--- a/src/lib-index/mail-index.c	Tue Jan 16 19:00:38 2007 +0200
+++ b/src/lib-index/mail-index.c	Tue Jan 16 20:27:44 2007 +0200
@@ -342,6 +342,17 @@
 			return -1;
 		}
 
+		if (map->hdr.record_size <
+		    ext_hdr->record_offset + ext_hdr->record_size) {
+			mail_index_set_error(index, "Corrupted index file %s: "
+				"Record field %s points outside record size "
+				"(%u < %u+%u)", index->filepath, name,
+				map->hdr.record_size,
+				ext_hdr->record_offset, ext_hdr->record_size);
+			t_pop();
+			return -1;
+		}
+
 		if ((ext_hdr->record_offset % ext_hdr->record_align) != 0 ||
 		    (map->hdr.record_size % ext_hdr->record_align) != 0) {
 			mail_index_set_error(index, "Corrupted index file %s: "
@@ -350,7 +361,6 @@
 			t_pop();
 			return -1;
 		}
-
 		mail_index_map_register_ext(index, map, name,
 					    offset, ext_hdr->hdr_size,
 					    ext_hdr->record_offset,