Prevent expansion bomb #16
Description
The standard use case of image-creator is to be fed with arbitrary links to content that will be stored in the target image.
We don't care about what those files contain but given the frontend service will not validate neither, we should protect ourselves (or our running host to be more precise) against easy filesystem size attacks.
It would be easy for an attacker to provide an archive and lie about its expanded size (as it is provided and not computed) resulting in enormous amounts of data being extracted.
Our archive expander should stop/halt once the expected size has been reached.
See #15