The attached "image" has an iCCP chunk with length 276. According to the ICC header, it has a profile_length of 1879048662. This should be impossible, since it is much larger than the chunk itself, but png_handle_iCCP attempts to allocate 1879048662 bytes in png_read_buffer to hold the profile.
I suppose it is up to the client to avoid allocating that much memory if it will cause a problem (is that correct?), but should libpng recognize that this must be invalid because it is larger than the chunk itself?
That bug was supposedly fixed in libpng-1.6.25. What version are you testing?
1.6.22, so I am out of date. Thanks!