- struct llog_rec_hdr *cur_rec = (struct llog_rec_hdr*)ptr;
- int idx = le32_to_cpu(cur_rec->lrh_index);
+ struct llog_rec_hdr *cur_rec;
+ int idx;
+
+ if (ptr + sizeof(struct llog_rec_hdr) >
+ file_buf + file_size) {
+ rc = -EINVAL;
+ llapi_error(LLAPI_MSG_ERROR, rc,
+ "The log is corrupt (too big at %d)", i);
+ goto clear_recs_buf;
+ }
+
+ cur_rec = (struct llog_rec_hdr *)ptr;
+ idx = le32_to_cpu(cur_rec->lrh_index);