The code in question is
if (!memcmp(from, tmp_file_prefix, tmp_file_prefix_length))
The problem here is that 'from' can have length < 4 (=tmp_file_prefix_length), and there might be anything past the end of from, for example another page with unmapped memory
The problem is found with Windows Application verifier, that tweaks heap allocations in a way that they are places at the end of the page. Quite a lot of innodb tests crash in this function, when mysqld is run under application verifier.