From 48cb56d8efa4b9d7e11948801de46d0275b473e8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Axel=20D=C3=B6rfler?= <axeld@pinc-software.de>
Date: Thu, 13 Aug 2009 14:21:18 +0000
Subject: [PATCH] * We also shouldn't try to copy if the dirent is too large,
 obviously.

git-svn-id: file:///srv/svn/repos/haiku/haiku/trunk@32314 a95241bf-73f2-0310-859d-f6bbb57e9c96
---
 src/system/kernel/fs/vfs.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/system/kernel/fs/vfs.cpp b/src/system/kernel/fs/vfs.cpp
index 9acaf3b98e..dbf892812e 100644
--- a/src/system/kernel/fs/vfs.cpp
+++ b/src/system/kernel/fs/vfs.cpp
@@ -5564,7 +5564,8 @@ fix_dirent(struct vnode* parent, struct dirent* userEntry,
 		ASSERT(entry->d_reclen >= sizeof(struct dirent));
 
 		// This hints to a problem in the file system implementation
-		if (entry->d_reclen < sizeof(struct dirent))
+		if (entry->d_reclen < sizeof(struct dirent)
+			|| entry->d_reclen > sizeof(buffer))
 			return B_BAD_DATA;
 
 		if (user_memcpy(entry->d_name, userEntry->d_name,