diff --git a/src/processor/minidump.cc b/src/processor/minidump.cc
index 63f48ffe..45e4a524 100644
--- a/src/processor/minidump.cc
+++ b/src/processor/minidump.cc
@@ -76,6 +76,11 @@ using std::vector;
 
 namespace {
 
+// Limit arrived at by adding up possible states in Intel Ch. 13.5 X-SAVE
+// MANAGED STATE
+// (~ 3680 bytes) plus some extra for the future.
+const uint32_t kMaxXSaveAreaSize = 16384;
+
 // Returns true iff |context_size| matches exactly one of the sizes of the
 // various MDRawContext* types.
 // TODO(blundell): This function can be removed once
@@ -507,6 +512,10 @@ bool MinidumpContext::Read(uint32_t expected_size) {
     // sizeof(MDRawContextAMD64). For now we skip this extended data.
     if (expected_size > sizeof(MDRawContextAMD64)) {
       size_t bytes_left = expected_size - sizeof(MDRawContextAMD64);
+      if (bytes_left > kMaxXSaveAreaSize) {
+        BPLOG(ERROR) << "MinidumpContext oversized xstate area";
+        return false;
+      }
       std::vector<uint8_t> xstate(bytes_left);
       if (!minidump_->ReadBytes(xstate.data(),
                                 bytes_left)) {