Introduce a SafeFreePool() that doesn't assert on NULL

pbatard · pbatard · commit dc6488655b95 · 2023-06-11T16:17:05.000+01:00
* On release/consumer hardware, FreePool(NULL) is valid and does nothing, but on DEBUG builds, it may trigger an assert. * We therefore introduce SafeFreePool() to take care of these scenarios. * Closes #5.
diff --git a/include/uefi-driver/uefi_support.h b/include/uefi-driver/uefi_support.h
@@ -1,6 +1,6 @@
 /* uefi_support.h - UEFI support declarations */
 /*
- *  Copyright © 2014-2021 Pete Batard <pete@akeo.ie>
+ *  Copyright © 2014-2023 Pete Batard <pete@akeo.ie>
  *
  *  This program is free software: you can redistribute it and/or modify
  *  it under the terms of the GNU General Public License as published by
@@ -137,6 +137,12 @@ static __inline UINTN _SafeStrSize(CONST CHAR16* String, CONST CHAR8* File,
 
 #define SafeStrSize(s) _SafeStrSize(s, __FILE__, __LINE__)
 
+/*
+ * Secure FreePool that doesn't assert on NULL and sets the pointer
+ * passed as parameter to NULL after freeing it.
+ */
+#define SafeFreePool(p) if (p != NULL) { FreePool(p), p = NULL; }
+
 /*
  * EDK2 does not provide a StrDup call, so we define one.
  */
diff --git a/uefi-driver/uefi_bridge.c b/uefi-driver/uefi_bridge.c
@@ -1,6 +1,6 @@
 /* uefi_bridge.c - libntfs-3g interface for UEFI */
 /*
- *  Copyright © 2021 Pete Batard <pete@akeo.ie>
+ *  Copyright © 2021-2023 Pete Batard <pete@akeo.ie>
  *
  *  Parts taken from lowntfs-3g.c:
  *  Copyright © 2005-2007 Yura Pakhuchiy
@@ -629,7 +629,7 @@ NtfsFreeFile(EFI_NTFS_FILE* File)
 		return;
 	/* Only destroy a file that has no refs */
 	if (File->RefCount <= 0) {
-		FreePool(File->Path);
+		SafeFreePool(File->Path);
 		FreePool(File);
 	}
 }
diff --git a/uefi-driver/uefi_driver.c b/uefi-driver/uefi_driver.c
@@ -1,6 +1,6 @@
 /* uefi_driver.c - ntfs-3g UEFI filesystem driver */
 /*
- *  Copyright © 2014-2021 Pete Batard <pete@akeo.ie>
+ *  Copyright © 2014-2023 Pete Batard <pete@akeo.ie>
  *  Based on iPXE's efi_driver.c and efi_file.c:
  *  Copyright © 2011,2013 Michael Brown <mbrown@fensystems.co.uk>
  *
@@ -108,8 +108,7 @@ static VOID
 FreeFsInstance(EFI_FS* Instance) {
 	if (Instance == NULL)
 		return;
-	if (Instance->DevicePathString != NULL)
-		FreePool(Instance->DevicePathString);
+	SafeFreePool(Instance->DevicePathString);
 	FreePool(Instance);
 }
 
diff --git a/uefi-driver/uefi_file.c b/uefi-driver/uefi_file.c
@@ -192,7 +192,7 @@ FileOpen(EFI_FILE_HANDLE This, EFI_FILE_HANDLE* New,
 		/* NB: This call only destroys the file if RefCount = 0 */
 		NtfsFreeFile(NewFile);
 	}
-	FreePool(Path);
+	SafeFreePool(Path);
 	return Status;
 }
 

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`/* uefi_bridge.c - libntfs-3g interface for UEFI */`
`2`	`2`	`/*`
`3`		`- * Copyright © 2021 Pete Batard <pete@akeo.ie>`
	`3`	`+ * Copyright © 2021-2023 Pete Batard <pete@akeo.ie>`
`4`	`4`	`*`
`5`	`5`	`* Parts taken from lowntfs-3g.c:`
`6`	`6`	`* Copyright © 2005-2007 Yura Pakhuchiy`
`@@ -629,7 +629,7 @@ NtfsFreeFile(EFI_NTFS_FILE* File)`
`629`	`629`	`return;`
`630`	`630`	`/* Only destroy a file that has no refs */`
`631`	`631`	`if (File->RefCount <= 0) {`
`632`		`- FreePool(File->Path);`
	`632`	`+ SafeFreePool(File->Path);`
`633`	`633`	`FreePool(File);`
`634`	`634`	`}`
`635`	`635`	`}`
Original file line number	Diff line number	Diff line change
`@@ -192,7 +192,7 @@ FileOpen(EFI_FILE_HANDLE This, EFI_FILE_HANDLE* New,`
`192`	`192`	`/* NB: This call only destroys the file if RefCount = 0 */`
`193`	`193`	`NtfsFreeFile(NewFile);`
`194`	`194`	`}`
`195`		`- FreePool(Path);`
	`195`	`+ SafeFreePool(Path);`
`196`	`196`	`return Status;`
`197`	`197`	`}`
`198`	`198`