Prevent OOM in ICO due to PNG

Author: RunDevelopment

src/codecs/ico/decoder.rs

@@ -249,7 +249,12 @@ impl DirEntry {
         self.seek_to_start(&mut r)?;
 
         if is_png {
-            Ok(Png(Box::new(PngDecoder::new(r)?)))
+            let limits = crate::Limits {
+                max_image_width: Some(self.real_width().into()),
+                max_image_height: Some(self.real_height().into()),
+                max_alloc: Some(256 * 256 * 4 * 2), // width * height * 4 bytes per pixel * safety factor of 2
+            };
+            Ok(Png(Box::new(PngDecoder::with_limits(r, limits)?)))
         } else {
             Ok(Bmp(BmpDecoder::new_with_ico_format(r)?))
         }