checksec: Do NOT error when passing directory arguments

tesuji · tesuji · commit 02c08c95a9be · 2025-01-23T07:33:12.000+07:00
I often use `checksec *` to lazily avoid typing filenames in a directory.
If the directory contains any other sub-dirs, the command fails.
With this patch, checksec will silently skip dir paths. There's still
TOCTOU issue but I don't think checksec do anything important enough
to explicitly use try/catch to account for that.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -74,6 +74,7 @@ The table below shows which release corresponds to each branch, and what date th
 
 ## 5.0.0 (`dev`)
 
+- [#2530][2530] Do NOT error when passing directory arguments in `checksec`.
 - [#2507][2507] Add `+LINUX` and `+WINDOWS` doctest options and start proper testing on Windows
 - [#2522][2522] Support starting a kitty debugging window with the 'kitten' command
 - [#2524][2524] Raise EOFError during `process.recv` when stdout closes on Windows
diff --git a/pwnlib/commandline/checksec.py b/pwnlib/commandline/checksec.py
@@ -15,30 +15,28 @@
 parser.add_argument(
     'elf',
     nargs='*',
-    type=argparse.FileType('rb'),
     help='Files to check'
 )
 parser.add_argument(
     '--file',
     nargs='*',
     dest='elf2',
     metavar='elf',
-    type=argparse.FileType('rb'),
     help='File to check (for compatibility with checksec.sh)'
 )
 
 def main(args):
-    files  = args.elf or args.elf2 or []
+    files = args.elf or args.elf2 or []
 
     if not files:
         parser.print_usage()
         return
 
     for f in files:
         try:
-            e = ELF(f.name)
+            e = ELF(f)
         except Exception as e:
-            print("{name}: {error}".format(name=f.name, error=e))
+            print("{name}: {error}".format(name=f, error=e))
 
 if __name__ == '__main__':
     common.main(__file__, main)
