--- zzzz-none-000/linux-3.10.107/fs/squashfs/namei.c	2017-06-27 09:49:32.000000000 +0000
+++ scorpion-7490-727/linux-3.10.107/fs/squashfs/namei.c	2021-02-04 17:41:59.000000000 +0000
@@ -79,7 +79,8 @@
 			int len)
 {
 	struct squashfs_sb_info *msblk = sb->s_fs_info;
-	int i, size, length = 0, err;
+	int i, length = 0, err;
+	unsigned int size;
 	struct squashfs_dir_index *index;
 	char *str;
 
@@ -102,7 +103,9 @@
 			break;
 
 
-		size = le32_to_cpu(index->size) + 1;
+		size = squash_le32_to_cpu(index->size) + 1;
+		if (size > SQUASHFS_NAME_LEN)
+			break;
 
 		err = squashfs_read_metadata(sb, index->name, &index_start,
 					&index_offset, size);
@@ -114,8 +117,8 @@
 		if (strcmp(index->name, str) > 0)
 			break;
 
-		length = le32_to_cpu(index->index);
-		*next_block = le32_to_cpu(index->start_block) +
+		length = squash_le32_to_cpu(index->index);
+		*next_block = squash_le32_to_cpu(index->start_block) +
 					msblk->directory_table;
 	}
 
@@ -144,7 +147,8 @@
 	struct squashfs_dir_entry *dire;
 	u64 block = squashfs_i(dir)->start + msblk->directory_table;
 	int offset = squashfs_i(dir)->offset;
-	int err, length, dir_count, size;
+	int err, length;
+	unsigned int dir_count, size;
 
 	TRACE("Entered squashfs_lookup [%llx:%x]\n", block, offset);
 
@@ -175,7 +179,7 @@
 
 		length += sizeof(dirh);
 
-		dir_count = le32_to_cpu(dirh.count) + 1;
+		dir_count = squash_le32_to_cpu(dirh.count) + 1;
 
 		if (dir_count > SQUASHFS_DIR_COUNT)
 			goto data_error;
@@ -189,7 +193,7 @@
 			if (err < 0)
 				goto read_failure;
 
-			size = le16_to_cpu(dire->size) + 1;
+			size = squash_le16_to_cpu(dire->size) + 1;
 
 			/* size should never be larger than SQUASHFS_NAME_LEN */
 			if (size > SQUASHFS_NAME_LEN)
@@ -208,10 +212,10 @@
 			if (len == size && !strncmp(name, dire->name, len)) {
 				unsigned int blk, off, ino_num;
 				long long ino;
-				blk = le32_to_cpu(dirh.start_block);
-				off = le16_to_cpu(dire->offset);
-				ino_num = le32_to_cpu(dirh.inode_number) +
-					(short) le16_to_cpu(dire->inode_number);
+				blk = squash_le32_to_cpu(dirh.start_block);
+				off = squash_le16_to_cpu(dire->offset);
+				ino_num = squash_le32_to_cpu(dirh.inode_number) +
+					(short) squash_le16_to_cpu(dire->inode_number);
 				ino = SQUASHFS_MKINODE(blk, off);
 
 				TRACE("calling squashfs_iget for directory "