From 5ec7acdfb1bc4c3da372f7f8e1a0a1022becce21 Mon Sep 17 00:00:00 2001 From: notaz Date: Sun, 21 Dec 2014 21:27:02 +0200 Subject: [PATCH] psxbios: don't crash on negative length Contra Legacy of War does memset(..., -1) --- libpcsxcore/psxbios.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/libpcsxcore/psxbios.c b/libpcsxcore/psxbios.c index 144a7b4a..292d80d6 100644 --- a/libpcsxcore/psxbios.c +++ b/libpcsxcore/psxbios.c @@ -613,14 +613,14 @@ void psxBios_tolower() { // 0x26 void psxBios_bcopy() { // 0x27 char *p1 = (char *)Ra1, *p2 = (char *)Ra0; - while (a2-- > 0) *p1++ = *p2++; + while ((s32)a2-- > 0) *p1++ = *p2++; pc0 = ra; } void psxBios_bzero() { // 0x28 char *p = (char *)Ra0; - while (a1-- > 0) *p++ = '\0'; + while ((s32)a1-- > 0) *p++ = '\0'; pc0 = ra; } @@ -630,7 +630,7 @@ void psxBios_bcmp() { // 0x29 if (a0 == 0 || a1 == 0) { v0 = 0; pc0 = ra; return; } - while (a2-- > 0) { + while ((s32)a2-- > 0) { if (*p1++ != *p2++) { v0 = *p1 - *p2; // BUG: compare the NEXT byte pc0 = ra; @@ -643,15 +643,16 @@ void psxBios_bcmp() { // 0x29 void psxBios_memcpy() { // 0x2a char *p1 = (char *)Ra0, *p2 = (char *)Ra1; - while (a2-- > 0) *p1++ = *p2++; + while ((s32)a2-- > 0) *p1++ = *p2++; v0 = a0; pc0 = ra; } void psxBios_memset() { // 0x2b char *p = (char *)Ra0; - while (a2-- > 0) *p++ = (char)a1; + while ((s32)a2-- > 0) *p++ = (char)a1; + a2 = 0; v0 = a0; pc0 = ra; } @@ -662,9 +663,9 @@ void psxBios_memmove() { // 0x2c a2++; // BUG: copy one more byte here p1 += a2; p2 += a2; - while (a2-- > 0) *--p1 = *--p2; + while ((s32)a2-- > 0) *--p1 = *--p2; } else { - while (a2-- > 0) *p1++ = *p2++; + while ((s32)a2-- > 0) *p1++ = *p2++; } v0 = a0; pc0 = ra; @@ -677,7 +678,7 @@ void psxBios_memcmp() { // 0x2d void psxBios_memchr() { // 0x2e char *p = (char *)Ra0; - while (a2-- > 0) { + while ((s32)a2-- > 0) { if (*p++ != (s8)a1) continue; v0 = a0 + (p - (char *)Ra0 - 1); pc0 = ra; -- 2.39.2