1 år sedan · 890b4e3f7d
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,9 @@
 
				 # Changelog
			
 
				 
			
 
				 ## [Unreleased]
			
 
				+### Change
			
 
				+- Limit vector image sizes to `IMGPROXY_MAX_SRC_RESOLUTION`.
			
 
				+
			
 
				 ### Fix
			
 
				 - Fix parsing of HEIF files with large boxes.
			
 
				 - Fix wrong colors when the source image has a linear colorspace.
			
--- a/imagetype/imagetype.go
+++ b/imagetype/imagetype.go
@@ -135,6 +135,10 @@ func (it Type) ContentDispositionFromURL(imageURL string, returnAttachment bool)
 
				 	return it.ContentDisposition(strings.TrimSuffix(filename, filepath.Ext(filename)), returnAttachment)
			
 
				 }
			
 
				 
			
 
				+func (it Type) IsVector() bool {
			
 
				+	return it == SVG
			
 
				+}
			
 
				+
			
 
				 func (it Type) SupportsAlpha() bool {
			
 
				 	return it != JPEG && it != BMP
			
 
				 }
			
--- a/processing/prepare.go
+++ b/processing/prepare.go
@@ -168,5 +168,16 @@ func prepare(pctx *pipelineContext, img *vips.Image, po *options.ProcessingOptio
 
				 
			
 
				 	pctx.wscale, pctx.hscale, pctx.dprScale = calcScale(widthToScale, heightToScale, po, pctx.imgtype)
			
 
				 
			
 
				+	// The size of a vector image are not checked during download, yet it can be very large.
			
 
				+	// So we should scale it down to the maximum allowed resolution
			
 
				+	if !pctx.trimmed && imgdata != nil && imgdata.Type.IsVector() && !po.Enlarge {
			
 
				+		resolution := imath.Round((float64(img.Width()*img.Height()) * pctx.wscale * pctx.hscale))
			
 
				+		if resolution > po.SecurityOptions.MaxSrcResolution {
			
 
				+			scale := math.Sqrt(float64(po.SecurityOptions.MaxSrcResolution) / float64(resolution))
			
 
				+			pctx.wscale *= scale
			
 
				+			pctx.hscale *= scale
			
 
				+		}
			
 
				+	}
			
 
				+
			
 
				 	return nil
			
 
				 }
			
--- a/processing/scale_on_load.go
+++ b/processing/scale_on_load.go
@@ -18,7 +18,7 @@ func canScaleOnLoad(pctx *pipelineContext, imgdata *imagedata.ImageData, scale f
 
				 		return false
			
 
				 	}
			
 
				 
			
 
				-	if imgdata.Type == imagetype.SVG {
			
 
				+	if imgdata.Type.IsVector() {
			
 
				 		return true
			
 
				 	}
			
 
				 
			
--- a/processing/trim.go
+++ b/processing/trim.go
@@ -1,6 +1,8 @@
 
				 package processing
			
 
				 
			
 
				 import (
			
 
				+	"math"
			
 
				+
			
 
				 	"github.com/imgproxy/imgproxy/v3/imagedata"
			
 
				 	"github.com/imgproxy/imgproxy/v3/options"
			
 
				 	"github.com/imgproxy/imgproxy/v3/vips"
			
@@ -11,6 +13,17 @@ func trim(pctx *pipelineContext, img *vips.Image, po *options.ProcessingOptions,
 
				 		return nil
			
 
				 	}
			
 
				 
			
 
				+	// The size of a vector image are not checked during download, yet it can be very large.
			
 
				+	// So we should scale it down to the maximum allowed resolution
			
 
				+	if imgdata != nil && imgdata.Type.IsVector() {
			
 
				+		if resolution := img.Width() * img.Height(); resolution > po.SecurityOptions.MaxSrcResolution {
			
 
				+			scale := math.Sqrt(float64(po.SecurityOptions.MaxSrcResolution) / float64(resolution))
			
 
				+			if err := img.Load(imgdata, 1, scale, 1); err != nil {
			
 
				+				return err
			
 
				+			}
			
 
				+		}
			
 
				+	}
			
 
				+
			
 
				 	// We need to import color profile before trim
			
 
				 	if err := importColorProfile(pctx, img, po, imgdata); err != nil {
			
 
				 		return err