diff --git a/core/src/main/java/org/mapfish/print/servlet/HandleReportLoadResult.java b/core/src/main/java/org/mapfish/print/servlet/HandleReportLoadResult.java
index 6ccf1ce982..6dfcd85948 100644
--- a/core/src/main/java/org/mapfish/print/servlet/HandleReportLoadResult.java
+++ b/core/src/main/java/org/mapfish/print/servlet/HandleReportLoadResult.java
@@ -92,12 +92,12 @@ protected final void sendReportFile(
       httpServletResponse.setContentType(metadata.getResult().getMimeType());
       if (!inline) {
         String fileName = metadata.getResult().getFileName();
-        Matcher matcher = VARIABLE_PATTERN.matcher(fileName);
+        Matcher matcher = getFileNameMatcher(fileName);
         while (matcher.find()) {
           final String variable = matcher.group(1);
           String replacement = findReplacement(variable, metadata.getCompletionDate());
           fileName = fileName.replace("${" + variable + "}", replacement);
-          matcher = VARIABLE_PATTERN.matcher(fileName);
+          matcher = getFileNameMatcher(fileName);
         }
 
         fileName += "." + metadata.getResult().getFileExtension();
@@ -108,6 +108,13 @@ protected final void sendReportFile(
     }
   }
 
+  private static Matcher getFileNameMatcher(final String fileName) {
+    if (fileName.length() > 1000) {
+      throw new IllegalArgumentException("File name is too long");
+    }
+    return VARIABLE_PATTERN.matcher(fileName);
+  }
+
   /**
    * Update a variable name with a date if the variable is detected as being a date.
    *