Expose PIL.Image.MAX_IMAGE_PIXELS for larger (or smaller) max image area size

[Telkhine]

PIL/pillow will throw a DecompressionBomb error if the image size is greater than 178956970 pixels.

I found out the hard way:

[2022-08-17 08:13:23] szurubooru.middleware.request_logger POST /posts/reverse-search (user=rex, queries=1)
[2022-08-17 08:13:23] waitress Exception while serving /posts/reverse-search
Traceback (most recent call last):
  File "/usr/lib/python3.8/site-packages/waitress/channel.py", line 350, in service
    task.service()
  File "/usr/lib/python3.8/site-packages/waitress/task.py", line 171, in service
    self.execute()
  File "/usr/lib/python3.8/site-packages/waitress/task.py", line 441, in execute
    app_iter = self.channel.server.application(environ, start_response)
  File "/opt/app/szurubooru/rest/app.py", line 104, in application
    response = handler(ctx, match.groupdict())
  File "/opt/app/szurubooru/api/post_api.py", line 295, in get_posts_by_image
    lookalikes = posts.search_by_image(content)
  File "/opt/app/szurubooru/func/posts.py", line 931, in search_by_image
    query_signature = image_hash.generate_signature(image_content)
  File "/opt/app/szurubooru/func/image_hash.py", line 229, in generate_signature
    im_array = _preprocess_image(content)
  File "/opt/app/szurubooru/func/image_hash.py", line 43, in _preprocess_image
    img = Image.open(BytesIO(content))
  File "/usr/lib/python3.8/site-packages/PIL/Image.py", line 2916, in open
    im = _open_core(fp, filename, prefix)
  File "/usr/lib/python3.8/site-packages/PIL/Image.py", line 2903, in _open_core
    _decompression_bomb_check(im.size)
  File "/usr/lib/python3.8/site-packages/PIL/Image.py", line 2826, in _decompression_bomb_check
    raise DecompressionBombError(
PIL.Image.DecompressionBombError: Image size (286150800 pixels) exceeds limit of 178956970 pixels, could be decompression bomb DOS attack.

Could we perhaps do the following?

1. Expose a setting for PIL.Image.MAX_IMAGE_PIXELS in config.yml, like we have for max_dl_filesize
2. Properly handle DecompressionBombError. When uploading via the web interface, it just throws an "Internal Server Error". If we do part 1, then it'd be nice for it to tells where the problem is.

Thanks

---

EDIT:

As a quick hack, I manually went into /server/szurubooru/func/image_hash.py and added Image.MAX_IMAGE_PIXELS = 300000000.

That fixed the DecompressionBombError, but surfaced a new bug:

Invalid image dimensions returned during processing

The error stems from /server/szurubooru/func/images.py Image class width and height methods. It looks like ffmpeg/ffprobe is used to get image dimensions among other things, but is failing for my large image file.

I tried manually running ffprobe on my local machine:

$ ffprobe -v error -show_entries stream=width,height -of default=noprint_wrappers=1 ./14027x20400-image.jpg

[mjpeg @ 0x55c504a2ee40] [IMGUTILS @ 0x7ffdf0fc2a20] Picture size 14027x20400 is invalid
width=0
height=0

So, ffmpeg can't handle such a large image either. Looks like I'm fubar, unless anyone has another idea.

[Telkhine]

I'm closing this, as this appears to be a hard limit with ffmpeg. A better error message might be the best solution here.