Enforce android command escaping with flow

Summary: Splits the utility into a public and private part - just for the opaque types to work. The private part validates arguments and does the command running. Both are safe to use, but the non-internal one is easier, you don't have to validate anything.

Reviewed By: passy

Differential Revision: D15393477

fbshipit-source-id: 92f63180fb94af4337fdf8c7dace5bc5a85d5a54

src/utils/CertificateProvider.js

@@ -331,11 +331,7 @@ export default class CertificateProvider {
     csr: string,
   ): Promise<boolean> {
     return androidUtil
-      .executeCommandAsApp(
-        deviceId,
-        processName,
-        `cat ${directory + csrFileName}`,
-      )
+      .pull(deviceId, processName, directory + csrFileName)
       .then(deviceCsr => {
         return this.santitizeString(deviceCsr.toString()) === csr;
       });