From 02c08c95a9beba80a6b99064aa153e01af460e09 Mon Sep 17 00:00:00 2001 From: Lzu Tao Date: Thu, 23 Jan 2025 07:33:12 +0700 Subject: [PATCH] checksec: Do NOT error when passing directory arguments I often use `checksec *` to lazily avoid typing filenames in a directory. If the directory contains any other sub-dirs, the command fails. With this patch, checksec will silently skip dir paths. There's still TOCTOU issue but I don't think checksec do anything important enough to explicitly use try/catch to account for that. --- CHANGELOG.md | 1 + pwnlib/commandline/checksec.py | 8 +++----- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2ac08c6ab..a351c4c9f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -74,6 +74,7 @@ The table below shows which release corresponds to each branch, and what date th ## 5.0.0 (`dev`) +- [#2530][2530] Do NOT error when passing directory arguments in `checksec`. - [#2507][2507] Add `+LINUX` and `+WINDOWS` doctest options and start proper testing on Windows - [#2522][2522] Support starting a kitty debugging window with the 'kitten' command - [#2524][2524] Raise EOFError during `process.recv` when stdout closes on Windows diff --git a/pwnlib/commandline/checksec.py b/pwnlib/commandline/checksec.py index 30e3d5dce..d346a89c4 100644 --- a/pwnlib/commandline/checksec.py +++ b/pwnlib/commandline/checksec.py @@ -15,7 +15,6 @@ parser.add_argument( 'elf', nargs='*', - type=argparse.FileType('rb'), help='Files to check' ) parser.add_argument( @@ -23,12 +22,11 @@ nargs='*', dest='elf2', metavar='elf', - type=argparse.FileType('rb'), help='File to check (for compatibility with checksec.sh)' ) def main(args): - files = args.elf or args.elf2 or [] + files = args.elf or args.elf2 or [] if not files: parser.print_usage() @@ -36,9 +34,9 @@ def main(args): for f in files: try: - e = ELF(f.name) + e = ELF(f) except Exception as e: - print("{name}: {error}".format(name=f.name, error=e)) + print("{name}: {error}".format(name=f, error=e)) if __name__ == '__main__': common.main(__file__, main)