base: disallow close() on unique_fd.
unique_fd's implicit conversion to int allows it to be passed to close(2), which is dangerous because unique_fd will think that it still has ownership of the now-closed fd. Disallow this by providing an overload for close that's tagged with an attribute that gives a compile-time error. Test: m Change-Id: I514591335b337f2f57c1df371cf3979304aea17c
This commit is contained in:
Josh Gao
parent
e461b37965
commit
6496c4bf6f
1 changed files with 10 additions and 0 deletions
|
|
@ -95,4 +95,14 @@ using unique_fd = unique_fd_impl<DefaultCloser>;
|
|||
} // namespace base
|
||||
} // namespace android
|
||||
|
||||
template <typename T>
|
||||
int close(const android::base::unique_fd_impl<T>&)
|
||||
#if defined(__clang__)
|
||||
__attribute__((__unavailable__(
|
||||
#else
|
||||
__attribute__((__error__(
|
||||
#endif
|
||||
"close called on unique_fd"
|
||||
)));
|
||||
|
||||
#endif // ANDROID_BASE_UNIQUE_FD_H
|
||||
|
|
|
|||
Loading…
Reference in a new issue