For MediaWiki (recent comments | status changes | tags | authors | states | release notes | statistics)
Index: trunk/phase3/includes/Image.php =================================================================== --- trunk/phase3/includes/Image.php (revision 11397) +++ trunk/phase3/includes/Image.php (revision 11398) @@ -919,6 +919,7 @@ function renderThumb( $width, $useScript = true ) { global $wgUseSquid, $wgInternalServer; global $wgThumbnailScriptPath, $wgSharedThumbnailScriptPath; + global $wgSVGMaxSize, $wgMaxImageArea; $fname = 'Image::renderThumb'; wfProfileIn( $fname ); @@ -940,7 +941,14 @@ return null; } - global $wgSVGMaxSize; + # Don't thumbnail an image so big that it will fill hard drives and send servers into swap + # JPEG has the handy property of allowing thumbnailing without full decompression, so we make + # an exception for it. + if ( $this->getMimeType() !== "image/jpeg" && $this->width * $this->height > $wgMaxImageArea ) { + wfProfileOut( $fname ); + return null; + } + $maxsize = $this->mustRender() ? max( $this->width, $wgSVGMaxSize ) : $this->width - 1; Index: trunk/phase3/includes/DefaultSettings.php =================================================================== --- trunk/phase3/includes/DefaultSettings.php (revision 11397) +++ trunk/phase3/includes/DefaultSettings.php (revision 11398) @@ -1126,6 +1126,12 @@ $wgSVGConverterPath = ''; /** Don't scale a SVG larger than this unless its native size is larger */ $wgSVGMaxSize = 1024; +/** + * Don't thumbnail an image if it will use too much working memory + * Default is 50 MB if decompressed to RGBA form, which corresponds to + * 12.5 million pixels or 3500x3500 + */ +$wgMaxImageArea = 1.25e7; /** Set $wgCommandLineMode if it's not set already, to avoid notices */ if( !isset( $wgCommandLineMode ) ) { Index: trunk/phase3/RELEASE-NOTES =================================================================== --- trunk/phase3/RELEASE-NOTES (revision 11397) +++ trunk/phase3/RELEASE-NOTES (revision 11398) @@ -157,6 +157,8 @@ (requires PHP 5, XMLReader extension) * (bug 2773) Print style sheet no longer overrides RTL text direction * (bug 2938) Update MediaWiki:Exporttext to be more general +* Fixed possible infinite loop in formatComment +* Added a limit to the size of image files which can be thumbnailed === Caveats ===
