aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTianjie Xu2017-07-19 18:12:20 -0500
committerandroid-build-merger2017-07-19 18:12:20 -0500
commitf2a279adb556649d41cd7750e22be1cc6bce62e5 (patch)
treec742e5f7fe9b9cd3232aefdcb408b763f519e0d1
parent1a4f9e37ddf7c6d3533a638baf23b2c8ec1c39a4 (diff)
parent96b5bb9601033d6c2371f2c71f5030717f5abcfd (diff)
downloadplatform-bootable-recovery-f2a279adb556649d41cd7750e22be1cc6bce62e5.tar.gz
platform-bootable-recovery-f2a279adb556649d41cd7750e22be1cc6bce62e5.tar.xz
platform-bootable-recovery-f2a279adb556649d41cd7750e22be1cc6bce62e5.zip
Merge "Fix the android-cloexec-* warnings in bootable/recovery" am: 94a8ea1797 am: 6d8827e0d3
am: 96b5bb9601 Change-Id: I55911c112a34797d7c7098e5e325145667b46715
-rw-r--r--install.cpp2
-rw-r--r--minui/resources.cpp2
-rw-r--r--recovery-persist.cpp30
-rw-r--r--recovery.cpp48
-rw-r--r--tests/component/updater_test.cpp4
-rw-r--r--tests/manual/recovery_test.cpp2
-rw-r--r--verifier.cpp143
7 files changed, 115 insertions, 116 deletions
diff --git a/install.cpp b/install.cpp
index 7ba8f013..7fbf5c01 100644
--- a/install.cpp
+++ b/install.cpp
@@ -265,7 +265,7 @@ int update_binary_command(const std::string& package, ZipArchiveHandle zip,
265 } 265 }
266 266
267 unlink(binary_path.c_str()); 267 unlink(binary_path.c_str());
268 int fd = creat(binary_path.c_str(), 0755); 268 int fd = open(binary_path.c_str(), O_CREAT | O_WRONLY | O_TRUNC | O_CLOEXEC, 0755);
269 if (fd == -1) { 269 if (fd == -1) {
270 PLOG(ERROR) << "Failed to create " << binary_path; 270 PLOG(ERROR) << "Failed to create " << binary_path;
271 return INSTALL_ERROR; 271 return INSTALL_ERROR;
diff --git a/minui/resources.cpp b/minui/resources.cpp
index 86c731b0..8f8d36d2 100644
--- a/minui/resources.cpp
+++ b/minui/resources.cpp
@@ -56,7 +56,7 @@ static int open_png(const char* name, png_structp* png_ptr, png_infop* info_ptr,
56 56
57 snprintf(resPath, sizeof(resPath)-1, "/res/images/%s.png", name); 57 snprintf(resPath, sizeof(resPath)-1, "/res/images/%s.png", name);
58 resPath[sizeof(resPath)-1] = '\0'; 58 resPath[sizeof(resPath)-1] = '\0';
59 FILE* fp = fopen(resPath, "rb"); 59 FILE* fp = fopen(resPath, "rbe");
60 if (fp == NULL) { 60 if (fp == NULL) {
61 result = -1; 61 result = -1;
62 goto exit; 62 goto exit;
diff --git a/recovery-persist.cpp b/recovery-persist.cpp
index d706ccac..dbce7ff7 100644
--- a/recovery-persist.cpp
+++ b/recovery-persist.cpp
@@ -59,21 +59,21 @@ static void check_and_fclose(FILE *fp, const char *name) {
59} 59}
60 60
61static void copy_file(const char* source, const char* destination) { 61static void copy_file(const char* source, const char* destination) {
62 FILE* dest_fp = fopen(destination, "w"); 62 FILE* dest_fp = fopen(destination, "we");
63 if (dest_fp == nullptr) { 63 if (dest_fp == nullptr) {
64 PLOG(ERROR) << "Can't open " << destination; 64 PLOG(ERROR) << "Can't open " << destination;
65 } else { 65 } else {
66 FILE* source_fp = fopen(source, "r"); 66 FILE* source_fp = fopen(source, "re");
67 if (source_fp != nullptr) { 67 if (source_fp != nullptr) {
68 char buf[4096]; 68 char buf[4096];
69 size_t bytes; 69 size_t bytes;
70 while ((bytes = fread(buf, 1, sizeof(buf), source_fp)) != 0) { 70 while ((bytes = fread(buf, 1, sizeof(buf), source_fp)) != 0) {
71 fwrite(buf, 1, bytes, dest_fp); 71 fwrite(buf, 1, bytes, dest_fp);
72 } 72 }
73 check_and_fclose(source_fp, source); 73 check_and_fclose(source_fp, source);
74 }
75 check_and_fclose(dest_fp, destination);
76 } 74 }
75 check_and_fclose(dest_fp, destination);
76 }
77} 77}
78 78
79static bool rotated = false; 79static bool rotated = false;
@@ -120,7 +120,7 @@ int main(int argc, char **argv) {
120 */ 120 */
121 bool has_cache = false; 121 bool has_cache = false;
122 static const char mounts_file[] = "/proc/mounts"; 122 static const char mounts_file[] = "/proc/mounts";
123 FILE *fp = fopen(mounts_file, "r"); 123 FILE* fp = fopen(mounts_file, "re");
124 if (!fp) { 124 if (!fp) {
125 PLOG(ERROR) << "failed to open " << mounts_file; 125 PLOG(ERROR) << "failed to open " << mounts_file;
126 } else { 126 } else {
diff --git a/recovery.cpp b/recovery.cpp
index 852f1e86..50115885 100644
--- a/recovery.cpp
+++ b/recovery.cpp
@@ -250,7 +250,7 @@ static void redirect_stdio(const char* filename) {
250 auto start = std::chrono::steady_clock::now(); 250 auto start = std::chrono::steady_clock::now();
251 251
252 // Child logger to actually write to the log file. 252 // Child logger to actually write to the log file.
