From a1fc444ddcddf80a4d2612ee540eaee6c6b3d2d4 Mon Sep 17 00:00:00 2001
From: Eric Sandeen <sandeen@redhat.com>
Date: Sat, 10 Feb 2007 01:45:06 -0800
Subject: [PATCH] --- yaml --- r: 47523 b: refs/heads/master c:
 d8adb9cef7e406a9a82881695097c702bc98422f h: refs/heads/master i:   47521:
 de029bfc5cebfa6077d4d12a29ac920459c739e6   47519:
 14dbc6792e78a857684a057158047d6c5c74cb2a v: v3

---
 [refs]              | 2 +-
 trunk/fs/ext2/dir.c | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/[refs] b/[refs]
index f6f3bc24b512..86bb5ad3aa6f 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: 23c887522e912ca494950796a95df8dd210f4b01
+refs/heads/master: d8adb9cef7e406a9a82881695097c702bc98422f
diff --git a/trunk/fs/ext2/dir.c b/trunk/fs/ext2/dir.c
index 0b02ba9642d2..e89bfc8cf957 100644
--- a/trunk/fs/ext2/dir.c
+++ b/trunk/fs/ext2/dir.c
@@ -368,6 +368,14 @@ struct ext2_dir_entry_2 * ext2_find_entry (struct inode * dir,
 		}
 		if (++n >= npages)
 			n = 0;
+		/* next page is past the blocks we've got */
+		if (unlikely(n > (dir->i_blocks >> (PAGE_CACHE_SHIFT - 9)))) {
+			ext2_error(dir->i_sb, __FUNCTION__,
+				"dir %lu size %lld exceeds block count %llu",
+				dir->i_ino, dir->i_size,
+				(unsigned long long)dir->i_blocks);
+			goto out;
+		}
 	} while (n != start);
 out:
 	return NULL;