Skip to content

Guard base64 data URL image decoding against unbounded memory allocation#10

Merged
jacobjmc merged 2 commits intocodex/reduce-memory-pressurefrom
copilot/sub-pr-9
Mar 8, 2026
Merged

Guard base64 data URL image decoding against unbounded memory allocation#10
jacobjmc merged 2 commits intocodex/reduce-memory-pressurefrom
copilot/sub-pr-9

Conversation

Copy link
Contributor

Copilot AI commented Mar 8, 2026
edited
Loading

persist_data_image_to_temp_file decoded base64 payloads with no size checks, leaving it open to OOM from large or malicious inline images.

Changes

  • Pre-decode guard: Estimates decoded size via encoded.len() * 3 / 4 and rejects before allocating if it exceeds URL_IMAGE_MAX_BYTES (8 MB)
  • Post-decode guard: Checks actual bytes.len() after decoding as a safety net against edge cases in the estimate
let estimated_len = encoded.len().saturating_mul(3) / 4;
if estimated_len > URL_IMAGE_MAX_BYTES {
    return None;
}
let bytes = base64::engine::general_purpose::STANDARD
    .decode(encoded)
    .ok()?;
if bytes.len() > URL_IMAGE_MAX_BYTES {
    return None;
}

Both guards reuse the existing URL_IMAGE_MAX_BYTES constant already defined in scope.

💬 We'd love your input! Share your thoughts on Copilot coding agent in our 2 minute survey.

Summary by cubic

Add pre- and post-decode byte caps for data:image/*;base64, in src-tauri/src/shared/codex_core.rs to reduce memory spikes in heavy threads. Oversized inline images are rejected early to avoid large allocations.

  • Bug Fixes
    • Estimate decoded size with encoded.len().saturating_mul(3)/4 and skip if above URL_IMAGE_MAX_BYTES.
    • After decoding, check bytes.len() against URL_IMAGE_MAX_BYTES; return None if exceeded.

Written for commit a279298. Summary will update on new commits.

Copilot AI mentioned this pull request Mar 8, 2026
Merged
@jacobjmc
Add pre/post-decode size guards for data URL base64 images
a279298 
Co-authored-by: jacobjmc <111402762+jacobjmc@users.noreply.github.com>
Copilot AI changed the title [WIP] Address feedback on memory pressure reduction in heavy threads Guard base64 data URL image decoding against unbounded memory allocation Mar 8, 2026
@jacobjmc jacobjmc marked this pull request as ready for review March 8, 2026 06:58
@jacobjmc jacobjmc merged commit efbbf16 into codex/reduce-memory-pressure Mar 8, 2026
1 check passed
cubic-dev-ai[bot]
cubic-dev-ai bot reviewed Mar 8, 2026
View reviewed changes
Copy link

@cubic-dev-ai cubic-dev-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 1 file

jacobjmc added a commit that referenced this pull request Mar 8, 2026
@jacobjmc
Reduce memory pressure in heavy threads (#9)
b62b42f 
* Reduce thread memory pressure

* Guard base64 data URL image decoding against unbounded memory allocation (#10)

* Initial plan

* Add pre/post-decode size guards for data URL base64 images

Co-authored-by: jacobjmc <111402762+jacobjmc@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: jacobjmc <111402762+jacobjmc@users.noreply.github.com>

---------

Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

Assignees

@jacobjmc jacobjmc

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@jacobjmc