253 FILE* log_fp = fopen(filename, "a"); 253 FILE* log_fp = fopen(filename, "ae");
254 if (log_fp == nullptr) { 254 if (log_fp == nullptr) {
255 PLOG(ERROR) << "fopen \"" << filename << "\" failed"; 255 PLOG(ERROR) << "fopen \"" << filename << "\" failed";
256 close(pipefd[0]); 256 close(pipefd[0]);
@@ -419,27 +419,27 @@ static void copy_log_file_to_pmsg(const char* source, const char* destination) {
419static off_t tmplog_offset = 0; 419static off_t tmplog_offset = 0;
420 420
421static void copy_log_file(const char* source, const char* destination, bool append) { 421static void copy_log_file(const char* source, const char* destination, bool append) {
422 FILE* dest_fp = fopen_path(destination, append ? "a" : "w"); 422 FILE* dest_fp = fopen_path(destination, append ? "ae" : "we");
423 if (dest_fp == nullptr) { 423 if (dest_fp == nullptr) {
424 PLOG(ERROR) << "Can't open " << destination; 424 PLOG(ERROR) << "Can't open " << destination;
425 } else { 425 } else {
426 FILE* source_fp = fopen(source, "r"); 426 FILE* source_fp = fopen(source, "re");
427 if (source_fp != nullptr) { 427 if (source_fp != nullptr) {
428 if (append) { 428 if (append) {
429 fseeko(source_fp, tmplog_offset, SEEK_SET); // Since last write 429 fseeko(source_fp, tmplog_offset, SEEK_SET); // Since last write
430 } 430 }
431 char buf[4096]; 431 char buf[4096];
432 size_t bytes; 432 size_t bytes;
433 while ((bytes = fread(buf, 1, sizeof(buf), source_fp)) != 0) { 433 while ((bytes = fread(buf, 1, sizeof(buf), source_fp)) != 0) {
434 fwrite(buf, 1, bytes, dest_fp); 434 fwrite(buf, 1, bytes, dest_fp);
435 } 435 }
436 if (append) { 436 if (append) {
437 tmplog_offset = ftello(source_fp); 437 tmplog_offset = ftello(source_fp);
438 } 438 }
439 check_and_fclose(source_fp, source); 439 check_and_fclose(source_fp, source);
440 }
441 check_and_fclose(dest_fp, destination);
442 } 440 }
441 check_and_fclose(dest_fp, destination);
442 }
443} 443}
444 444
445static void copy_logs() { 445static void copy_logs() {
@@ -488,7 +488,7 @@ static void finish_recovery() {
488 if (!locale.empty() && has_cache) { 488 if (!locale.empty() && has_cache) {
489 LOG(INFO) << "Saving locale \"" << locale << "\""; 489 LOG(INFO) << "Saving locale \"" << locale << "\"";
490 490
491 FILE* fp = fopen_path(LOCALE_FILE, "w"); 491 FILE* fp = fopen_path(LOCALE_FILE, "we");
492 if (!android::base::WriteStringToFd(locale, fileno(fp))) { 492 if (!android::base::WriteStringToFd(locale, fileno(fp))) {
493 PLOG(ERROR) << "Failed to save locale to " << LOCALE_FILE; 493 PLOG(ERROR) << "Failed to save locale to " << LOCALE_FILE;
494 } 494 }
@@ -552,7 +552,7 @@ static bool erase_volume(const char* volume) {
552 } 552 }
553 553
554 std::string data(sb.st_size, '\0'); 554 std::string data(sb.st_size, '\0');
555 FILE* f = fopen(path.c_str(), "rb"); 555 FILE* f = fopen(path.c_str(), "rbe");
556 fread(&data[0], 1, data.size(), f); 556 fread(&data[0], 1, data.size(), f);
557 fclose(f); 557 fclose(f);
558 558
@@ -580,7 +580,7 @@ static bool erase_volume(const char* volume) {
580 ui->Print("Failed to make convert_fbe dir %s\n", strerror(errno)); 580 ui->Print("Failed to make convert_fbe dir %s\n", strerror(errno));
581 return true; 581 return true;
582 } 582 }
583 FILE* f = fopen(CONVERT_FBE_FILE, "wb"); 583 FILE* f = fopen(CONVERT_FBE_FILE, "wbe");
584 if (!f) { 584 if (!f) {
