base: disallow close() on unique_fd. unique_fd's implicit conversion to int allows it to be passed to close(2), which is dangerous because unique_fd will think that it still has ownership of the now-closed fd. Disallow this by providing an overload for close that's tagged with an attribute that gives a compile-time error. Test: m Change-Id: I514591335b337f2f57c1df371cf3979304aea17c

commit: a134c5a598f58144fa34eb3391ea301d928714de [log] [tgz]
author: Josh Gao <jmgao@google.com> Mon Aug 29 14:20:59 2016 -0700
committer: Josh Gao <jmgao@google.com> Mon Aug 29 14:37:49 2016 -0700
tree: 721bcd144350e93de01556be07ae313c3e5574ba
parent: 74cfd469a2b7a2632718b2567fc7be313f9468a5 [diff]
diff --git a/base/include/android-base/unique_fd.h b/base/include/android-base/unique_fd.h
index 869e60f..c323311 100644
--- a/base/include/android-base/unique_fd.h
+++ b/base/include/android-base/unique_fd.h

@@ -95,4 +95,14 @@
 }  // namespace base
 }  // namespace android
 
+template <typename T>
+int close(const android::base::unique_fd_impl<T>&)
+#if defined(__clang__)
+  __attribute__((__unavailable__(
+#else
+  __attribute__((__error__(
+#endif
+    "close called on unique_fd"
+  )));
+
 #endif  // ANDROID_BASE_UNIQUE_FD_H
commit	a134c5a598f58144fa34eb3391ea301d928714de	[log] [tgz]
author	Josh Gao <jmgao@google.com>	Mon Aug 29 14:20:59 2016 -0700
committer	Josh Gao <jmgao@google.com>	Mon Aug 29 14:37:49 2016 -0700
tree	721bcd144350e93de01556be07ae313c3e5574ba
parent	74cfd469a2b7a2632718b2567fc7be313f9468a5 [diff]