ChangeLog, dir_iterate.c:

  dir_iterate.c (ext2fs_process_dir_block): Check for corrupted
  	directory entry before calling the callback function.  This should
  	prevent some core dumps of insufficiently paranoid callback functions.
ChangeLog, unix.c:
  unix.c (main): Add missing space in the disk write-protected message.

2 files changed, 13 insertions, 6 deletions

diff --git a/lib/ext2fs/ChangeLog b/lib/ext2fs/ChangeLog
index 8b2e3729..9fc24e93 100644
--- a/lib/ext2fs/ChangeLog
+++ b/lib/ext2fs/ChangeLog
@@ -1,3 +1,10 @@
+1999-06-21    <tytso@rsts-11.mit.edu>
+
+	* dir_iterate.c (ext2fs_process_dir_block): Check for corrupted
+		directory entry before calling the callback function.
+		This should prevent some core dumps of insufficiently
+		paranoid callback functions.
+
 1999-05-29    <tytso@rsts-11.mit.edu>
 
 	* ext2fs.h: Add feature definition for AFS IMAGIC inodes.
diff --git a/lib/ext2fs/dir_iterate.c b/lib/ext2fs/dir_iterate.c
index 10a136a7..3fecf23f 100644
--- a/lib/ext2fs/dir_iterate.c
+++ b/lib/ext2fs/dir_iterate.c
@@ -98,6 +98,12 @@ int ext2fs_process_dir_block(ext2_filsys  	fs,
 
 	while (offset < fs->blocksize) {
 		dirent = (struct ext2_dir_entry *) (ctx->buf + offset);
+		if (((offset + dirent->rec_len) > fs->blocksize) ||
+		    (dirent->rec_len < 8) ||
+		    (((dirent->name_len & 0xFF)+8) > dirent->rec_len)) {
+			ctx->errcode = EXT2_ET_DIR_CORRUPTED;
+			return BLOCK_ABORT;
+		}
 		if (!dirent->inode &&
 		    !(ctx->flags & DIRENT_FLAG_INCLUDE_EMPTY))
 			goto next;
@@ -120,12 +126,6 @@ int ext2fs_process_dir_block(ext2_filsys  	fs,
 			break;
 		}
 next:		
-		if (((offset + dirent->rec_len) > fs->blocksize) ||
-		    (dirent->rec_len < 8) ||
-		    (((dirent->name_len & 0xFF)+8) > dirent->rec_len)) {
-			ctx->errcode = EXT2_ET_DIR_CORRUPTED;
-			return BLOCK_ABORT;
-		}
 		offset += dirent->rec_len;
 	}