585 ui->Print("Failed to convert to file encryption %s\n", strerror(errno)); 585 ui->Print("Failed to convert to file encryption %s\n", strerror(errno));
586 return true; 586 return true;
diff --git a/tests/component/updater_test.cpp b/tests/component/updater_test.cpp
index 357a39ef..01b86f22 100644
--- a/tests/component/updater_test.cpp
+++ b/tests/component/updater_test.cpp
@@ -485,7 +485,7 @@ TEST_F(UpdaterTest, block_image_update) {
485 UpdaterInfo updater_info; 485 UpdaterInfo updater_info;
486 updater_info.package_zip = handle; 486 updater_info.package_zip = handle;
487 TemporaryFile temp_pipe; 487 TemporaryFile temp_pipe;
488 updater_info.cmd_pipe = fopen(temp_pipe.path, "wb"); 488 updater_info.cmd_pipe = fopen(temp_pipe.path, "wbe");
489 updater_info.package_zip_addr = map.addr; 489 updater_info.package_zip_addr = map.addr;
490 updater_info.package_zip_len = map.length; 490 updater_info.package_zip_len = map.length;
491 491
@@ -561,7 +561,7 @@ TEST_F(UpdaterTest, new_data_short_write) {
561 UpdaterInfo updater_info; 561 UpdaterInfo updater_info;
562 updater_info.package_zip = handle; 562 updater_info.package_zip = handle;
563 TemporaryFile temp_pipe; 563 TemporaryFile temp_pipe;
564 updater_info.cmd_pipe = fopen(temp_pipe.path, "wb"); 564 updater_info.cmd_pipe = fopen(temp_pipe.path, "wbe");
565 updater_info.package_zip_addr = map.addr; 565 updater_info.package_zip_addr = map.addr;
566 updater_info.package_zip_len = map.length; 566 updater_info.package_zip_len = map.length;
567 567
diff --git a/tests/manual/recovery_test.cpp b/tests/manual/recovery_test.cpp
index d36dd331..92c6ef2d 100644
--- a/tests/manual/recovery_test.cpp
+++ b/tests/manual/recovery_test.cpp
@@ -141,7 +141,7 @@ class ResourceTest : public testing::TestWithParam<std::string> {
141 // under recovery. 141 // under recovery.
142 void SetUp() override { 142 void SetUp() override {
143 std::string file_path = GetParam(); 143 std::string file_path = GetParam();
144 fp = fopen(file_path.c_str(), "rb"); 144 fp = fopen(file_path.c_str(), "rbe");
145 ASSERT_NE(nullptr, fp); 145 ASSERT_NE(nullptr, fp);
146 146
147 unsigned char header[8]; 147 unsigned char header[8];
diff --git a/verifier.cpp b/verifier.cpp
index 2ef9c4c3..18437fb7 100644
--- a/verifier.cpp
+++ b/verifier.cpp
@@ -474,81 +474,80 @@ std::unique_ptr<EC_KEY, ECKEYDeleter> parse_ec_key(FILE* file) {
474// Otherwise returns false if the file failed to parse, or if it contains zero 474// Otherwise returns false if the file failed to parse, or if it contains zero
475// keys. The contents in certs would be unspecified on failure. 475// keys. The contents in certs would be unspecified on failure.
476bool load_keys(const char* filename, std::vector<Certificate>& certs) { 476bool load_keys(const char* filename, std::vector<Certificate>& certs) {
477 std::unique_ptr<FILE, decltype(&fclose)> f(fopen(filename, "r"), fclose); 477 std::unique_ptr<FILE, decltype(&fclose)> f(fopen(filename, "re"), fclose);
478 if (!f) { 478 if (!f) {
479 PLOG(ERROR) << "error opening " << filename; 479 PLOG(ERROR) << "error opening " << filename;
480 return false; 480 return false;
481 } 481 }
482
483 while (true) {
484 certs.emplace_back(0, Certificate::KEY_TYPE_RSA, nullptr, nullptr);
485 Certificate& cert = certs.back();
486 uint32_t exponent = 0;
487
488 char start_char;
489 if (fscanf(f.get(), " %c", &start_char) != 1) return false;
490 if (start_char == '{') {
491 // a version 1 key has no version specifier.
