[MEDIUM] cli.py: unhandled FileNotFoundError/OSError on --diff-file open #6

New issue

Closed

opened 2026-05-19 04:42:46 +00:00 by foravo_admin · 1 comment

foravo_admin commented

2026-05-19 04:42:46 +00:00

Owner

Imported from GitHub issue M00C1FER/mesh-review#7.

Source: https://github.com/M00C1FER/mesh-review/issues/7
Original author: @M00C1FER
Original state: closed

Finding 6 — MEDIUM

File: src/mesh_review/cli.py
Function: cmd_summary()
Commit fixing this: 834f8d8441226ac383868a9cb8ac5c69b650581e (PR #1)

Description

cmd_summary opens the user-supplied diff file without any error handling:

if args.diff_file:
    with open(args.diff_file, encoding="utf-8") as f:
        diff = f.read()

If the file does not exist or cannot be read (permissions, directory path, binary file), Python raises FileNotFoundError or OSError which propagates as an unhandled exception, producing a Python traceback rather than a clean error message.

Impact

Poor UX: users see a raw traceback instead of a useful error message.
Exit code may be non-deterministic depending on the exception type.

Fix Applied

if args.diff_file:
    try:
        with open(args.diff_file, encoding="utf-8") as f:
            diff = f.read()
    except FileNotFoundError:
        print(f"error: diff file not found: {args.diff_file}", file=sys.stderr)
        return 1
    except OSError as exc:
        print(f"error: cannot read {args.diff_file}: {exc}", file=sys.stderr)
        return 1

Imported from GitHub issue `M00C1FER/mesh-review#7`. Source: https://github.com/M00C1FER/mesh-review/issues/7 Original author: @M00C1FER Original state: closed  --- ## Finding 6 — MEDIUM **File:** `src/mesh_review/cli.py` **Function:** `cmd_summary()` **Commit fixing this:** 834f8d8441226ac383868a9cb8ac5c69b650581e (PR #1) ### Description `cmd_summary` opens the user-supplied diff file without any error handling: ```python if args.diff_file: with open(args.diff_file, encoding="utf-8") as f: diff = f.read() ``` If the file does not exist or cannot be read (permissions, directory path, binary file), Python raises `FileNotFoundError` or `OSError` which propagates as an unhandled exception, producing a Python traceback rather than a clean error message. ### Impact - Poor UX: users see a raw traceback instead of a useful error message. - Exit code may be non-deterministic depending on the exception type. ### Fix Applied ```python if args.diff_file: try: with open(args.diff_file, encoding="utf-8") as f: diff = f.read() except FileNotFoundError: print(f"error: diff file not found: {args.diff_file}", file=sys.stderr) return 1 except OSError as exc: print(f"error: cannot read {args.diff_file}: {exc}", file=sys.stderr) return 1 ```

foravo_admin

2026-05-19 04:42:46 +00:00

closed this issue
added the
code-review
label

foravo_admin commented

2026-05-19 04:42:47 +00:00

Author

Owner

Imported from GitHub issue comment M00C1FER/mesh-review#7:4362220378.

Source: https://github.com/M00C1FER/mesh-review/issues/7#issuecomment-4362220378
Original author: @M00C1FER

Fixed by merged PR #1.

Imported from GitHub issue comment `M00C1FER/mesh-review#7:4362220378`. Source: https://github.com/M00C1FER/mesh-review/issues/7#issuecomment-4362220378 Original author: @M00C1FER  --- Fixed by merged PR #1.