diff --git a/ChangeLog b/ChangeLog
index 6100a35f9..f731ade46 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2005-06-30  Richard Frith-Macdonald <rfm@gnu.org>
+
+	* Source/NSSerializer.m: deserializeFromInfo() check that cross
+	reference indices are valid and raise an exception if not ... should
+	fix bug reported by Roland Schwingel, where trying to deserialize a
+	corrupt file could cause a crash.
+
 2005-06-28  Adam Fedor  <fedor@gnu.org>
 
 	* Source/NSInvocation.m (-getReturnValue:, -setReturnValue:): Only
diff --git a/Source/NSSerializer.m b/Source/NSSerializer.m
index 9ac99a6af..5d776d523 100644
--- a/Source/NSSerializer.m
+++ b/Source/NSSerializer.m
@@ -520,7 +520,9 @@ static void
 endDeserializerInfo(_NSDeserializerInfo* info)
 {
   if (info->didUnique)
-    GSIArrayEmpty(&info->array);
+    {
+      GSIArrayEmpty(&info->array);
+    }
 }
 
 static id
@@ -536,7 +538,15 @@ deserializeFromInfo(_NSDeserializerInfo* info)
       case ST_XREF:
 	{
 	  size = (*info->deiImp)(info->data, deiSel, info->cursor);
-	  return RETAIN(GSIArrayItemAtIndex(&info->array, size).obj);
+	  if (size < GSIArrayCount(&info->array))
+	    {
+	      return RETAIN(GSIArrayItemAtIndex(&info->array, size).obj);
+	    }
+	  else
+	    {
+	      [NSException raise: NSInvalidArgumentException
+			  format: @"Bad cross reference in property list"];
+	    }
 	}
 
       case ST_CSTRING: