-4         	372417595	         3.216 ns/op	       0 B/op	       0 allocs/op
BenchmarkCheckCriticalCommands-4    	31175234	        39.41 ns/op	       0 B/op	       0 allocs/op
BenchmarkDocument_Validate-4       	14542147	        85.95 ns/op	       0 B/op	       0 allocs/op
BenchmarkParseDocument_Simple-4    	  493497	      2418 ns/op	     568 B/op	      14 allocs/op
BenchmarkParseDocument_Complex-4   	  137161	      8572 ns/op	    1352 B/op	      26 allocs/op
BenchmarkPrintImage_Small-4             	     595	   1976375 ns/op	 3469936 B/op	      24 allocs/op
BenchmarkPrintImage_Medium-4            	     315	   3750624 ns/op	 5481085 B/op	      24 allocs/op
BenchmarkPrintImage_ThermalPreview-4    	     138	   8646899 ns/op	 5235282 B/op	  230723 allocs/op

💡 Note: Use benchstat for statistical comparison

🎯 Summary

  • Total Benchmarks: 32
  • Average Speed: 2675297 ns/op
  • Average Memory: 2396934 B/op
  • Average Allocations: 41093 allocs/op

@adcondev @google-labs-jules
fix(graphics): cap image height to prevent DoS via excessive memory a…
ef6774e 
…llocation

- Introduced `MaxImagePixelHeight` (32000px) constant in `pkg/graphics/processing.go`
- Added check in `ResizeImage` to clamp target height to `MaxImagePixelHeight`
- Added `pkg/graphics/processing_security_test.go` to verify the fix and prevent regression

This prevents an attacker from causing an Out-Of-Memory (OOM) crash by supplying an image with dimensions that result in an excessively large target height during resizing.

Co-authored-by: google-labs-jules[bot] <161369871+google-labs-jules[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

@adcondev adcondev

Labels

graphics size/S size/XS tests

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@adcondev