fix(anonymizer): truncate output files on open to prevent stale JSON

Retr0-XD · Retr0-XD · commit a72cc6f13767 · 2026-03-26T19:03:12.000+05:30
When running the anonymizer tool multiple times pointing to the same output paths, the files were opened with O_CREATE|O_WRONLY but without O_TRUNC. This means any previous content is kept in place and new data is written on top. If the new output happens to be shorter than the old one, the leftover bytes at the end produce malformed JSON that cannot be parsed. Added os.O_TRUNC to all three os.OpenFile calls across writer.go and extractor.go so the file is always zeroed out before writing begins. Also tightened the file creation mode from os.ModePerm (0777) to 0o600 so output files containing potentially sensitive trace data are not world-readable, and included the file path in each error message to make failures easier to diagnose. Fixes: #8231 Signed-off-by: Sakthi Harish <sakthi.harish@edgeverve.com>
diff --git a/cmd/anonymizer/app/uiconv/extractor.go b/cmd/anonymizer/app/uiconv/extractor.go
@@ -24,9 +24,9 @@ type extractor struct {
 
 // newExtractor creates extractor.
 func newExtractor(uiFile string, traceID string, reader *spanReader, logger *zap.Logger) (*extractor, error) {
-	f, err := os.OpenFile(uiFile, os.O_CREATE|os.O_WRONLY, os.ModePerm)
+	f, err := os.OpenFile(uiFile, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, 0o600)
 	if err != nil {
-		return nil, fmt.Errorf("cannot create output file: %w", err)
+		return nil, fmt.Errorf("cannot create output file %q: %w", uiFile, err)
 	}
 	logger.Sugar().Infof("Writing spans to UI file %s", uiFile)
 
diff --git a/cmd/anonymizer/app/writer/writer.go b/cmd/anonymizer/app/writer/writer.go
@@ -48,15 +48,15 @@ func New(config Config, logger *zap.Logger) (*Writer, error) {
 	}
 	logger.Sugar().Infof("Current working dir is %s", wd)
 
-	cf, err := os.OpenFile(config.CapturedFile, os.O_CREATE|os.O_WRONLY, os.ModePerm)
+	cf, err := os.OpenFile(config.CapturedFile, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, 0o600)
 	if err != nil {
-		return nil, fmt.Errorf("cannot create output file: %w", err)
+		return nil, fmt.Errorf("cannot create output file %q: %w", config.CapturedFile, err)
 	}
 	logger.Sugar().Infof("Writing captured spans to file %s", config.CapturedFile)
 
-	af, err := os.OpenFile(config.AnonymizedFile, os.O_CREATE|os.O_WRONLY, os.ModePerm)
+	af, err := os.OpenFile(config.AnonymizedFile, os.O_CREATE|os.O_WRONLY|os.O_TRUNC, 0o600)
 	if err != nil {
-		return nil, fmt.Errorf("cannot create output file: %w", err)
+		return nil, fmt.Errorf("cannot create output file %q: %w", config.AnonymizedFile, err)
 	}
 	logger.Sugar().Infof("Writing anonymized spans to file %s", config.AnonymizedFile)
 

Original file line number	Diff line number	Diff line change
`@@ -48,15 +48,15 @@ func New(config Config, logger zap.Logger) (Writer, error) {`
`48`	`48`	`}`
`49`	`49`	`logger.Sugar().Infof("Current working dir is %s", wd)`
`50`	`50`
`51`		`- cf, err := os.OpenFile(config.CapturedFile, os.O_CREATE\|os.O_WRONLY, os.ModePerm)`
	`51`	`+ cf, err := os.OpenFile(config.CapturedFile, os.O_CREATE\|os.O_WRONLY\|os.O_TRUNC, 0o600)`
`52`	`52`	`if err != nil {`
`53`		`- return nil, fmt.Errorf("cannot create output file: %w", err)`
	`53`	`+ return nil, fmt.Errorf("cannot create output file %q: %w", config.CapturedFile, err)`
`54`	`54`	`}`
`55`	`55`	`logger.Sugar().Infof("Writing captured spans to file %s", config.CapturedFile)`
`56`	`56`
`57`		`- af, err := os.OpenFile(config.AnonymizedFile, os.O_CREATE\|os.O_WRONLY, os.ModePerm)`
	`57`	`+ af, err := os.OpenFile(config.AnonymizedFile, os.O_CREATE\|os.O_WRONLY\|os.O_TRUNC, 0o600)`
`58`	`58`	`if err != nil {`
`59`		`- return nil, fmt.Errorf("cannot create output file: %w", err)`
	`59`	`+ return nil, fmt.Errorf("cannot create output file %q: %w", config.AnonymizedFile, err)`
`60`	`60`	`}`
`61`	`61`	`logger.Sugar().Infof("Writing anonymized spans to file %s", config.AnonymizedFile)`
`62`	`62`