diff --git a/transform.go b/transform.go
index ed772e041..120b2609e 100644
--- a/transform.go
+++ b/transform.go
@@ -16,6 +16,7 @@ package imageproxy
 
 import (
 	"bytes"
+	"errors"
 	"fmt"
 	"image"
 	_ "image/gif" // register gif format
@@ -54,6 +55,18 @@ func Transform(img []byte, opt Options) ([]byte, error) {
 		return img, nil
 	}
 
+	// decode image metadata
+	imageMeta, _, err := image.DecodeConfig(bytes.NewReader(img))
+	if err != nil {
+		return nil, err
+	}
+
+	// prevent pixel flooding attacks
+	// accept no larger than a 10,000 x 10,000 image
+	if imageMeta.Width*imageMeta.Height > 100000000 {
+		return nil, errors.New("image too large")
+	}
+
 	// decode image
 	m, format, err := image.Decode(bytes.NewReader(img))
 	if err != nil {