Summary
The numpy reproject path (_reproject_chunk_numpy) has a _MAX_WINDOW_PIXELS guard (64 Mpix) that caps the source window fetched for each output chunk. This prevents OOM when a degenerate projection maps a small output chunk to a huge source area (e.g. polar stereographic near the edges).
The CuPy paths are missing this guard:
xrspatial/reproject/__init__.py _reproject_chunk_cupy() (lines ~408-422) -- no window size check before allocating the GPU source window.xrspatial/reproject/__init__.py _reproject_dask_cupy() (lines ~1090-1113) -- same missing guard.
Impact
A reprojection that lands near a projection singularity (e.g. polar stereographic edge, Mercator near poles) could attempt to load the entire source raster onto the GPU for a single chunk, causing a GPU OOM crash. The numpy path handles this gracefully by returning a nodata-filled chunk.
Severity: HIGH
Category: Unbounded Allocation / Denial of Service (Cat 1)
Fix
Add the same _MAX_WINDOW_PIXELS guard that exists in _reproject_chunk_numpy to both CuPy paths. When the source window exceeds the limit, return a nodata-filled CuPy array instead of attempting the allocation.
Summary
The numpy reproject path (
_reproject_chunk_numpy) has a_MAX_WINDOW_PIXELSguard (64 Mpix) that caps the source window fetched for each output chunk. This prevents OOM when a degenerate projection maps a small output chunk to a huge source area (e.g. polar stereographic near the edges).The CuPy paths are missing this guard:
xrspatial/reproject/__init__.py_reproject_chunk_cupy()(lines ~408-422) -- no window size check before allocating the GPU source window.xrspatial/reproject/__init__.py_reproject_dask_cupy()(lines ~1090-1113) -- same missing guard.Impact
A reprojection that lands near a projection singularity (e.g. polar stereographic edge, Mercator near poles) could attempt to load the entire source raster onto the GPU for a single chunk, causing a GPU OOM crash. The numpy path handles this gracefully by returning a nodata-filled chunk.
Severity: HIGH
Category: Unbounded Allocation / Denial of Service (Cat 1)
Fix
Add the same
_MAX_WINDOW_PIXELSguard that exists in_reproject_chunk_numpyto both CuPy paths. When the source window exceeds the limit, return a nodata-filled CuPy array instead of attempting the allocation.