Prevent crash on negative length patch

From the pcsxrearmed project via Solis.

1 files changed, 11 insertions, 24 deletions

diff --git a/libpcsxcore/psxbios.c b/libpcsxcore/psxbios.c
index 2f6ce415..2043ed90 100755
--- a/libpcsxcore/psxbios.c
+++ b/libpcsxcore/psxbios.c
@@ -615,14 +615,14 @@ void psxBios_tolower() { // 0x26
 
 void psxBios_bcopy() { // 0x27
 	char *p1 = (char *)Ra1, *p2 = (char *)Ra0;
-	while (a2-- > 0) *p1++ = *p2++;
+        while ((s32)a2-- > 0) *p1++ = *p2++;
 
 	pc0 = ra;
 }
 
 void psxBios_bzero() { // 0x28
 	char *p = (char *)Ra0;
-	while (a1-- > 0) *p++ = '\0';
+	while ((s32)a1-- > 0) *p++ = '\0';
 
 	pc0 = ra;
 }
@@ -632,7 +632,7 @@ void psxBios_bcmp() { // 0x29
 
 	if (a0 == 0 || a1 == 0) { v0 = 0; pc0 = ra; return; }
 
-	while (a2-- > 0) {
+	while ((s32)a2-- > 0) {
 		if (*p1++ != *p2++) {
 			v0 = *p1 - *p2; // BUG: compare the NEXT byte
 			pc0 = ra;
@@ -645,29 +645,16 @@ void psxBios_bcmp() { // 0x29
 
 void psxBios_memcpy() { // 0x2a
 	char *p1 = (char *)Ra0, *p2 = (char *)Ra1;
-	while (a2-- > 0) *p1++ = *p2++;
+	while ((s32)a2-- > 0) *p1++ = *p2++;
 
 	v0 = a0; pc0 = ra;
 }
 
 void psxBios_memset() { // 0x2b
-	a1 &= 0xff;
-
-	if(!a0)
-	{
-		v0 = 0; 
-	}
-	else
-	{
-		v0 = a0;
-		
-		while((s32)a2 > 0)
-		{
-			a2--;
-			*PSXM(a0) = a1;
-			a0++;
-		}
-	}
+	char *p = (char *)Ra0;
+	while ((s32)a2-- > 0) *p++ = (char)a1;
+	a2 = 0;
+	v0 = a0; pc0 = ra;
 	
 	pc0 = ra;
 }
@@ -679,9 +666,9 @@ void psxBios_memmove() { // 0x2c
 		a2++; // BUG: copy one more byte here
 		p1 += a2;
 		p2 += a2;
-		while (a2-- > 0) *--p1 = *--p2;
+		while ((s32)a2-- > 0) *--p1 = *--p2;
 	} else {
-		while (a2-- > 0) *p1++ = *p2++;
+		while ((s32)a2-- > 0) *p1++ = *p2++;
 	}
 
 	v0 = a0; pc0 = ra;
@@ -694,7 +681,7 @@ void psxBios_memcmp() { // 0x2d
 void psxBios_memchr() { // 0x2e
 	char *p = (char *)Ra0;
 
-	while (a2-- > 0) {
+	while ((s32)a2-- > 0) {
 		if (*p++ != (s8)a1) continue;
 		v0 = a0 + (p - (char *)Ra0 - 1);
 		pc0 = ra;