diff --git a/ondevice-signing/CertUtils.cpp b/ondevice-signing/CertUtils.cpp index 14dd6d07..10abfe2d 100644 --- a/ondevice-signing/CertUtils.cpp +++ b/ondevice-signing/CertUtils.cpp @@ -196,9 +196,9 @@ Result> extractPublicKey(EVP_PKEY* pkey) { Result> extractPublicKeyFromSubjectPublicKeyInfo(const std::vector& keyData) { auto keyDataBytes = keyData.data(); - EVP_PKEY* public_key = d2i_PUBKEY(nullptr, &keyDataBytes, keyData.size()); + bssl::UniquePtr public_key(d2i_PUBKEY(nullptr, &keyDataBytes, keyData.size())); - return extractPublicKey(public_key); + return extractPublicKey(public_key.get()); } Result> extractPublicKeyFromX509(const std::vector& keyData) { @@ -213,18 +213,19 @@ Result> extractPublicKeyFromX509(const std::vector } Result> extractPublicKeyFromX509(const std::string& path) { - X509* cert; + X509* rawCert; auto f = fopen(path.c_str(), "re"); if (f == nullptr) { return Error() << "Failed to open " << path; } - if (!d2i_X509_fp(f, &cert)) { + if (!d2i_X509_fp(f, &rawCert)) { fclose(f); return Error() << "Unable to decode x509 cert at " << path; } + bssl::UniquePtr cert(rawCert); fclose(f); - return extractPublicKey(X509_get_pubkey(cert)); + return extractPublicKey(X509_get_pubkey(cert.get())); } Result> createPkcs7(const std::vector& signed_digest) { diff --git a/ondevice-signing/VerityUtils.cpp b/ondevice-signing/VerityUtils.cpp index cab92e24..2c4dc6dd 100644 --- a/ondevice-signing/VerityUtils.cpp +++ b/ondevice-signing/VerityUtils.cpp @@ -255,7 +255,7 @@ Result addCertToFsVerityKeyring(const std::string& path) { char* argv_child[argc + 1]; memcpy(argv_child, argv, argc * sizeof(char*)); argv_child[argc] = nullptr; - execvp(argv_child[0], const_cast(argv_child)); + execvp(argv_child[0], argv_child); PLOG(ERROR) << "exec in ForkExecvp"; _exit(EXIT_FAILURE); } else {