diff --git a/src/codecs/ico/decoder.rs b/src/codecs/ico/decoder.rs
index f04edc63e0..45113ac316 100644
--- a/src/codecs/ico/decoder.rs
+++ b/src/codecs/ico/decoder.rs
@@ -249,7 +249,12 @@ impl DirEntry {
         self.seek_to_start(&mut r)?;
 
         if is_png {
-            Ok(Png(Box::new(PngDecoder::new(r)?)))
+            let limits = crate::Limits {
+                max_image_width: Some(self.real_width().into()),
+                max_image_height: Some(self.real_height().into()),
+                max_alloc: Some(256 * 256 * 4 * 2), // width * height * 4 bytes per pixel * safety factor of 2
+            };
+            Ok(Png(Box::new(PngDecoder::with_limits(r, limits)?)))
         } else {
             Ok(Bmp(BmpDecoder::new_with_ico_format(r)?))
         }
diff --git a/tests/regression/ico/oom-0d0085eb7f66ea55d9119206235cd29e089b9140.ico b/tests/regression/ico/oom-0d0085eb7f66ea55d9119206235cd29e089b9140.ico
new file mode 100644
index 0000000000..4163129b93
Binary files /dev/null and b/tests/regression/ico/oom-0d0085eb7f66ea55d9119206235cd29e089b9140.ico differ
diff --git a/tests/regression/ico/oom-ff076e7064c13ec1f8e2c5bbbfb7a77a08db2361.ico b/tests/regression/ico/oom-ff076e7064c13ec1f8e2c5bbbfb7a77a08db2361.ico
new file mode 100644
index 0000000000..7b0ec50ad7
Binary files /dev/null and b/tests/regression/ico/oom-ff076e7064c13ec1f8e2c5bbbfb7a77a08db2361.ico differ