diff --git a/HISTORY b/HISTORY
index b0a836a..87bae49 100644
--- a/HISTORY
+++ b/HISTORY
@@ -1,11 +1,12 @@
 
-Version 5.07  2015-08-16
+Version 5.07  2015-08-17
  * schedule task add the "second" field
  * make.sh changed, you must upgrade libfastcommon to V1.20 or later
  * bug fixed: storage_disk_recovery.c skip the first file (binlog first line)
  * bug fixed: should close connection after fetch binlog
  * fdfs_storaged.c: advance the position of daemon_init
  * set log rotate time format
+ * bug fixed: must check store_path_index
 
 Version 5.06  2015-05-12
  * compile passed in mac OS Darwin
diff --git a/storage/storage_service.c b/storage/storage_service.c
index 0a734eb..fc47660 100644
--- a/storage/storage_service.c
+++ b/storage/storage_service.c
@@ -3758,6 +3758,15 @@ static int storage_server_trunk_alloc_space(struct fast_task_info *pTask)
 	}
 
 	trunkInfo.path.store_path_index = *(in_buff+FDFS_GROUP_NAME_MAX_LEN+4);
+    if (trunkInfo.path.store_path_index < 0 ||
+            trunkInfo.path.store_path_index >= g_fdfs_store_paths.count)
+    {
+		logError("file: "__FILE__", line: %d, " \
+			"client ip: %s, store_path_index: %d " \
+			"is invalid", __LINE__, \
+			pTask->client_ip, trunkInfo.path.store_path_index);
+		return EINVAL;
+    }
 	if ((result=trunk_alloc_space(file_size, &trunkInfo)) != 0)
 	{
 		return result;
@@ -3981,6 +3990,16 @@ static int storage_server_trunk_confirm_or_free(struct fast_task_info *pTask)
 	trunkInfo.file.offset = buff2int(pTrunkBuff->offset);
 	trunkInfo.file.size = buff2int(pTrunkBuff->size);
 
+    if (trunkInfo.path.store_path_index < 0 ||
+            trunkInfo.path.store_path_index >= g_fdfs_store_paths.count)
+    {
+		logError("file: "__FILE__", line: %d, " \
+			"client ip: %s, store_path_index: %d " \
+			"is invalid", __LINE__, \
+			pTask->client_ip, trunkInfo.path.store_path_index);
+		return EINVAL;
+    }
+
 	if (pHeader->cmd == STORAGE_PROTO_CMD_TRUNK_ALLOC_CONFIRM)
 	{
 		return trunk_alloc_confirm(&trunkInfo, pHeader->status);
diff --git a/storage/trunk_mgr/trunk_mem.c b/storage/trunk_mgr/trunk_mem.c
index f3f848c..4dec99f 100644
--- a/storage/trunk_mgr/trunk_mem.c
+++ b/storage/trunk_mgr/trunk_mem.c
@@ -750,6 +750,15 @@ static int storage_trunk_restore(const int64_t restore_offset)
 			break;
 		}
 
+        if (record.trunk.path.store_path_index < 0 ||
+                record.trunk.path.store_path_index >= g_fdfs_store_paths.count)
+        {
+	    	logError("file: "__FILE__", line: %d, " \
+		    	"store_path_index: %d is invalid", __LINE__, \
+		    	record.trunk.path.store_path_index);
+		    return EINVAL;
+        }
+
 		line_count++;
 		if (record.op_type == TRUNK_OP_TYPE_ADD_SPACE)
 		{
@@ -784,8 +793,7 @@ static int storage_trunk_restore(const int64_t restore_offset)
 					logError("file: "__FILE__", line: %d, "\
 						"avl_tree_insert fail, " \
 						"errno: %d, error info: %s", \
-						__LINE__, result, \
-						STRERROR(result));
+						__LINE__, result, STRERROR(result));
 					return result;
 				}
 				else if (result == 0)