From 5bffa9496b8f4f07df7c69863ddc968c58eaabfe Mon Sep 17 00:00:00 2001
From: Eric Sesterhenn <snakebyte@gmx.de>
Date: Wed, 15 Oct 2008 22:04:08 -0700
Subject: [PATCH] --- yaml --- r: 114883 b: refs/heads/master c:
 efc7ffcb4237f8cb9938909041c4ed38f6e1bf40 h: refs/heads/master i:   114881:
 2de326a4f2165dc634f43caaa513c9ee678e6a16   114879:
 17bbd3f4274f1c8cfc1e3900fdd57fc9e62e0d2e v: v3

---
 [refs]                     | 2 +-
 trunk/fs/hfsplus/catalog.c | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/[refs] b/[refs]
index b954e936c216..9e37664e8d5e 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 81a73719d1bc77774f6ac91e2476f22c56f18baf
+refs/heads/master: efc7ffcb4237f8cb9938909041c4ed38f6e1bf40
diff --git a/trunk/fs/hfsplus/catalog.c b/trunk/fs/hfsplus/catalog.c
index ba117c445e78..f6874acb2cf2 100644
--- a/trunk/fs/hfsplus/catalog.c
+++ b/trunk/fs/hfsplus/catalog.c
@@ -168,6 +168,11 @@ int hfsplus_find_cat(struct super_block *sb, u32 cnid,
 		return -EIO;
 	}
 
+	if (be16_to_cpu(tmp.thread.nodeName.length) > 255) {
+		printk(KERN_ERR "hfs: catalog name length corrupted\n");
+		return -EIO;
+	}
+
 	hfsplus_cat_build_key_uni(fd->search_key, be32_to_cpu(tmp.thread.parentID),
 				 &tmp.thread.nodeName);
 	return hfs_brec_find(fd);