diff options
author | Tianjie Xu | 2017-07-19 18:00:19 -0500 |
---|---|---|
committer | Gerrit Code Review | 2017-07-19 18:00:19 -0500 |
commit | 94a8ea1797cf807458f94953fe721985bf1261f0 (patch) | |
tree | bdcda7cd5a4e2baa1f45c66f6a1698df47119175 | |
parent | 8155a8ba74bce27626f3ce3f088951298c44776d (diff) | |
parent | de6735e80cc65be50381388640d94f1b1d0f20fa (diff) | |
download | platform-bootable-recovery-94a8ea1797cf807458f94953fe721985bf1261f0.tar.gz platform-bootable-recovery-94a8ea1797cf807458f94953fe721985bf1261f0.tar.xz platform-bootable-recovery-94a8ea1797cf807458f94953fe721985bf1261f0.zip |
Merge "Fix the android-cloexec-* warnings in bootable/recovery"
-rw-r--r-- | install.cpp | 2 | ||||
-rw-r--r-- | minui/resources.cpp | 2 | ||||
-rw-r--r-- | recovery-persist.cpp | 30 | ||||
-rw-r--r-- | recovery.cpp | 48 | ||||
-rw-r--r-- | tests/component/updater_test.cpp | 4 | ||||
-rw-r--r-- | tests/manual/recovery_test.cpp | 2 | ||||
-rw-r--r-- | verifier.cpp | 143 |
7 files changed, 115 insertions, 116 deletions
diff --git a/install.cpp b/install.cpp index 7ba8f013..7fbf5c01 100644 --- a/install.cpp +++ b/install.cpp | |||
@@ -265,7 +265,7 @@ int update_binary_command(const std::string& package, ZipArchiveHandle zip, | |||
265 | } | 265 | } |
266 | 266 | ||
267 | unlink(binary_path.c_str()); | 267 | unlink(binary_path.c_str()); |
268 | int fd = creat(binary_path.c_str(), 0755); | 268 | int fd = open(binary_path.c_str(), O_CREAT | O_WRONLY | O_TRUNC | O_CLOEXEC, 0755); |
269 | if (fd == -1) { | 269 | if (fd == -1) { |
270 | PLOG(ERROR) << "Failed to create " << binary_path; | 270 | PLOG(ERROR) << "Failed to create " << binary_path; |
271 | return INSTALL_ERROR; | 271 | return INSTALL_ERROR; |
diff --git a/minui/resources.cpp b/minui/resources.cpp index 86c731b0..8f8d36d2 100644 --- a/minui/resources.cpp +++ b/minui/resources.cpp | |||
@@ -56,7 +56,7 @@ static int open_png(const char* name, png_structp* png_ptr, png_infop* info_ptr, | |||
56 | 56 | ||
57 | snprintf(resPath, sizeof(resPath)-1, "/res/images/%s.png", name); | 57 | snprintf(resPath, sizeof(resPath)-1, "/res/images/%s.png", name); |
58 | resPath[sizeof(resPath)-1] = '\0'; | 58 | resPath[sizeof(resPath)-1] = '\0'; |
59 | FILE* fp = fopen(resPath, "rb"); | 59 | FILE* fp = fopen(resPath, "rbe"); |
60 | if (fp == NULL) { | 60 | if (fp == NULL) { |
61 | result = -1; | 61 | result = -1; |
62 | goto exit; | 62 | goto exit; |
diff --git a/recovery-persist.cpp b/recovery-persist.cpp index d706ccac..dbce7ff7 100644 --- a/recovery-persist.cpp +++ b/recovery-persist.cpp | |||
@@ -59,21 +59,21 @@ static void check_and_fclose(FILE *fp, const char *name) { | |||
59 | } | 59 | } |
60 | 60 | ||
61 | static void copy_file(const char* source, const char* destination) { | 61 | static void copy_file(const char* source, const char* destination) { |
62 | FILE* dest_fp = fopen(destination, "w"); | 62 | FILE* dest_fp = fopen(destination, "we"); |
63 | if (dest_fp == nullptr) { | 63 | if (dest_fp == nullptr) { |
64 | PLOG(ERROR) << "Can't open " << destination; | 64 | PLOG(ERROR) << "Can't open " << destination; |
65 | } else { | 65 | } else { |
66 | FILE* source_fp = fopen(source, "r"); | 66 | FILE* source_fp = fopen(source, "re"); |
67 | if (source_fp != nullptr) { | 67 | if (source_fp != nullptr) { |
68 | char buf[4096]; | 68 | char buf[4096]; |
