diff --git a/smbacl.c b/smbacl.c
index 943b6f24..579e57ed 100644
--- a/smbacl.c
+++ b/smbacl.c
@@ -445,6 +445,9 @@ static void parse_dacl(struct user_namespace *user_ns,
 		return;
 	}
 
+	if (le16_to_cpu(pdacl->size) < sizeof(struct smb_acl))
+		return;
+
 	ksmbd_debug(SMB, "DACL revision %d size %d num aces %d\n",
 		    le16_to_cpu(pdacl->revision), le16_to_cpu(pdacl->size),
 		    le32_to_cpu(pdacl->num_aces));
@@ -456,7 +459,7 @@ static void parse_dacl(struct user_namespace *user_ns,
 	if (num_aces <= 0)
 		return;
 
-	if (num_aces > ULONG_MAX / sizeof(struct smb_ace *))
+	if (num_aces > (le16_to_cpu(pdacl->size) - sizeof(struct smb_acl)) / sizeof(struct smb_ace *))
 		return;
 
 	ret = init_acl_state(&acl_state, num_aces);