summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLaszlo Ersek <lersek@redhat.com>2016-02-24 21:00:04 +0100
committerHao Wu <hao.a.wu@intel.com>2016-02-26 09:44:10 +0800
commitd14fd60dc0227b6fa9b18a344fb2aa0e73303a4b (patch)
treee6acc594fdfd7280179f786bd52401a64db2094f
parent8b6a81346beb18adddb52e9fda3a0d5821f7de82 (diff)
downloadedk2-d14fd60dc0227b6fa9b18a344fb2aa0e73303a4b.tar.gz
edk2-d14fd60dc0227b6fa9b18a344fb2aa0e73303a4b.tar.bz2
edk2-d14fd60dc0227b6fa9b18a344fb2aa0e73303a4b.zip
CryptoPkg: BaseCryptLib: support free(NULL)
The ISO C standard says about free(), If ptr is a null pointer, no action occurs. This is not true of the FreePool() interface of the MemoryAllocationLib class: Buffer must have been allocated on a previous call to the pool allocation services of the Memory Allocation Library. [...] If Buffer was not allocated with a pool allocation function in the Memory Allocation Library, then ASSERT(). Therefore we must not forward the argument of free() to FreePool() without checking. This bug can be triggered by upstream OpenSSL commit 8e704858f219 ("RT3955: Reduce some stack usage"), for example. Cc: David Woodhouse <dwmw2@infradead.org> Cc: Qin Long <qin.long@intel.com> Cc: Ting Ye <ting.ye@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Qin Long <qin.long@intel.com> (cherry picked from commit 211372d63a82861e52250c0f7a5ee78d9dc417ae)
-rw-r--r--CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c b/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c
index 544f07215b..964545f143 100644
--- a/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c
+++ b/CryptoPkg/Library/BaseCryptLib/SysCall/BaseMemAllocation.c
@@ -38,5 +38,11 @@ void *realloc (void *ptr, size_t size)
/* De-allocates or frees a memory block */
void free (void *ptr)
{
- FreePool (ptr);
+ //
+ // In Standard C, free() handles a null pointer argument transparently. This
+ // is not true of FreePool() below, so protect it.
+ //
+ if (ptr != NULL) {
+ FreePool (ptr);
+ }
}