Description
Filer allows for images to be uploaded to the storages. There is a setting where we can limit the size of the image. However, there is no way to prevent DecompressionBombWarning that can happen when you have added a high pixel image which Pillow can't handle.
In that case you end up with errors like this
/usr/local/lib/python3.9/site-packages/PIL/Image.py:3074: DecompressionBombWarning: Image size (94570638 pixels) exceeds limit of 89478485 pixels, could be decompression bomb DOS attack.I believe, we should make use of the check for max allowed Pixel from Pillow and give a validation error before uploading such images as I have experience downtime in website because filer allowed such high pixel images to be uploaded and then crash the page as pillow can't handle it. Even the filers own thumb-nailing won't succeed because of this issue as it can' handle such files. I believe it is a real issue and filer is the correct place to solve this.