From 77a5b8bf749d059ed3966dc7b6c4a67d265fc69b Mon Sep 17 00:00:00 2001
From: esaunders <esaunders@basistech.com>
Date: Tue, 3 Dec 2019 17:28:38 -0500
Subject: [PATCH 2/2] Ensure that we don't attempt to index into an invalid
 offset in imap_buf.

---
 tsk/fs/ext2fs.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/tsk/fs/ext2fs.c b/tsk/fs/ext2fs.c
index 5a480856..14715c11 100755
--- a/tsk/fs/ext2fs.c
+++ b/tsk/fs/ext2fs.c
@@ -1051,6 +1051,19 @@ ext2fs_inode_walk(TSK_FS_INFO * fs, TSK_INUM_T start_inum,
             grp_num * tsk_getu32(fs->endian,
             ext2fs->fs->s_inodes_per_group) + 1;
 
+        /*
+         * Ensure that inum - ibase refers to a valid offset in imap_buf.
+         */
+        if ((inum - ibase) > fs->block_size) {
+            tsk_release_lock(&ext2fs->lock);
+            free(dino_buf);
+            tsk_error_reset();
+            tsk_error_set_errno(TSK_ERR_FS_WALK_RNG);
+            tsk_error_set_errstr("%s: Invalid offset into imap_buf (inum %" PRIuINUM " - ibase %" PRIuINUM ")",
+                myname, inum, ibase);
+            return 1;
+        }
+
         /*
          * Apply the allocated/unallocated restriction.
          */
--