all repos — mgba @ 6f82448aa952ab5e68aac930c339a9501c46b680

mGBA Game Boy Advance Emulator

GBA: Check for corrupted savestates when loading
Jeffrey Pfau jeffrey@endrift.com
Mon, 01 Jun 2015 20:52:45 -0700
commit

6f82448aa952ab5e68aac930c339a9501c46b680

parent

c5e13c4a32c7259943a38730d5ab6cd6783f4cd4

2 files changed, 17 insertions(+), 0 deletions(-)

jump to
M CHANGESCHANGES 
@@ -6,6 +6,7 @@ - Qt: Better cleanup when a game crashes
  - Qt: Fix open ROM dialog filtering for archive formats
  - ARM7: Fix Thumb MUL timing
  - GBA: Cap audio FIFO read size during deserialization
+ - GBA: Check for corrupted savestates when loading
 Misc:
  - All: Fix sanitize-deb script to set file permissions properly if run as (fake)root
  - All: Enable static linking for Windows
M src/gba/serialize.csrc/gba/serialize.c 
@@ -74,6 +74,22 @@ }
 	if (state->romCrc32 != gba->romCrc32) {
 		GBALog(gba, GBA_LOG_WARN, "Savestate is for a different version of the game");
 	}
+	if (state->cpu.cycles < 0) {
+		GBALog(gba, GBA_LOG_WARN, "Savestate is corrupted: CPU cycles are negative");
+		return;
+	}
+	if (state->video.nextHblank - state->video.eventDiff < 0) {
+		GBALog(gba, GBA_LOG_WARN, "Savestate is corrupted: nextHblank is negative");
+		return;
+	}
+	if (state->video.lastHblank - state->video.eventDiff < -VIDEO_HBLANK_LENGTH) {
+		GBALog(gba, GBA_LOG_WARN, "Savestate is corrupted: lastHblank is negative");
+		return;
+	}
+	if (state->timers[0].overflowInterval < 0 || state->timers[1].overflowInterval < 0 || state->timers[2].overflowInterval < 0 || state->timers[3].overflowInterval < 0) {
+		GBALog(gba, GBA_LOG_WARN, "Savestate is corrupted: overflowInterval is negative");
+		return;
+	}
 	memcpy(gba->cpu->gprs, state->cpu.gprs, sizeof(gba->cpu->gprs));
 	gba->cpu->cpsr = state->cpu.cpsr;
 	gba->cpu->spsr = state->cpu.spsr;