69 | size_t bytes; | 69 | size_t bytes; |
70 | while ((bytes = fread(buf, 1, sizeof(buf), source_fp)) != 0) { | 70 | while ((bytes = fread(buf, 1, sizeof(buf), source_fp)) != 0) { |
71 | fwrite(buf, 1, bytes, dest_fp); | 71 | fwrite(buf, 1, bytes, dest_fp); |
72 | } | 72 | } |
73 | check_and_fclose(source_fp, source); | 73 | check_and_fclose(source_fp, source); |
74 | } | ||
75 | check_and_fclose(dest_fp, destination); | ||
76 | } | 74 | } |
75 | check_and_fclose(dest_fp, destination); | ||
76 | } | ||
77 | } | 77 | } |
78 | 78 | ||
79 | static bool rotated = false; | 79 | static bool rotated = false; |
@@ -120,7 +120,7 @@ int main(int argc, char **argv) { | |||
120 | */ | 120 | */ |
121 | bool has_cache = false; | 121 | bool has_cache = false; |
122 | static const char mounts_file[] = "/proc/mounts"; | 122 | static const char mounts_file[] = "/proc/mounts"; |
123 | FILE *fp = fopen(mounts_file, "r"); | 123 | FILE* fp = fopen(mounts_file, "re"); |
124 | if (!fp) { | 124 | if (!fp) { |
125 | PLOG(ERROR) << "failed to open " << mounts_file; | 125 | PLOG(ERROR) << "failed to open " << mounts_file; |
126 | } else { | 126 | } else { |
diff --git a/recovery.cpp b/recovery.cpp index 122b89d0..e2d993e2 100644 --- a/recovery.cpp +++ b/recovery.cpp | |||
@@ -249,7 +249,7 @@ static void redirect_stdio(const char* filename) { | |||
249 | auto start = std::chrono::steady_clock::now(); | 249 | auto start = std::chrono::steady_clock::now(); |
250 | 250 | ||
251 | // Child logger to actually write to the log file. | 251 | // Child logger to actually write to the log file. |
252 | FILE* log_fp = fopen(filename, "a"); | 252 | FILE* log_fp = fopen(filename, "ae"); |
253 | if (log_fp == nullptr) { | 253 | if (log_fp == nullptr) { |
254 | PLOG(ERROR) << "fopen \"" << filename << "\" failed"; | 254 | PLOG(ERROR) << "fopen \"" << filename << "\" failed"; |
255 | close(pipefd[0]); | 255 | close(pipefd[0]); |
@@ -418,27 +418,27 @@ static void copy_log_file_to_pmsg(const char* source, const char* destination) { | |||
418 | static off_t tmplog_offset = 0; | 418 | static off_t tmplog_offset = 0; |
419 | 419 | ||
420 | static void copy_log_file(const char* source, const char* destination, bool append) { | 420 | static void copy_log_file(const char* source, const char* destination, bool append) { |
421 | FILE* dest_fp = fopen_path(destination, append ? "a" : "w"); | 421 | FILE* dest_fp = fopen_path(destination, append ? "ae" : "we"); |
422 | if (dest_fp == nullptr) { | 422 | if (dest_fp == nullptr) { |
423 | PLOG(ERROR) << "Can't open " << destination; | 423 | PLOG(ERROR) << "Can't open " << destination; |
424 | } else { | 424 | } else { |
425 | FILE* source_fp = fopen(source, "r"); | 425 | FILE* source_fp = fopen(source, "re"); |
426 | if (source_fp != nullptr) { | 426 | if (source_fp != nullptr) { |
427 | if (append) { | 427 | if (append) { |
428 | fseeko(source_fp, tmplog_offset, SEEK_SET); // Since last write | 428 | fseeko(source_fp, tmplog_offset, SEEK_SET); // Since last write |
429 | } | 429 | } |
430 | char buf[4096]; | 430 | char buf[4096]; |
431 | size_t bytes; | 431 | size_t bytes; |
432 | while ((bytes = fread(buf, 1, sizeof(buf), source_fp)) != 0) { | 432 | while ((bytes = fread(buf, 1, sizeof(buf), source_fp)) != 0) { |
433 | fwrite(buf, 1, bytes, dest_fp); | 433 | fwrite(buf, 1, bytes, dest_fp); |
434 | } | 434 | } |
