diff --git a/core/modules/file/src/Plugin/Field/FieldType/FileItem.php b/core/modules/file/src/Plugin/Field/FieldType/FileItem.php
index 8dd882de02..92acb96094 100644
--- a/core/modules/file/src/Plugin/Field/FieldType/FileItem.php
+++ b/core/modules/file/src/Plugin/Field/FieldType/FileItem.php
@@ -12,6 +12,7 @@ use Drupal\Core\Field\Plugin\Field\FieldType\EntityReferenceItem;
 use Drupal\Core\File\FileSystemInterface;
 use Drupal\Core\Form\FormStateInterface;
 use Drupal\Core\StreamWrapper\StreamWrapperInterface;
+use Drupal\Core\StringTranslation\TranslatableMarkup;
 use Drupal\Core\TypedData\DataDefinition;
 
 /**
@@ -105,6 +106,65 @@ class FileItem extends EntityReferenceItem {
     return $properties;
   }
 
+  /**
+   * Strips spaces from a string of text.
+   *
+   * @param string $string
+   *   A string representing a size (5mb, 500GB etc)
+   *
+   * @return string
+   *   Returns the inputted string with spaces removed.
+   */
+  private static function stripSpacesFromString($string) {
+    return str_replace(' ', '', $string);
+  }
+
+  /**
+   * Determines that a string does not start with a number.
+   *
+   * @param string $string
+   *   A string representing a size (5mb, 500GB etc)
+   *
+   * @return bool
+   *   TRUE if the string does not start with a numeric char, FALSE otherwise.
+   */
+  private static function stringNotStartWithNumber($string) {
+    return !preg_match('/^[0-9]/', $string);
+  }
+
+  /**
+   * Determines if a string has numberic chars following after alpha chars.
+   *
+   * @param string $string
+   *   A string representing a size (5mb, 500GB etc)
+   *
+   * @return bool
+   *   TRUE if the string has numeric values following after alpha chars.
+   */
+  private static function hasNumbersFollowingAlphaCharInString($string) {
+    return preg_match('/[a-zA-Z]+(\d+)/', $string);
+  }
+
+  /**
+   * Determines if Bytes:toInt() is able to parse the given string.
+   *
+   * @param string $string
+   *   A string representing a size (5mb, 500GB etc)
+   *
+   * @return bool
+   *   TRUE if string can be parsed by Bytes::toInt(), FALSE otherwise.
+   */
+  private static function toIntCanParseString($string) {
+    $valid = TRUE;
+    try {
+      Bytes::toInt($string);
+    }
+    catch (\Exception $e) {
+      $valid = FALSE;
+    }
+    return $valid;
+  }
+
   /**
    * {@inheritdoc}
    */
@@ -197,11 +257,11 @@ class FileItem extends EntityReferenceItem {
   }
 
   /**
-   * Form API callback
+   * Form API callback.
    *
    * Removes slashes from the beginning and end of the destination value and
-   * ensures that the file directory path is not included at the beginning of the
-   * value.
+   * ensures that the file directory path is not included at the beginning of
+   * the value.
    *
    * This function is assigned as an #element_validate callback in
    * fieldSettingsForm().
@@ -220,7 +280,8 @@ class FileItem extends EntityReferenceItem {
    *
    * This doubles as a convenience clean-up function and a validation routine.
    * Commas are allowed by the end-user, but ultimately the value will be stored
-   * as a space-separated list for compatibility with file_validate_extensions().
+   * as a space-separated list for compatibility with
+   * file_validate_extensions().
    */
   public static function validateExtensions($element, FormStateInterface $form_state) {
     if (!empty($element['#value'])) {
@@ -246,9 +307,26 @@ class FileItem extends EntityReferenceItem {
    * fieldSettingsForm().
    */
   public static function validateMaxFilesize($element, FormStateInterface $form_state) {
-    if (!empty($element['#value']) && !is_numeric(Bytes::toInt($element['#value']))) {
-      $form_state->setError($element, t('The "@name" option must contain a valid value. You may either leave the text field empty or enter a string like "512" (bytes), "80 KB" (kilobytes) or "50 MB" (megabytes).', ['@name' => $element['title']]));
+
+    $size = self::stripSpacesFromString($element['#value']);
+
+    $not_start_with_number = self::stringNotStartWithNumber($size);
+    $has_numbers_after_alpha_chars = self::hasNumbersFollowingAlphaCharInString($size);
+
+    // Theoretically the above validation should have prevented
+    // invalid data getting this far.
+    // Passing to toInt() for good measure.
+    if (
+      $not_start_with_number
+      ||
+      $has_numbers_after_alpha_chars
+      ||
+      !self::toIntCanParseString($size)
+    ) {
+      $translatable_markup = new TranslatableMarkup('The "@name" option must contain a valid value. You may either leave the text field empty or enter a string like "512" (bytes), "80 KB" (kilobytes) or "50 MB" (megabytes).', ['@name' => $element['#title']]);
+      $form_state->setError($element, $translatable_markup);
     }
+
   }
 
