From 9e53fe4b12eeb24fa716d8824567860420eab60b Mon Sep 17 00:00:00 2001 From: Chris Spiegel Date: Wed, 5 Nov 2025 06:58:29 -0800 Subject: [PATCH] Avoid using the same source and destination in snprintf() It's undefined to write to a buffer you're reading from in snprintf(). On modern glibc and musl versions, this results in the string "/zerotier_dump.txt" being generated, i.e. in the root directory. Use a new variable to hold the string dump. This is done for MacOS as well. On Sequoia, at least, it's not necessary, as it handles overlapping objects fine, but this is more future-proof. At the same time, include a specific error message when the dumpfile can't be opened to help users track down problems. Also, truncate the file so that new writes don't potentially leave stale data. --- one.cpp | 22 +++++++++++++--------- 1 file changed, 13 insertions(+), 9 deletions(-) diff --git a/one.cpp b/one.cpp index 8c67a3af2..29179e7d2 100644 --- a/one.cpp +++ b/one.cpp @@ -1196,12 +1196,13 @@ static int cli(int argc, char** argv) return 0; } - snprintf((char*)path, sizeof(path), "%s%szerotier_dump.txt", (char*)path, ZT_PATH_SEPARATOR_S); + char dumpfile[PATH_MAX]; + snprintf(dumpfile, sizeof(dumpfile), "%s%szerotier_dump.txt", (char*)path, ZT_PATH_SEPARATOR_S); - fprintf(stdout, "Writing dump to: %s\n", path); - int fd = open((char*)path, O_CREAT | O_RDWR, 0664); + fprintf(stdout, "Writing dump to: %s\n", dumpfile); + int fd = open(dumpfile, O_CREAT | O_WRONLY | O_TRUNC, 0664); if (fd == -1) { - fprintf(stderr, "Error creating file.\n"); + perror("Error creating file"); return 1; } write(fd, dump.str().c_str(), dump.str().size()); @@ -1346,12 +1347,15 @@ static int cli(int argc, char** argv) } close(sock); char cwd[16384]; - getcwd(cwd, sizeof(cwd)); - snprintf(cwd, sizeof(cwd), "%s%szerotier_dump.txt", cwd, ZT_PATH_SEPARATOR_S); - fprintf(stdout, "Writing dump to: %s\n", cwd); - int fd = open(cwd, O_CREAT | O_RDWR, 0664); + if (getcwd(cwd, sizeof(cwd)) == nullptr) { + strcpy(cwd, "."); + } + char dumpfile[sizeof(cwd) + 32]; + snprintf(dumpfile, sizeof(dumpfile), "%s%szerotier_dump.txt", cwd, ZT_PATH_SEPARATOR_S); + fprintf(stdout, "Writing dump to: %s\n", dumpfile); + int fd = open(dumpfile, O_CREAT | O_WRONLY | O_TRUNC, 0664); if (fd == -1) { - fprintf(stderr, "Error creating file.\n"); + perror("Error creating file"); return 1; } write(fd, dump.str().c_str(), dump.str().size());