diff --git a/fs/orangefs/xattr.c b/fs/orangefs/xattr.c
index 75a7dde8cc5f9ddaf26326d54f6bef8c22459ead..ef5da7538cd5177f78c31542121ad36f2d24115e 100644
--- a/fs/orangefs/xattr.c
+++ b/fs/orangefs/xattr.c
@@ -394,6 +394,7 @@ ssize_t orangefs_listxattr(struct dentry *dentry, char *buffer, size_t size)
 		gossip_err("%s: impossible value for returned_count:%d:\n",
 		__func__,
 		returned_count);
+		ret = -EIO;
 		goto done;
 	}
 
@@ -401,6 +402,15 @@ ssize_t orangefs_listxattr(struct dentry *dentry, char *buffer, size_t size)
 	 * Check to see how much can be fit in the buffer. Fit only whole keys.
 	 */
 	for (i = 0; i < returned_count; i++) {
+		if (new_op->downcall.resp.listxattr.lengths[i] < 0 ||
+		    new_op->downcall.resp.listxattr.lengths[i] >
+		    ORANGEFS_MAX_XATTR_NAMELEN) {
+			gossip_err("%s: impossible value for lengths[%d]\n",
+			    __func__,
+			    new_op->downcall.resp.listxattr.lengths[i]);
+			ret = -EIO;
+			goto done;
+		}
 		if (total + new_op->downcall.resp.listxattr.lengths[i] > size)
 			goto done;