435 | if (append) { | 435 | if (append) { |
436 | tmplog_offset = ftello(source_fp); | 436 | tmplog_offset = ftello(source_fp); |
437 | } | 437 | } |
438 | check_and_fclose(source_fp, source); | 438 | check_and_fclose(source_fp, source); |
439 | } | ||
440 | check_and_fclose(dest_fp, destination); | ||
441 | } | 439 | } |
440 | check_and_fclose(dest_fp, destination); | ||
441 | } | ||
442 | } | 442 | } |
443 | 443 | ||
444 | static void copy_logs() { | 444 | static void copy_logs() { |
@@ -487,7 +487,7 @@ static void finish_recovery() { | |||
487 | if (!locale.empty() && has_cache) { | 487 | if (!locale.empty() && has_cache) { |
488 | LOG(INFO) << "Saving locale \"" << locale << "\""; | 488 | LOG(INFO) << "Saving locale \"" << locale << "\""; |
489 | 489 | ||
490 | FILE* fp = fopen_path(LOCALE_FILE, "w"); | 490 | FILE* fp = fopen_path(LOCALE_FILE, "we"); |
491 | if (!android::base::WriteStringToFd(locale, fileno(fp))) { | 491 | if (!android::base::WriteStringToFd(locale, fileno(fp))) { |
492 | PLOG(ERROR) << "Failed to save locale to " << LOCALE_FILE; | 492 | PLOG(ERROR) << "Failed to save locale to " << LOCALE_FILE; |
493 | } | 493 | } |
@@ -551,7 +551,7 @@ static bool erase_volume(const char* volume) { | |||
551 | } | 551 | } |
552 | 552 | ||
553 | std::string data(sb.st_size, '\0'); | 553 | std::string data(sb.st_size, '\0'); |
554 | FILE* f = fopen(path.c_str(), "rb"); | 554 | FILE* f = fopen(path.c_str(), "rbe"); |
555 | fread(&data[0], 1, data.size(), f); | 555 | fread(&data[0], 1, data.size(), f); |
556 | fclose(f); | 556 | fclose(f); |
557 | 557 | ||
@@ -579,7 +579,7 @@ static bool erase_volume(const char* volume) { | |||
579 | ui->Print("Failed to make convert_fbe dir %s\n", strerror(errno)); | 579 | ui->Print("Failed to make convert_fbe dir %s\n", strerror(errno)); |
580 | return true; | 580 | return true; |
581 | } | 581 | } |
582 | FILE* f = fopen(CONVERT_FBE_FILE, "wb"); | 582 | FILE* f = fopen(CONVERT_FBE_FILE, "wbe"); |
583 | if (!f) { | 583 | if (!f) { |
584 | ui->Print("Failed to convert to file encryption %s\n", strerror(errno)); | 584 | ui->Print("Failed to convert to file encryption %s\n", strerror(errno)); |
585 | return true; | 585 | return true; |
diff --git a/tests/component/updater_test.cpp b/tests/component/updater_test.cpp index 357a39ef..01b86f22 100644 --- a/tests/component/updater_test.cpp +++ b/tests/component/updater_test.cpp | |||
@@ -485,7 +485,7 @@ TEST_F(UpdaterTest, block_image_update) { | |||
485 | UpdaterInfo updater_info; | 485 | UpdaterInfo updater_info; |
486 | updater_info.package_zip = handle; | 486 | updater_info.package_zip = handle; |
487 | TemporaryFile temp_pipe; | 487 | TemporaryFile temp_pipe; |
488 | updater_info.cmd_pipe = fopen(temp_pipe.path, "wb"); | 488 | updater_info.cmd_pipe = fopen(temp_pipe.path, "wbe"); |
489 | updater_info.package_zip_addr = map.addr; | 489 | updater_info.package_zip_addr = map.addr; |
490 | updater_info.package_zip_len = map.length; | 490 | updater_info.package_zip_len = map.length; |
491 | 491 | ||
@@ -561,7 +561,7 @@ TEST_F(UpdaterTest, new_data_short_write) { | |||
561 | UpdaterInfo updater_info; | 561 | UpdaterInfo updater_info; |
562 | updater_info.package_zip = handle; | 562 | updater_info.package_zip = handle; |
563 | TemporaryFile temp_pipe; | 563 | TemporaryFile temp_pipe; |
