Move some comments into generate_argv_with_sh

david942j · Aug 13, 2023 · 6c229b2 · 6c229b2
1 parent 927df0b
commit 6c229b2
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/lib/one_gadget/fetchers/base.rb b/lib/one_gadget/fetchers/base.rb
@@ -131,10 +131,6 @@ def check_stack_argv(processor, lmda, allow_null)
         return if argv_already_valid?(argv)
 
         if global_var?(argv[0])
-          # argv[0] is not controlled by the user, argv[0] probably is "/bin/sh" or "sh" (but actually, the content of
-          # argv[0] doesn't quite matter, just need to make sure it's readable)
-          # So far (I checked glibc 2.37), we can make argv to be {"/bin/sh", sth, NULL} or {"sh", "-c", sth, NULL}
-          # TODO: We need to update this when the above assumption is no longer true
           return generate_argv_with_sh(argv)
         end
 
@@ -146,6 +142,10 @@ def argv_already_valid?(argv)
       end
 
       def generate_argv_with_sh(argv)
+        # argv[0] is not controlled by the user, argv[0] probably is "/bin/sh" or "sh" (but actually, the content of
+        # argv[0] doesn't quite matter, just need to make sure it's readable)
+        # So far (I checked glibc 2.37), we can make argv to be {"/bin/sh", sth, NULL} or {"sh", "-c", sth, NULL}
+        # TODO: We need to update this when the above assumption is no longer true
         if argv[2] == '0' && !global_var?(argv[1])
           "#{argv[1]} == NULL || {\"/bin/sh\", #{argv[1]}, NULL} is a valid argv"
         else