From 7ec7566ad7fd4b46c2cecbb68aea4b31f7c9ee60 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Piotr=20Nie=C5=82acny?= Date: Tue, 16 Dec 2025 22:24:41 +0100 Subject: [PATCH] Fix state file corruption when saving user credentials Replace Boost property_tree with nlohmann::json in save_user_creds(). Boost property_tree does not preserve JSON types - it converts all values to strings when writing JSON. This caused boolean and integer fields in sunshine_state.json to become strings (e.g., true -> "true", 119480064 -> "119480064") after changing the password, leading to crashes on restart. nlohmann::json preserves the original types, matching the rest of the codebase which already uses it for JSON operations. Fixes #835 --- src/httpcommon.cpp | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/src/httpcommon.cpp b/src/httpcommon.cpp index 8fa80929..cca1bcef 100644 --- a/src/httpcommon.cpp +++ b/src/httpcommon.cpp @@ -6,6 +6,7 @@ // standard includes #include +#include #include // lib includes @@ -68,11 +69,12 @@ namespace http { } int save_user_creds(const std::string &file, const std::string &username, const std::string &password, bool run_our_mouth) { - pt::ptree outputTree; + nlohmann::json outputTree; if (fs::exists(file)) { try { - pt::read_json(file, outputTree); + std::ifstream in(file); + in >> outputTree; } catch (std::exception &e) { BOOST_LOG(error) << "Couldn't read user credentials: "sv << e.what(); return -1; @@ -80,11 +82,12 @@ namespace http { } auto salt = crypto::rand_alphabet(16); - outputTree.put("username", username); - outputTree.put("salt", salt); - outputTree.put("password", util::hex(crypto::hash(password + salt)).to_string()); + outputTree["username"] = username; + outputTree["salt"] = salt; + outputTree["password"] = util::hex(crypto::hash(password + salt)).to_string(); try { - pt::write_json(file, outputTree); + std::ofstream out(file); + out << outputTree.dump(4); // Pretty-print with an indent of 4 spaces. } catch (std::exception &e) { BOOST_LOG(error) << "error writing to the credentials file, perhaps try this again as an administrator? Details: "sv << e.what(); return -1;