Bug 1241728. Limit the size of images that we will downscale from to 1048576 pixels. r=edwin
authorTimothy Nikkel <tnikkel@gmail.com>
Wed, 27 Jan 2016 16:19:33 -0600
changeset 281953 55ded3235a2d054fa203552b44fe0e4b417800c8
parent 281952 06f98d9c6468beff157fc8f8c3ce4819041b545b
child 281954 ec248e49ed2abb6a2a15dc365c79df621b06b705
push id70990
push usertnikkel@gmail.com
push dateWed, 27 Jan 2016 22:19:45 +0000
treeherdermozilla-inbound@e5d570fdc98f [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersedwin
bugs1241728, 1048576
milestone47.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1241728. Limit the size of images that we will downscale from to 1048576 pixels. r=edwin This avoids spending too much cpu/memory downscaling absolutely huge images.
image/Downscaler.cpp
--- a/image/Downscaler.cpp
+++ b/image/Downscaler.cpp
@@ -67,16 +67,23 @@ Downscaler::BeginFrame(const nsIntSize& 
              "Created a downscaler, but not downscaling?");
   MOZ_ASSERT(mTargetSize.width <= aOriginalSize.width,
              "Created a downscaler, but width is larger");
   MOZ_ASSERT(mTargetSize.height <= aOriginalSize.height,
              "Created a downscaler, but height is larger");
   MOZ_ASSERT(aOriginalSize.width > 0 && aOriginalSize.height > 0,
              "Invalid original size");
 
+  // Only downscale from reasonable sizes to avoid using too much memory/cpu
+  // downscaling and decoding. 1 << 20 == 1,048,576 seems a reasonable limit.
+  if (aOriginalSize.width > (1 << 20) || aOriginalSize.height > (1 << 20)) {
+    NS_WARNING("Trying to downscale image frame that is too large");
+    return NS_ERROR_INVALID_ARG;
+  }
+
   mFrameRect = aFrameRect.valueOr(nsIntRect(nsIntPoint(), aOriginalSize));
   MOZ_ASSERT(mFrameRect.x >= 0 && mFrameRect.y >= 0 &&
              mFrameRect.width >= 0 && mFrameRect.height >= 0,
              "Frame rect must have non-negative components");
   MOZ_ASSERT(nsIntRect(0, 0, aOriginalSize.width, aOriginalSize.height)
                .Contains(mFrameRect),
              "Frame rect must fit inside image");
   MOZ_ASSERT_IF(!nsIntRect(0, 0, aOriginalSize.width, aOriginalSize.height)