SUMMARY A single malicious file makes the plugin use all available memory until it is killed by lack of more memory. STEPS TO REPRODUCE 1. Download and expand the image from https://www.bamsoftware.com/hacks/deflate.html in any folder 2. wait until dolphin/konqueror.... updates the thumbnail of that image. OBSERVED RESULT It is killed by the oom killer. EXPECTED RESULT It has some protection against those kind of files, like DecompressionBombWarning in https://pillow.readthedocs.io/en/3.1.x/reference/Image.html SOFTWARE/OS VERSIONS KDE Frameworks 5.63.0 Qt 5.13.1 (built against 5.13.1) The xcb windowing system
I don't support you're interested in submitting a patch? :)
Unfortunately, I don't have the time. I've been tying to create a single simple patch for 3 months, and I still don't have it.
Created attachment 153532 [details] .zip file containing a file triggering a Dolphin hang Worse yet, it doesn't take a malicious file to trigger kioslave5 to eat all system memory. When making SNES music, I generate .brr files which are unheadered SNES samples, effectively raw binary data. Because these files are unstructured and can take up near-arbitrary values, file and Dolphin misdetects one of them as a 61935 x 58476 Targa file. When I open Dolphin to a directory containing this file, or the parent directory showing subdirectory icons, kioslave5 eats up all available system memory, requiring killing the process or Alt+SysRq+F if you even have that enabled. This is a nasty bug to occur, particularly because this file doesn't even have a .tga extension but .brr, but Dolphin first guesses the file type from magic numbers inside, then tries generating a thumbnail for a file without an image extension, then doesn't bail out when the image is 3 billion pixels large despite being 101 bytes long (not containing practically any of the actual pixels inside). The workaround I have is creating a custom .brr MIME type so Dolphin won't try to generate a thumbnail (and I can assign proper file associations to open it in a hex editor). But out of the box, merely opening a folder *containing* a folder holding the bad file can lock up your entire system, likely irrecoverably if your distro disables Alt+SysRq out of the box.
I found no way to prevent the plugin from identifying the file as TGA. I added the options support to the plugin (https://invent.kde.org/frameworks/kimageformats/-/merge_requests/212). The KDE thumbnailer should use the Size option to determine how large the image becomes and avoid generating the thumbnail if it exceeds 1/3 of the available RAM.
The latest version of the TGA plugin has improved memory management (it uses half the RAM compared to older versions) and error detection during loading (https://invent.kde.org/frameworks/kimageformats/-/merge_requests/393). If your system uses lazy allocation (Linux and Windows do), you shouldn't see any RAM consumption now (at least with this file).
None of the files makes dolphin use huge amount of memory.