Perform image integrity checks during upload
Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.
Implementing image scaling surfaced a number of problems with the quality of our existing image database for gitlab.com. This is because unlike merely serving image data, rescaling images requires us to first decode images to reprocess pixel data. This means that image scaling is much more exposed to the quality of the encoding, and bad data in e.g. the file header will fail this process.
One frequent error we are seeing is that PNG chunk checksums are incorrect for a number of images. This has been investigated in #287614 (comment 452681252). It is unclear currently how many images are affected but it is by far the largest contributor to us breaking the currently defined SLO for the image scaling component.
Errors such as bad CRCs can be fixed by stripping out bad or unsafe data e.g. via pngfix. I think this should happen on the upload path, so as to make sure that before we even store the image, it will be in a state that makes processing the image safe and reliable.