From 502ca7abd7b689e15a4cfaf9ad0d346777215179 Mon Sep 17 00:00:00 2001
From: Jeffrey Pfau <jeffrey@endrift.com>
Date: Mon, 1 Jun 2015 20:53:41 -0700
Subject: [PATCH] GBA: Check for improperly sized savestates when loading

---
 CHANGES             | 1 +
 src/gba/serialize.c | 3 +++
 2 files changed, 4 insertions(+)

diff --git a/CHANGES b/CHANGES
index ea4cdd111..ae0e96536 100644
--- a/CHANGES
+++ b/CHANGES
@@ -35,6 +35,7 @@ Bugfixes:
  - Qt: Fix maximum year in sensor override
  - GBA: Cap audio FIFO read size during deserialization
  - GBA: Check for corrupted savestates when loading
+ - GBA: Check for improperly sized savestates when loading
 Misc:
  - Qt: Handle saving input settings better
  - Debugger: Free watchpoints in addition to breakpoints
diff --git a/src/gba/serialize.c b/src/gba/serialize.c
index fdcd85116..030a7d08b 100644
--- a/src/gba/serialize.c
+++ b/src/gba/serialize.c
@@ -264,6 +264,9 @@ bool GBALoadStateNamed(struct GBA* gba, struct VFile* vf) {
 		return _loadPNGState(gba, vf);
 	}
 	#endif
+	if (vf->size(vf) < (ssize_t) sizeof(struct GBASerializedState)) {
+		return false;
+	}
 	struct GBASerializedState* state = vf->map(vf, sizeof(struct GBASerializedState), MAP_READ);
 	if (!state) {
 		return false;