564 | updater_info.cmd_pipe = fopen(temp_pipe.path, "wb"); | 564 | updater_info.cmd_pipe = fopen(temp_pipe.path, "wbe"); |
565 | updater_info.package_zip_addr = map.addr; | 565 | updater_info.package_zip_addr = map.addr; |
566 | updater_info.package_zip_len = map.length; | 566 | updater_info.package_zip_len = map.length; |
567 | 567 | ||
diff --git a/tests/manual/recovery_test.cpp b/tests/manual/recovery_test.cpp index d36dd331..92c6ef2d 100644 --- a/tests/manual/recovery_test.cpp +++ b/tests/manual/recovery_test.cpp | |||
@@ -141,7 +141,7 @@ class ResourceTest : public testing::TestWithParam<std::string> { | |||
141 | // under recovery. | 141 | // under recovery. |
142 | void SetUp() override { | 142 | void SetUp() override { |
143 | std::string file_path = GetParam(); | 143 | std::string file_path = GetParam(); |
144 | fp = fopen(file_path.c_str(), "rb"); | 144 | fp = fopen(file_path.c_str(), "rbe"); |
145 | ASSERT_NE(nullptr, fp); | 145 | ASSERT_NE(nullptr, fp); |
146 | 146 | ||
147 | unsigned char header[8]; | 147 | unsigned char header[8]; |
diff --git a/verifier.cpp b/verifier.cpp index 2ef9c4c3..18437fb7 100644 --- a/verifier.cpp +++ b/verifier.cpp | |||
@@ -474,81 +474,80 @@ std::unique_ptr<EC_KEY, ECKEYDeleter> parse_ec_key(FILE* file) { | |||
474 | // Otherwise returns false if the file failed to parse, or if it contains zero | 474 | // Otherwise returns false if the file failed to parse, or if it contains zero |
475 | // keys. The contents in certs would be unspecified on failure. | 475 | // keys. The contents in certs would be unspecified on failure. |
476 | bool load_keys(const char* filename, std::vector<Certificate>& certs) { | 476 | bool load_keys(const char* filename, std::vector<Certificate>& certs) { |
477 | std::unique_ptr<FILE, decltype(&fclose)> f(fopen(filename, "r"), fclose); | 477 | std::unique_ptr<FILE, decltype(&fclose)> f(fopen(filename, "re"), fclose); |
478 | if (!f) { | 478 | if (!f) { |
479 | PLOG(ERROR) << "error opening " << filename; | 479 | PLOG(ERROR) << "error opening " << filename; |
480 | return false; | 480 | return false; |
481 | } | 481 | } |
482 | |||
483 | while (true) { | ||
484 | certs.emplace_back(0, Certificate::KEY_TYPE_RSA, nullptr, nullptr); | ||
485 | Certificate& cert = certs.back(); | ||
486 | uint32_t exponent = 0; | ||
487 | |||
488 | char start_char; | ||
489 | if (fscanf(f.get(), " %c", &start_char) != 1) return false; | ||
490 | if (start_char == '{') { | ||
491 | // a version 1 key has no version specifier. | ||
492 | cert.key_type = Certificate::KEY_TYPE_RSA; | ||
493 | exponent = 3; | ||
494 | cert.hash_len = SHA_DIGEST_LENGTH; | ||
495 | } else if (start_char == 'v') { | ||
496 | int version; | ||
497 | if (fscanf(f.get(), "%d {", &version) != 1) return false; | ||
498 | switch (version) { | ||
499 | case 2: | ||
500 | cert.key_type = Certificate::KEY_TYPE_RSA; | ||
501 | exponent = 65537; | ||
502 | cert.hash_len = SHA_DIGEST_LENGTH; | ||
503 | break; | ||
504 | case 3: | ||
505 | cert.key_type = Certificate::KEY_TYPE_RSA; | ||
506 | exponent = 3; | ||
507 | cert.hash_len = SHA256_DIGEST_LENGTH; | ||
508 | break; | ||
509 | case 4: | ||
510 | cert.key_type = Certificate::KEY_TYPE_RSA; | ||
511 | exponent = 65537; | ||
512 | cert.hash_len = SHA256_DIGEST_LENGTH; | ||
513 | break; | ||
514 | case 5: | ||
515 | cert.key_type = Certificate::KEY_TYPE_EC; | ||
516 | cert.hash_len = SHA256_DIGEST_LENGTH; | ||
