Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

checksec: more forgiving when passed directory arguments #2530

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
Open

checksec: more forgiving when passed directory arguments #2530

wants to merge 1 commit into from

Conversation

tesuji
Copy link
Contributor

@tesuji tesuji commented Jan 22, 2025
edited
Loading

I often use checksec * to lazily avoid typing filenames in a directory. If the directory contains any other sub-dirs, the command fails. With this patch, checksec will silently skip dir paths. There is TOCTOU issue but I don't think checksec do anything important enough to explicitly use try/catch to account for that.

Before:

> checksec /bin/ /bin/ls
usage: pwn checksec [-h] [--file [elf ...]] [elf ...]
pwn checksec: error: argument elf: can't open '/bin/': [Errno 21] Is a directory: '/bin/'

After:

> checksec /bin /bin/ls
/bin: [Errno 21] Is a directory: '/bin'
[*] '/bin/ls'
    Arch:       amd64-64-little
    RELRO:      Full RELRO
    Stack:      Canary found
    NX:         NX enabled
    PIE:        PIE enabled
    FORTIFY:    Enabled
    SHSTK:      Enabled
    IBT:        Enabled

Changelog

Do not error when passing directory arguments in checksec.

@tesuji tesuji force-pushed the checksec-forgive-dir branch from 4d9455e to 8c18308 Compare January 22, 2025 05:45
peace-maker
peace-maker approved these changes Jan 22, 2025
View reviewed changes
Copy link
Member

@peace-maker peace-maker left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you!

@tesuji
checksec: Do NOT error when passing directory arguments
02c08c9 
I often use `checksec *` to lazily avoid typing filenames in a directory.
If the directory contains any other sub-dirs, the command fails.
With this patch, checksec will silently skip dir paths. There's still
TOCTOU issue but I don't think checksec do anything important enough
to explicitly use try/catch to account for that.
@tesuji tesuji force-pushed the checksec-forgive-dir branch from 8c18308 to 02c08c9 Compare January 23, 2025 00:34
@tesuji
Copy link
Contributor Author

tesuji commented Jan 23, 2025
edited
Loading

Thanks for the review! I resolved it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kozdra kozdra kozdra left review comments

@peace-maker peace-maker peace-maker approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tesuji @peace-maker @kozdra