checksec: Do NOT error when passing directory arguments to commandline tool (#2530)

tesuji · peace-maker · web-flow · commit 78d416ba6140 · 2025-01-27T00:03:05.000+01:00
I often use `checksec *` to lazily avoid typing filenames in a directory.
If the directory contains any other sub-dirs, the command fails.
With this patch, checksec will silently skip dir paths. There's still
TOCTOU issue but I don't think checksec do anything important enough
to explicitly use try/catch to account for that.

Co-authored-by: peace-maker &lt;peacemakerctf@gmail.com&gt;
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -81,6 +81,7 @@ The table below shows which release corresponds to each branch, and what date th
 - [#2526][2526] Properly make use of extra arguments in `packing` utilities. `sign` parameter requires keyword syntax to specify it.
 - [#2517][2517] Allow to passthru kwargs on `ssh.__getattr__` convenience function to fix SSH motd problems
 - [#2527][2527] Allow setting debugger path via `context.gdb_binary`
+- [#2530][2530] Do NOT error when passing directory arguments in `checksec` commandline tool.
 
 [2519]: https://github.com/Gallopsled/pwntools/pull/2519
 [2507]: https://github.com/Gallopsled/pwntools/pull/2507
@@ -89,6 +90,7 @@ The table below shows which release corresponds to each branch, and what date th
 [2526]: https://github.com/Gallopsled/pwntools/pull/2526
 [2517]: https://github.com/Gallopsled/pwntools/pull/2517
 [2527]: https://github.com/Gallopsled/pwntools/pull/2527
+[2530]: https://github.com/Gallopsled/pwntools/pull/2530
 
 ## 4.15.0 (`beta`)
 
diff --git a/pwnlib/commandline/checksec.py b/pwnlib/commandline/checksec.py
@@ -15,30 +15,28 @@
 parser.add_argument(
     'elf',
     nargs='*',
-    type=argparse.FileType('rb'),
     help='Files to check'
 )
 parser.add_argument(
     '--file',
     nargs='*',
     dest='elf2',
     metavar='elf',
-    type=argparse.FileType('rb'),
     help='File to check (for compatibility with checksec.sh)'
 )
 
 def main(args):
-    files  = args.elf or args.elf2 or []
+    files = args.elf or args.elf2 or []
 
     if not files:
         parser.print_usage()
         return
 
     for f in files:
         try:
-            e = ELF(f.name)
+            e = ELF(f)
         except Exception as e:
-            print("{name}: {error}".format(name=f.name, error=e))
+            print("{name}: {error}".format(name=f, error=e))
 
 if __name__ == '__main__':
     common.main(__file__, main)
