The functions were incorrectly using 4 byte loads to probe for
the address validity. While the comment on JIT_MemCpy requires
4 byte aligned address, it doesn't match the way JIT uses it and
the Windows version of the function works with unaligned addresses
too.
This bug was discovered as a crash in an application where the
JIT_MemCpy was called with count=2 and an address that was two
bytes below the end of a memory page where the following page
was not mapped.
it eq
bxeq lr
- ldr r3, [r0]
+ ldrb r3, [r0]
b C_PLTFUNC(memset)
//EXTERN_C void __stdcall JIT_MemCpy(void* _dest, const void *_src, size_t count)
LEAF_ENTRY JIT_MemCpy, _TEXT
//
-// It only requires 4 byte alignment
-// and doesn't return a value
cmp r2, #0
it eq
bxeq lr
- ldr r3, [r0]
- ldr r3, [r1]
+ ldrb r3, [r0]
+ ldrb r3, [r1]
b C_PLTFUNC(memcpy)