Package: diffoscope
Version: 259
Severity: normal
Dear Maintainer,
I am able to crash diffoscope with a simple scenario:
sudo touch a b # Create 2 zero-byte files (owner=root)
sudo chmod go= a b # No access rights for group and others, default
access for root
diffoscope a b # This is a regular user, who is not allowed to read
these files
When the file does not have read permission for the current user, Python
exists with
PermissionError: [Errno 13] Permission denied: 'a'
Expected behaviour:
* Skip this file and add it to the output as an inaccessible file
(similar to how /dev/stdout is handled)
With kind regards,
Roland Clobus
-- System Information:
Debian Release: trixie/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.6.13-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages diffoscope depends on:
ii diffoscope-minimal 259
Versions of packages diffoscope recommends:
ii 7zip 23.01+dfsg-8
ii aapt 1:14~beta1-2+b1
ii abootimg 0.6-1.1
ii acl 2.3.2-1
ii androguard 3.4.0~a1-10
ii apksigcopier 1.1.1-1
ii apksigner 31.0.2-1
ii apktool 2.7.0+dfsg-7
ii binutils-multiarch 2.42-3
ii bzip2 1.0.8-5+b2
ii caca-utils 0.99.beta20-4
ii colord 1.4.6-5
ii coreboot-utils 4.15~dfsg-4
ii db-util 5.3.3
ii default-jdk-headless 2:1.17-75
ii device-tree-compiler 1.7.0-2
ii dexdump 14.0.0+r15-1+b1
ii docx2txt 1.4-5
ii e2fsprogs 1.47.0-2.3
ii enjarify 1:1.0.3-5
ii ffmpeg 7:6.1.1-2
ii fontforge-extras 1:20230101~dfsg-1+b1
ii fonttools 4.46.0-1
ii fp-utils 3.2.2+dfsg-32
ii fp-utils-3.2.2 [fp-utils] 3.2.2+dfsg-32
ii genisoimage 9:1.1.11-3.4
ii gettext 0.21-14+b1
ii ghc 9.4.7-3
ii ghostscript 10.02.1~dfsg-3
ii giflib-tools 5.2.2-1
ii gnumeric 1.12.56-2+b1
ii gnupg-utils 2.2.40-1.1+b1
ii gpg 2.2.40-1.1+b1
ii hdf5-tools 1.10.10+repack-3.1
ii html2text 2.2.3-2
ii imagemagick 8:6.9.12.98+dfsg1-5.1
ii imagemagick-6.q16 [imagemagick] 8:6.9.12.98+dfsg1-5.1
ii jsbeautifier 1.14.11-1
ii libarchive-tools 3.7.2-1.1
ii libxmlb-utils 0.3.15-1
ii llvm 1:16.0-57
ii lz4 [liblz4-tool] 1.9.4-1+b2
ii lzip 1.24.1-1
ii mono-utils 6.8.0.105+dfsg-3.5
ii ocaml-nox 4.14.1-1
ii odt2txt 0.5-7
ii oggvideotools 0.9.1-6
ii openssh-client 1:9.6p1-4
ii openssl 3.1.5-1.1
ii pgpdump 0.36-1
ii poppler-utils 22.12.0-2+b1
ii procyon-decompiler 0.6.0-1
ii python3-argcomplete 3.1.4-1
ii python3-binwalk 2.3.4+dfsg1-4
ii python3-debian 0.1.49
ii python3-defusedxml 0.7.1-2
ii python3-guestfs 1:1.52.0-2.1
ii python3-jsondiff 2.0.0-2
ii python3-pdfminer 20221105+dfsg-1
ii python3-progressbar 2.5-4
ii python3-pypdf 4.0.2-1
ii python3-pyxattr 0.8.1-1+b1
ii python3-rpm 4.18.2+dfsg-2.1
ii python3-tlsh 3.4.4+20151206-1.4+b5
ii r-base-core 4.3.3-1
ii radare2 5.5.0+dfsg-1.1
ii rpm2cpio 4.18.2+dfsg-2.1
ii sng 1.1.0-4
ii sqlite3 3.45.1-1
ii squashfs-tools 1:4.6.1-1
ii tcpdump 4.99.4-3
ii u-boot-tools 2024.01+dfsg-1
ii unzip 6.0-28
ii wabt 1.0.34+dsfg2+~cs1.0.32-1
ii xmlbeans 4.0.0-2
ii xxd 2:9.1.0016-1
ii xz-utils 5.6.0-0.2
ii zip 3.0-13
ii zstd 1.5.5+dfsg2-2
Versions of packages diffoscope suggests:
ii libjs-jquery 3.6.1+dfsg+~3.5.14-1
-- no debconf information
_______________________________________________
Reproducible-builds mailing list
Reproducible-builds@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/reproducible-builds
