Fix the android-cloexec-* warnings in bootable/recovery Add the O_CLOEXEC or 'e' accordingly. Bug: 63510015 Test: recovery tests pass Change-Id: I7094bcc6af22c9687eb535116b2ca6a59178b303

commit: de6735e80cc65be50381388640d94f1b1d0f20fa [log] [tgz]
author: Tianjie Xu <xunchang@google.com> Mon Jul 10 15:13:33 2017 -0700
committer: Tianjie Xu <xunchang@google.com> Wed Jul 19 12:17:41 2017 -0700
tree: bdcda7cd5a4e2baa1f45c66f6a1698df47119175
parent: 8155a8ba74bce27626f3ce3f088951298c44776d [diff] [blame]
diff --git a/verifier.cpp b/verifier.cpp
index 2ef9c4c..18437fb 100644
--- a/verifier.cpp
+++ b/verifier.cpp

@@ -474,81 +474,80 @@
 // Otherwise returns false if the file failed to parse, or if it contains zero
 // keys. The contents in certs would be unspecified on failure.
 bool load_keys(const char* filename, std::vector<Certificate>& certs) {
-    std::unique_ptr<FILE, decltype(&fclose)> f(fopen(filename, "r"), fclose);
-    if (!f) {
-        PLOG(ERROR) << "error opening " << filename;
+  std::unique_ptr<FILE, decltype(&fclose)> f(fopen(filename, "re"), fclose);
+  if (!f) {
+    PLOG(ERROR) << "error opening " << filename;
+    return false;
+  }
+
+  while (true) {
+    certs.emplace_back(0, Certificate::KEY_TYPE_RSA, nullptr, nullptr);
+    Certificate& cert = certs.back();
+    uint32_t exponent = 0;
+
+    char start_char;
+    if (fscanf(f.get(), " %c", &start_char) != 1) return false;
+    if (start_char == '{') {
+      // a version 1 key has no version specifier.
+      cert.key_type = Certificate::KEY_TYPE_RSA;
+      exponent = 3;
+      cert.hash_len = SHA_DIGEST_LENGTH;
+    } else if (start_char == 'v') {
+      int version;
+      if (fscanf(f.get(), "%d {", &version) != 1) return false;
+      switch (version) {
+        case 2:
+          cert.key_type = Certificate::KEY_TYPE_RSA;
+          exponent = 65537;
+          cert.hash_len = SHA_DIGEST_LENGTH;
+          break;
+        case 3:
+          cert.key_type = Certificate::KEY_TYPE_RSA;
+          exponent = 3;
+          cert.hash_len = SHA256_DIGEST_LENGTH;
+          break;
+        case 4:
+          cert.key_type = Certificate::KEY_TYPE_RSA;
+          exponent = 65537;
+          cert.hash_len = SHA256_DIGEST_LENGTH;
+          break;
+        case 5:
+          cert.key_type = Certificate::KEY_TYPE_EC;
+          cert.hash_len = SHA256_DIGEST_LENGTH;
+          break;
+        default:
+          return false;
+      }
+    }
+
+    if (cert.key_type == Certificate::KEY_TYPE_RSA) {
+      cert.rsa = parse_rsa_key(f.get(), exponent);
+      if (!cert.rsa) {
         return false;
+      }
+
+      LOG(INFO) << "read key e=" << exponent << " hash=" << cert.hash_len;
+    } else if (cert.key_type == Certificate::KEY_TYPE_EC) {
+      cert.ec = parse_ec_key(f.get());
+      if (!cert.ec) {
+        return false;
+      }
+    } else {
+      LOG(ERROR) << "Unknown key type " << cert.key_type;
+      return false;
     }
 
-    while (true) {
-        certs.emplace_back(0, Certificate::KEY_TYPE_RSA, nullptr, nullptr);
-        Certificate& cert = certs.back();
-        uint32_t exponent = 0;
-
-        char start_char;
-        if (fscanf(f.get(), " %c", &start_char) != 1) return false;
-        if (start_char == '{') {
-            // a version 1 key has no version specifier.
-            cert.key_type = Certificate::KEY_TYPE_RSA;
-            exponent = 3;
-            cert.hash_len = SHA_DIGEST_LENGTH;
-        } else if (start_char == 'v') {
-            int version;
-            if (fscanf(f.get(), "%d {", &version) != 1) return false;
-            switch (version) {
-                case 2:
-                    cert.key_type = Certificate::KEY_TYPE_RSA;
-                    exponent = 65537;
-                    cert.hash_len = SHA_DIGEST_LENGTH;
-                    break;
-                case 3:
-                    cert.key_type = Certificate::KEY_TYPE_RSA;
-                    exponent = 3;
-                    cert.hash_len = SHA256_DIGEST_LENGTH;
-                    break;
-                case 4:
-                    cert.key_type = Certificate::KEY_TYPE_RSA;
-                    exponent = 65537;
-                    cert.hash_len = SHA256_DIGEST_LENGTH;
-                    break;
-                case 5:
-                    cert.key_type = Certificate::KEY_TYPE_EC;
-                    cert.hash_len = SHA256_DIGEST_LENGTH;
-                    break;
-                default:
-                    return false;
-            }
-        }
-
-        if (cert.key_type == Certificate::KEY_TYPE_RSA) {
-            cert.rsa = parse_rsa_key(f.get(), exponent);
-            if (!cert.rsa) {
-              return false;
-            }
-
-            LOG(INFO) << "read key e=" << exponent << " hash=" << cert.hash_len;
-        } else if (cert.key_type == Certificate::KEY_TYPE_EC) {
-            cert.ec = parse_ec_key(f.get());
-            if (!cert.ec) {
-              return false;
-            }
-        } else {
-            LOG(ERROR) << "Unknown key type " << cert.key_type;
-            return false;
-        }
-
-        // if the line ends in a comma, this file has more keys.
-        int ch = fgetc(f.get());
-        if (ch == ',') {
-            // more keys to come.
-            continue;
-        } else if (ch == EOF) {
-            break;
-        } else {
-            LOG(ERROR) << "unexpected character between keys";
-            return false;
-        }
+    // if the line ends in a comma, this file has more keys.
+    int ch = fgetc(f.get());
+    if (ch == ',') {
+      // more keys to come.
+      continue;
+    } else if (ch == EOF) {
+      break;
+    } else {
+      LOG(ERROR) << "unexpected character between keys";
+      return false;
     }
-
-    return true;
+  }
+  return true;
 }
commit	de6735e80cc65be50381388640d94f1b1d0f20fa	[log] [tgz]
author	Tianjie Xu <xunchang@google.com>	Mon Jul 10 15:13:33 2017 -0700
committer	Tianjie Xu <xunchang@google.com>	Wed Jul 19 12:17:41 2017 -0700
tree	bdcda7cd5a4e2baa1f45c66f6a1698df47119175
parent	8155a8ba74bce27626f3ce3f088951298c44776d [diff] [blame]