In this case limiting complexity would have worked: don't support frivolous amounts of image codecs (like the fax format here), just support 1-2, and make sure there is high assurance of the safety using known methods (security oriented code design, memory safe language, fuzzing, and sandboxing).