psxbios: don't crash on negative length

Contra Legacy of War does memset(..., -1)

1 files changed, 9 insertions, 8 deletions

diff --git a/libpcsxcore/psxbios.c b/libpcsxcore/psxbios.c
index 144a7b4..292d80d 100644
--- a/libpcsxcore/psxbios.c
+++ b/libpcsxcore/psxbios.c
@@ -613,14 +613,14 @@ void psxBios_tolower() { // 0x26
 
 void psxBios_bcopy() { // 0x27
 	char *p1 = (char *)Ra1, *p2 = (char *)Ra0;
-	while (a2-- > 0) *p1++ = *p2++;
+	while ((s32)a2-- > 0) *p1++ = *p2++;
 
 	pc0 = ra;
 }
 
 void psxBios_bzero() { // 0x28
 	char *p = (char *)Ra0;
-	while (a1-- > 0) *p++ = '\0';
+	while ((s32)a1-- > 0) *p++ = '\0';
 
 	pc0 = ra;
 }
@@ -630,7 +630,7 @@ void psxBios_bcmp() { // 0x29
 
 	if (a0 == 0 || a1 == 0) { v0 = 0; pc0 = ra; return; }
 
-	while (a2-- > 0) {
+	while ((s32)a2-- > 0) {
 		if (*p1++ != *p2++) {
 			v0 = *p1 - *p2; // BUG: compare the NEXT byte
 			pc0 = ra;
@@ -643,15 +643,16 @@ void psxBios_bcmp() { // 0x29
 
 void psxBios_memcpy() { // 0x2a
 	char *p1 = (char *)Ra0, *p2 = (char *)Ra1;
-	while (a2-- > 0) *p1++ = *p2++;
+	while ((s32)a2-- > 0) *p1++ = *p2++;
 
 	v0 = a0; pc0 = ra;
 }
 
 void psxBios_memset() { // 0x2b
 	char *p = (char *)Ra0;
-	while (a2-- > 0) *p++ = (char)a1;
+	while ((s32)a2-- > 0) *p++ = (char)a1;
 
+	a2 = 0;
 	v0 = a0; pc0 = ra;
 }
 
@@ -662,9 +663,9 @@ void psxBios_memmove() { // 0x2c
 		a2++; // BUG: copy one more byte here
 		p1 += a2;
 		p2 += a2;
-		while (a2-- > 0) *--p1 = *--p2;
+		while ((s32)a2-- > 0) *--p1 = *--p2;
 	} else {
-		while (a2-- > 0) *p1++ = *p2++;
+		while ((s32)a2-- > 0) *p1++ = *p2++;
 	}
 
 	v0 = a0; pc0 = ra;
@@ -677,7 +678,7 @@ void psxBios_memcmp() { // 0x2d
 void psxBios_memchr() { // 0x2e
 	char *p = (char *)Ra0;
 
-	while (a2-- > 0) {
+	while ((s32)a2-- > 0) {
 		if (*p++ != (s8)a1) continue;
 		v0 = a0 + (p - (char *)Ra0 - 1);
 		pc0 = ra;