517 | break; | ||
518 | default: | ||
519 | return false; | ||
520 | } | ||
521 | } | ||
522 | 482 | ||
523 | if (cert.key_type == Certificate::KEY_TYPE_RSA) { | 483 | while (true) { |
524 | cert.rsa = parse_rsa_key(f.get(), exponent); | 484 | certs.emplace_back(0, Certificate::KEY_TYPE_RSA, nullptr, nullptr); |
525 | if (!cert.rsa) { | 485 | Certificate& cert = certs.back(); |
526 | return false; | 486 | uint32_t exponent = 0; |
527 | } | 487 | |
488 | char start_char; | ||
489 | if (fscanf(f.get(), " %c", &start_char) != 1) return false; | ||
490 | if (start_char == '{') { | ||
491 | // a version 1 key has no version specifier. | ||
492 | cert.key_type = Certificate::KEY_TYPE_RSA; | ||
493 | exponent = 3; | ||
494 | cert.hash_len = SHA_DIGEST_LENGTH; | ||
495 | } else if (start_char == 'v') { | ||
496 | int version; | ||
497 | if (fscanf(f.get(), "%d {", &version) != 1) return false; | ||
498 | switch (version) { | ||
499 | case 2: | ||
500 | cert.key_type = Certificate::KEY_TYPE_RSA; | ||
501 | exponent = 65537; | ||
502 | cert.hash_len = SHA_DIGEST_LENGTH; | ||
503 | break; | ||
504 | case 3: | ||
505 | cert.key_type = Certificate::KEY_TYPE_RSA; | ||
506 | exponent = 3; | ||
507 | cert.hash_len = SHA256_DIGEST_LENGTH; | ||
508 | break; | ||
509 | case 4: | ||
510 | cert.key_type = Certificate::KEY_TYPE_RSA; | ||
511 | exponent = 65537; | ||
512 | cert.hash_len = SHA256_DIGEST_LENGTH; | ||
513 | break; | ||
514 | case 5: | ||
515 | cert.key_type = Certificate::KEY_TYPE_EC; | ||
516 | cert.hash_len = SHA256_DIGEST_LENGTH; | ||
517 | break; | ||
518 | default: | ||
519 | return false; | ||
520 | } | ||
521 | } | ||
528 | 522 | ||
529 | LOG(INFO) << "read key e=" << exponent << " hash=" << cert.hash_len; | 523 | if (cert.key_type == Certificate::KEY_TYPE_RSA) { |
530 | } else if (cert.key_type == Certificate::KEY_TYPE_EC) { | 524 | cert.rsa = parse_rsa_key(f.get(), exponent); |
531 | cert.ec = parse_ec_key(f.get()); | 525 | if (!cert.rsa) { |
532 | if (!cert.ec) { | 526 | return false; |
533 | return false; | 527 | } |
534 | } | ||
535 | } else { | ||
536 | LOG(ERROR) << "Unknown key type " << cert.key_type; | ||
537 | return false; | ||
538 | } | ||
539 | 528 | ||
540 | // if the line ends in a comma, this file has more keys. | 529 | LOG(INFO) << "read key e=" << exponent << " hash=" << cert.hash_len; |
541 | int ch = fgetc(f.get()); | 530 | } else if (cert.key_type == Certificate::KEY_TYPE_EC) { |
542 | if (ch == ',') { | 531 | cert.ec = parse_ec_key(f.get()); |
543 | // more keys to come. | 532 | if (!cert.ec) { |
544 | continue; | 533 | return false; |
545 | } else if (ch == EOF) { | 534 | } |
546 | break; | 535 | } else { |
547 | } else { | 536 | LOG(ERROR) << "Unknown key type " << cert.key_type; |
548 | LOG(ERROR) << "unexpected character between keys"; | 537 | return false; |
549 | return false; | ||
550 | } | ||
551 | } | 538 | } |
552 | 539 | ||
553 | return true; | 540 | // if the line ends in a comma, this file has more keys. |
541 | int ch = fgetc(f.get()); | ||
542 | if (ch == ',') { | ||
543 | // more keys to come. | ||
544 | continue; | ||
545 | } else if (ch == EOF) { | ||
546 | break; | ||
547 | } else { | ||
548 | LOG(ERROR) << "unexpected character between keys"; | ||
549 | return false; | ||
550 | } | ||
551 | } | ||
552 | return true; | ||
554 | } | 553 | } |