   /**
@@ -259,11 +337,10 @@ class FileItem extends EntityReferenceItem {
    *
    * @return string
    *   An unsanitized file directory URI with tokens replaced. The result of
-   *   the token replacement is then converted to plain text and returned.
-   *
+   *   the token replacement is then converted to plain text and returned. *
    * @see \Drupal\Core\Utility\Token::replace()
    */
-  public function getUploadLocation($data = []) {
+  public function getUploadLocation(array $data = []) {
     return static::doGetUploadLocation($this->getSettings(), $data);
   }
 
@@ -281,7 +358,7 @@ class FileItem extends EntityReferenceItem {
    *
    * @see \Drupal\Core\Utility\Token::replace()
    */
-  protected static function doGetUploadLocation(array $settings, $data = []) {
+  protected static function doGetUploadLocation(array $settings, array $data = []) {
     $destination = trim($settings['file_directory'], '/');
 
     // Replace tokens. As the tokens might contain HTML we convert it to plain
diff --git a/core/modules/file/tests/src/Unit/FileItemFieldSettingsFormTest.php b/core/modules/file/tests/src/Unit/FileItemFieldSettingsFormTest.php
new file mode 100644
index 0000000000..b9ef564c25
--- /dev/null
+++ b/core/modules/file/tests/src/Unit/FileItemFieldSettingsFormTest.php
@@ -0,0 +1,68 @@
+<?php
+
+namespace Drupal\Tests\file\Unit;
+
+use Drupal\Core\Form\FormState;
+use Drupal\Core\StringTranslation\TranslatableMarkup;
+use Drupal\file\Plugin\Field\FieldType\FileItem;
+use Drupal\Tests\UnitTestCase;
+use Prophecy\Argument;
+
+/**
+ * Tests FileItem's settings form's validation.
+ *
+ * @group file
+ */
+class FileItemFieldSettingsFormTest extends UnitTestCase {
+
+  /**
+   * Tests that a sane Max file size is entered.
+   */
+  public function testValidateMaxfilesize() {
+
+    $inputs = [
+      '0' => FALSE,
+      '0bytes' => FALSE,
+      '0 bytes' => FALSE,
+      '0 K' => FALSE,
+      '100bytes' => FALSE,
+      '10000' => FALSE,
+      '100bytes' => FALSE,
+      '100 bytes' => FALSE,
+      '999989 bytes' => FALSE,
+      '999989bytes' => FALSE,
+      '2' => FALSE,
+      '3K' => FALSE,
+      '5MB' => FALSE,
+      '10G' => FALSE,
+      '6GiB' => FALSE,
+      '8bytes' => FALSE,
+      '9mbytes' => FALSE,
+      // Should we allow these spaces?
+      '1 0 0 0 0 m b y tes' => FALSE,
+      'nonumbers' => TRUE,
+      'bread' => TRUE,
+      'bananas' => TRUE,
+      '1234b1' => TRUE,
+      '543xd1' => TRUE,
+      '' => TRUE,
+      NULL => TRUE,
+      '-1' => TRUE,
+      '-975' => TRUE,
+    ];
+
+    foreach ($inputs as $input => $should_error) {
+      $element = [
+        '#title' => 'Maximum upload size',
+        '#value' => $input,
+      ];
+
+      $form_state = $this->prophesize(FormState::class);
+      if ($should_error) {
+        $form_state->setError($element, Argument::type(TranslatableMarkup::class))->shouldBeCalled();
+      }
+      FileItem::validateMaxFilesize($element, $form_state->reveal());
+    }
+  }
+
+}