checksec returns "Error: The file 'file' does not exist."
evelikov opened this issue · 5 comments
Issue
Using checksec --file /path/to/valid/file results in the following error
Error: The file 'file' does not exist.
Similarly, using checksec --dir /valid/path/ results in
Error: The directory 'dir' does not exist.
Debug Report
include the output of checksec --debug_report
***** Checksec debug *****
uid=1000(emil) gid=100(users) groups=100(users),4(adm),10(wheel),50(games),91(video),97(input),150(wireshark),190(systemd-journal),1000(android-sdk)
Linux arch-x1c3 5.10.27-1-lts #1 SMP Tue, 30 Mar 2021 13:22:29 +0000 x86_64 GNU/Linux
checksec version: 2.4.0 -- 2020081501
OS=Arch Linux
VER=
-rwxr-xr-x 1 root root 39112 Mar 6 2020 /usr/bin/cat
/usr/bin/cat: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=92ac72c796c22c45cd20a48e5a954e95f398e52b, for GNU/Linux 3.2.0, stripped
lrwxrwxrwx 1 root root 4 Apr 15 2020 /usr/bin/awk -> gawk
-rwxr-xr-x 2 root root 698488 Apr 15 2020 /usr/bin/gawk
/usr/bin/gawk: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=7aef334e7b6831944283bc79c5a743b975efac45, for GNU/Linux 3.2.0, stripped
-rwxr-xr-x 1 root root 30776 Feb 13 19:05 /usr/bin/sysctl
/usr/bin/sysctl: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=d3cbca988e520f222a26919cfe32aa10767f869b, for GNU/Linux 3.2.0, stripped
-rwxr-xr-x 1 root root 39080 Mar 6 2020 /usr/bin/uname
/usr/bin/uname: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=3c6ed85f2953ba9adba9b096637d4dffd3ba6a39, for GNU/Linux 3.2.0, stripped
-rwxr-xr-x 1 root root 43144 Mar 6 2020 /usr/bin/mktemp
/usr/bin/mktemp: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=6776df651f7156ede042fcabb649f5ad8fd8b48d, for GNU/Linux 3.2.0, stripped
-rwxr-xr-x 1 root root 724536 Mar 25 16:27 /usr/bin/openssl
/usr/bin/openssl: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=6d7eb3c5bd369d20b4067b2dc6a77847ab225cf1, for GNU/Linux 4.4.0, stripped
-rwxr-xr-x 1 root root 166104 Nov 9 09:41 /usr/bin/grep
/usr/bin/grep: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=f7149922c3141c97b165f0db1f79e6eb6c67de41, for GNU/Linux 3.2.0, stripped
-rwxr-xr-x 1 root root 88232 Mar 6 2020 /usr/bin/stat
/usr/bin/stat: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=c0c3a450d4c6dd4790ed3ec4bb2a55ed565b9094, for GNU/Linux 3.2.0, stripped
-rwxr-xr-x 1 root root 30904 Jun 16 2020 /usr/bin/file
/usr/bin/file: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=04fdf1b09f60d5f7a639ba093727b02c0095a108, for GNU/Linux 3.2.0, stripped
-rwxr-xr-x 1 root root 306648 Feb 3 04:47 /usr/bin/find
/usr/bin/find: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=1a1a693e19d82c53a3d79fac2b187d62b30a8ede, for GNU/Linux 3.2.0, stripped
-rwxr-xr-x 1 root root 47272 Mar 6 2020 /usr/bin/head
/usr/bin/head: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=c767763b6d9a57ff44cb44a933065a3de1a62e2c, for GNU/Linux 3.2.0, stripped
-rwxr-xr-x 1 root root 137504 Feb 13 19:05 /usr/bin/ps
/usr/bin/ps: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=b99e94380824bf78a55afcd5144bdc582a0e8f88, for GNU/Linux 3.2.0, stripped
-rwxr-xr-x 1 root root 51336 Mar 6 2020 /usr/bin/readlink
/usr/bin/readlink: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=02b88db46ade2a852ad113e499d0d11c56c270eb, for GNU/Linux 3.2.0, stripped
-rwxr-xr-x 1 root root 39048 Mar 6 2020 /usr/bin/basename
/usr/bin/basename: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=cd7cdcdc96011f9c0312ff9f41c3cbc24ab02d6e, for GNU/Linux 3.2.0, stripped
-rwxr-xr-x 1 root root 43176 Mar 6 2020 /usr/bin/id
/usr/bin/id: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=c4171c0a9ac61da4c83d25af7338741b9203976b, for GNU/Linux 3.2.0, stripped
-rwxr-xr-x 1 root root 31280 Nov 13 2019 /usr/bin/which
/usr/bin/which: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=190bf80e4b6a9755d2f14659901c512b413d0fe6, for GNU/Linux 3.2.0, stripped
-rwxr-xr-x 1 root root 539688 Jan 10 17:24 /usr/bin/wget
/usr/bin/wget: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=9c0dbe55836a21b926019a6d7971f8bb7fb78087, for GNU/Linux 3.2.0, stripped
-rwxr-xr-x 1 root root 202576 Feb 3 08:00 /usr/bin/curl
/usr/bin/curl: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=d40b88bddd6a14993a5ed9c16ee753da03715204, for GNU/Linux 3.2.0, stripped
-rwxr-xr-x 1 root root 964168 Feb 16 07:39 /usr/bin/readelf
/usr/bin/readelf: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=b9d8dc975599a6ca9c622629a1b2e565985c42a2, for GNU/Linux 4.4.0, stripped
-rwxr-xr-x 1 root root 547352 Feb 11 12:09 /usr/bin/eu-readelf
/usr/bin/eu-readelf: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=3a959fc92d42680175c851e13f7d44411ce08e17, for GNU/Linux 3.2.0, stripped
Command run to produce the error
Any existing file/folder as above. For example:
checksec --file /bin/uname or
checksec --dir /bin/
OS version and Kernel version
Arch Linux and 5.10.27-1-lts
Debug output
Run the same command as above to reproduce the error but include the --debug flag
e.x checksec --debug -f /usr/bin/ls
There is no extra debug output. Note above example is broken - checksec does not accept short opts like -f
Braindump
The --help page suggests that attribute/arguments pairs must be separated with =.
Yet the code itself, explicitly caters for space separated arguments... sort of. In the sense that it considers that space might be used, yet fails to handle the provided argument.
Additionally the bash builtin getopts is used, which handles only short opts, while the checksec handles only long opts leading to some really funky looking code. Might be cleaner/saner to use a simple loop and handle the args manually.
Aside
Would it make sense to auto detect --file and --dir? One could easily do the file/dir check and bail out.
space has been removed in 2.5.0 but plan to bring it back in the future with a larger rework of the function calls
Great nice to hear.
Although looking at this commit - 39 changes files, 3,582 additions and 1,933 deletions. Holly smokes - soooo many unrelated changes in one commit 😢
It was a refactoring to make it easier to maintain as it is now built from source files
The majority of the code didn’t change, it was just reorganized
The majority of the code didn’t change, it was just reorganized
That may be so, yet It's kind of hard to understand without spending hours into it. In particular there are a few hundred lines of white space changes, bunch of stylistic changes and 19 separate helpers. Usually each of those is a separate commit, not clumped-up into one big commit. Here are some nice tips that I would highly recommend.