Enable clang-tidy for security sensitive domain. Start with clang-analyzer-security* and cert-*, but disable two specific errors: -- cert-err34-c, which checks for atoi(); heavily triggered by CommandListener, but will disappear when we move to Binder. -- cert-err58-cpp, which checks for exceptions before main(); it's a "Low" severity issue, and filed 36656327 to track cleanup. Fix all other triggered errors along the way. Test: builds, boots Bug: 36655947 Change-Id: I1391693fb521ed39700e25ab6b16bc741293bb79

commit: 32ebb739cb6c27a122d98b1bdfe1c1a5814b2ed3 [log] [tgz]
author: Jeff Sharkey <jsharkey@android.com> Mon Mar 27 16:18:50 2017 -0600
committer: Jeff Sharkey <jsharkey@android.com> Mon Mar 27 17:14:52 2017 -0600
tree: 600a15d218e212c5dda6aaa71e7adf8fc860743d
parent: fd3dc3c076f30e19e7ac902ba0531c6bcfe2e042 [diff] [blame]
diff --git a/Utils.cpp b/Utils.cpp
index 72d3801..8bdae92 100644
--- a/Utils.cpp
+++ b/Utils.cpp

@@ -292,7 +292,7 @@
         LOG(ERROR) << "Failed to setexeccon";
         abort();
     }
-    FILE* fp = popen(cmd.c_str(), "r");
+    FILE* fp = popen(cmd.c_str(), "r"); // NOLINT
     if (setexeccon(nullptr)) {
         LOG(ERROR) << "Failed to setexeccon";
         abort();
commit	32ebb739cb6c27a122d98b1bdfe1c1a5814b2ed3	[log] [tgz]
author	Jeff Sharkey <jsharkey@android.com>	Mon Mar 27 16:18:50 2017 -0600
committer	Jeff Sharkey <jsharkey@android.com>	Mon Mar 27 17:14:52 2017 -0600
tree	600a15d218e212c5dda6aaa71e7adf8fc860743d
parent	fd3dc3c076f30e19e7ac902ba0531c6bcfe2e042 [diff] [blame]