492 cert.key_type = Certificate::KEY_TYPE_RSA;
493 exponent = 3;
494 cert.hash_len = SHA_DIGEST_LENGTH;
495 } else if (start_char == 'v') {
496 int version;
497 if (fscanf(f.get(), "%d {", &version) != 1) return false;
498 switch (version) {
499 case 2:
500 cert.key_type = Certificate::KEY_TYPE_RSA;
501 exponent = 65537;
502 cert.hash_len = SHA_DIGEST_LENGTH;
503 break;
504 case 3:
505 cert.key_type = Certificate::KEY_TYPE_RSA;
506 exponent = 3;
507 cert.hash_len = SHA256_DIGEST_LENGTH;
508 break;
509 case 4:
510 cert.key_type = Certificate::KEY_TYPE_RSA;
511 exponent = 65537;
512 cert.hash_len = SHA256_DIGEST_LENGTH;
513 break;
514 case 5:
515 cert.key_type = Certificate::KEY_TYPE_EC;
516 cert.hash_len = SHA256_DIGEST_LENGTH;
517 break;
518 default:
519 return false;
520 }
521 }
522 482
523 if (cert.key_type == Certificate::KEY_TYPE_RSA) { 483 while (true) {
524 cert.rsa = parse_rsa_key(f.get(), exponent); 484 certs.emplace_back(0, Certificate::KEY_TYPE_RSA, nullptr, nullptr);
525 if (!cert.rsa) { 485 Certificate& cert = certs.back();
526 return false; 486 uint32_t exponent = 0;
527 } 487
488 char start_char;
489 if (fscanf(f.get(), " %c", &start_char) != 1) return false;
490 if (start_char == '{') {
491 // a version 1 key has no version specifier.
492 cert.key_type = Certificate::KEY_TYPE_RSA;
493 exponent = 3;
494 cert.hash_len = SHA_DIGEST_LENGTH;
495 } else if (start_char == 'v') {
496 int version;
497 if (fscanf(f.get(), "%d {", &version) != 1) return false;
498 switch (version) {
499 case 2:
500 cert.key_type = Certificate::KEY_TYPE_RSA;
501 exponent = 65537;
502 cert.hash_len = SHA_DIGEST_LENGTH;
503 break;
504 case 3:
505 cert.key_type = Certificate::KEY_TYPE_RSA;
506 exponent = 3;
507 cert.hash_len = SHA256_DIGEST_LENGTH;
508 break;
509 case 4:
510 cert.key_type = Certificate::KEY_TYPE_RSA;
511 exponent = 65537;
512 cert.hash_len = SHA256_DIGEST_LENGTH;
513 break;
514 case 5:
515 cert.key_type = Certificate::KEY_TYPE_EC;
516 cert.hash_len = SHA256_DIGEST_LENGTH;
517 break;
518 default:
519 return false;
520 }
521 }
528 522
529 LOG(INFO) << "read key e=" << exponent << " hash=" << cert.hash_len; 523 if (cert.key_type == Certificate::KEY_TYPE_RSA) {
530 } else if (cert.key_type == Certificate::KEY_TYPE_EC) { 524 cert.rsa = parse_rsa_key(f.get(), exponent);
531 cert.ec = parse_ec_key(f.get()); 525 if (!cert.rsa) {
532 if (!cert.ec) { 526 return false;
533 return false; 527 }
534 }
535 } else {
536 LOG(ERROR) << "Unknown key type " << cert.key_type;
537 return false;
538 }
539 528
540 // if the line ends in a comma, this file has more keys. 529 LOG(INFO) << "read key e=" << exponent << " hash=" << cert.hash_len;
541 int ch = fgetc(f.get()); 530 } else if (cert.key_type == Certificate::KEY_TYPE_EC) {
542 if (ch == ',') { 531 cert.ec = parse_ec_key(f.get());
543 // more keys to come. 532 if (!cert.ec) {
544 continue; 533 return false;
545 } else if (ch == EOF) { 534 }
546 break; 535 } else {
547 } else { 536 LOG(ERROR) << "Unknown key type " << cert.key_type;
548 LOG(ERROR) << "unexpected character between keys"; 537 return false;
549 return false;
550 }
551 } 538 }
552 539
553 return true; 540 // if the line ends in a comma, this file has more keys.
541 int ch = fgetc(f.get());
542 if (ch == ',') {
543 // more keys to come.
544 continue;
545 } else if (ch == EOF) {
546 break;
547 } else {
548 LOG(ERROR) << "unexpected character between keys";
549 return false;
550 }
551 }
552 return true;
554} 553}