diff --git a/common/lib/Munin/Common/Config.pm b/common/lib/Munin/Common/Config.pm
index 81b1dc8..76ff088 100644
--- a/common/lib/Munin/Common/Config.pm
+++ b/common/lib/Munin/Common/Config.pm
@@ -37,6 +37,7 @@ my %legal = map { $_ => 1 } (
 	"cdef_name", "graphable", "process", "realname",
 	"onlynullcdef", "group_order", "pipe", "pipe_command",
 	"unknown_limit", "num_unknowns", "dropdownlimit",
+	"max_size_x", "max_size_y",
 	"max_graph_jobs", "max_cgi_graph_jobs", "munin_cgi_graph_jobs",
         "max_html_jobs", "num_messages");
 
diff --git a/master/_bin/munin-cgi-graph.in b/master/_bin/munin-cgi-graph.in
index 72a13ba..f09ca17 100755
--- a/master/_bin/munin-cgi-graph.in
+++ b/master/_bin/munin-cgi-graph.in
@@ -265,6 +265,22 @@ sub verify_parameters
 			exit 1;
 		}
 	}
+
+       # Checks the image size requested.
+       if (( CGI::param("size_x") || "") =~ m/^(\d+)/) {
+               my $max_size_x = ( $config->{max_size_x} || 4000);
+               if ($1 > $max_size_x) {
+                       print STDERR "Warning: Asked image size x too large : $1 > $max_size_x. Bailing out.\n";
+                       exit 1;
+               }
+       }
+       if (( CGI::param("size_y") || "") =~ m/^(\d+)/) {
+               my $max_size_y = ($config->{max_size_y} || 4000);
+               if ($1 > $max_size_y) {
+                       print STDERR "Warning: Asked image size y too large : $1 > $max_size_y. Bailing out.\n";
+                       exit 1;
+               }
+       }
 }