From 4b456306da5c4e57242bf0d84a190f8c33929523 Mon Sep 17 00:00:00 2001
From: Brandon Wright <bearoso@gmail.com>
Date: Sat, 20 Jun 2020 11:05:25 -0500
Subject: [PATCH] Remove out-of-bounds access with macs rifle data.

Don't access past the end of the internal array, just use the
internal_macs variable directly.
---
 controls.cpp | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/controls.cpp b/controls.cpp
index 58364eab..f7918155 100644
--- a/controls.cpp
+++ b/controls.cpp
@@ -3515,11 +3515,17 @@ void S9xControlPreSaveState (struct SControlSnapshot *s)
 		for (int k = 0; k < 2; k++)
 			COPY(mp5[j].pads[k]);
 
+	assert(i == sizeof(s->internal));
+
+	#undef COPY
+	#define COPY(x)	{ memcpy((char *) s->internal_macs + i, &(x), sizeof(x)); i += sizeof(x); }
+	i = 0;
+
 	COPY(macsrifle.x);
 	COPY(macsrifle.y);
 	COPY(macsrifle.buttons);
 
-	assert(i == sizeof(s->internal) + sizeof(s->internal_macs));
+	assert(i == sizeof(s->internal_macs));
 
 #undef COPY
 
@@ -3594,11 +3600,15 @@ void S9xControlPostLoadState (struct SControlSnapshot *s)
 
 		if (s->ver > 3)
 		{
+			#undef COPY
+			#define COPY(x)	{ memcpy(&(x), (char *) s->internal_macs + i, sizeof(x)); i += sizeof(x); }
+			i = 0;
+
 			COPY(macsrifle.x);
 			COPY(macsrifle.y);
 			COPY(macsrifle.buttons);
 
-			assert(i == sizeof(s->internal) + sizeof(s->internal_macs));
+			assert(i == sizeof(s->internal_macs));
 		}
 
 	#undef COPY