Ubuntu
imagemagick package

  1. Bug #1677578
  2. Comment #26

Comment 26 for bug 1677578

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Just when I wanted to report to PHP I found [1] which also led me to [2].

With that I understood that ImageMagick does not follow the php limit being a plugin.
Instead it has its own structure of Limits.

That made me check the default limit that are in place
php7.0 -r 'echo Imagick::getResourceLimit( Imagick::RESOURCETYPE_MEMORY)/1024/1024 . "\n";'
7756.0078125

So 8G is the limit, ok I see we are below that with "just" 5G.

If I want to limit Imagick to something more Sane, lets say 1G I can uncomment examples in /etc/ImageMagick-6/policy.xml and set them like:
  <policy domain="resource" name="memory" value="1GiB"/>
  <policy domain="resource" name="map" value="1GiB"/>

BTW - even with the limit applied the functionality did still work.

So I was turning that new knowledge back to our webserver example.
I had to remember that I have to restart it so that php-cgi picks up the new config, but not it stays inside lower limits just fine.

The newer Release like Zesty comes with much safer defaults:
  <policy domain="resource" name="memory" value="256MiB"/>
  <policy domain="resource" name="map" value="512MiB"/>
  <policy domain="resource" name="width" value="16KP"/>
  <policy domain="resource" name="height" value="16KP"/>
  <policy domain="resource" name="area" value="128MB"/>
  <policy domain="resource" name="disk" value="1GiB"/>
While Xenial still has none in the XML which makes them the default to the high values we have seen.
Unfortunately this is next to impossible to SRU [3] back as some environments might rely on the bigger limits and regress by doing so.

That said I think we have it complete now:
1. understood the issue
2. adressed in the latest release (saner/lower defaults)
3. not SRUable to older releases

I hope that helps you to make your setup work as you expect it.
You were were active on your report and I want to thank you once more - officially this is not "invalid" as it is not a "bug" in the common sense. If you think it is please re-set to new and discuss.

I wonder if there is a good place to announce this as potential DOS to let people check their configuration. I'll ping a few people and ask them.

[1]: https://bugs.php.net/bug.php?id=59031
[2]: http://www.imagemagick.org/script/resources.php
[3]: https://wiki.ubuntu.com/StableReleaseUpdates