fix(gateway): add GIF size guard (5MB) in resize_and_compress

chaodu-agent · chaodu-agent · commit cf29bf20828b · 2026-05-19T16:14:18.000Z
Prevents oversized GIFs from being base64-encoded and exceeding
downstream LLM API payload limits. Returns an error if the raw GIF
exceeds 5MB, consistent with the existing IMAGE_MAX_DOWNLOAD limit
for other formats.

Addresses review NIT from wangyuyan-agent.
diff --git a/gateway/src/media.rs b/gateway/src/media.rs
@@ -6,13 +6,19 @@ pub const IMAGE_JPEG_QUALITY: u8 = 75;
 pub const IMAGE_MAX_DOWNLOAD: u64 = 10 * 1024 * 1024; // 10 MB
 pub const FILE_MAX_DOWNLOAD: u64 = 512 * 1024; // 512 KB
 pub const AUDIO_MAX_DOWNLOAD: u64 = 20 * 1024 * 1024; // 20 MB
+pub const GIF_MAX_SIZE: usize = 5 * 1024 * 1024; // 5 MB — prevents base64 bloat exceeding LLM payload limits
 
 /// Resize image so longest side <= 1200px, then encode as JPEG.
 /// GIFs are passed through unchanged to preserve animation.
 pub fn resize_and_compress(raw: &[u8]) -> Result<(Vec<u8>, String), image::ImageError> {
     let reader = ImageReader::new(Cursor::new(raw)).with_guessed_format()?;
     let format = reader.format();
     if format == Some(image::ImageFormat::Gif) {
+        if raw.len() > GIF_MAX_SIZE {
+            return Err(image::ImageError::Limits(
+                image::error::LimitError::from_kind(image::error::LimitErrorKind::InsufficientMemory),
+            ));
+        }
         return Ok((raw.to_vec(), "image/gif".to_string()));
     }
     let img = reader.decode()?;
