[*] Binary protection state of libaprutil-1.so.0.6.1
Full RELRO Canary found NX enabled DSO No RPATH No RUNPATH No Symbols
[*] Function fprintf tear down of libaprutil-1.so.0.6.1
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libaprutil-1.so.0.6.1 @ 0x7d5c */
| #include <stdint.h>
|
; (fcn) sym.apr_brigade_writev () | void apr_brigade_writev (int16_t arg_40h, int16_t arg1, int16_t arg2, int16_t arg3, int16_t arg4) {
| int16_t var_0h;
| int16_t var_4h;
| int16_t var_8h;
| int16_t var_ch;
| int16_t var_10h;
| int16_t var_14h;
| r0 = arg1;
| r1 = arg2;
| r2 = arg3;
| r3 = arg4;
0x00007d5c svcmi 0xf0e92d | __asm ("svcmi aav.0x000000ff");
0x00007d60 sub sp, 0x1c |
0x00007d62 mov r7, r3 | r7 = r3;
0x00007d64 ldr.w sb, [sp, 0x40] | sb = *(arg_40h);
0x00007d68 mov fp, r2 |
0x00007d6a adds r2, r0, 4 | r2 = r0 + 4;
0x00007d6c ldr r3, [pc, 0x260] |
0x00007d6e mov r4, r0 | r4 = r0;
0x00007d70 str r2, [sp] | *(sp) = r2;
0x00007d72 add r3, pc | r3 = 0xfd46;
0x00007d74 cmp.w sb, 0 |
| if (sb == 0) {
0x00007d78 beq 0x7e76 | goto label_7;
| }
0x00007d7a lsl.w r5, sb, 3 | r5 = sb << 3;
0x00007d7e mov r8, r1 | r8 = r1;
0x00007d80 mov r2, r7 | r2 = r7;
0x00007d82 movs r6, 0 | r6 = 0;
0x00007d84 adds r0, r7, r5 | r0 = r7 + r5;
| do {
0x00007d86 ldr r1, [r2, 4] | r1 = *((r2 + 4));
0x00007d88 adds r2, 8 | r2 += 8;
0x00007d8a cmp r0, r2 |
0x00007d8c add r6, r1 | r6 += r1;
0x00007d8e bne 0x7d86 |
| } while (r0 != r2);
0x00007d90 cmp.w r6, 0x1f40 |
| if (r6 < 0x1f40) {
0x00007d94 bls 0x7dd2 | goto label_8;
| }
0x00007d96 cmp.w r8, 0 |
| if (r8 == 0) {
0x00007d9a beq 0x7e44 | goto label_9;
| }
0x00007d9c ldr r6, [sp] | r6 = *(sp);
0x00007d9e movs r5, 0 | r5 = 0;
0x00007da0 add.w sl, r7, 4 | sl = r7 + 4;
| do {
0x00007da4 ldr.w r1, [sl, r5, lsl 3] | offset_0 = r5 << 3;
| r1 = *((sl + offset_0));
0x00007da8 ldr.w r0, [r7, r5, lsl 3] | offset_1 = r5 << 3;
| r0 = *((r7 + offset_1));
0x00007dac adds r5, 1 | r5++;
0x00007dae ldr r2, [r4, 0xc] | r2 = *((r4 + 0xc));
0x00007db0 blx 0x6a48 | r0 = fcn_00006a48 ();
0x00007db4 str r6, [r0] | *(r0) = r6;
0x00007db6 cmp sb, r5 |
0x00007db8 ldr r3, [r4, 8] | r3 = *((r4 + 8));
0x00007dba str r3, [r0, 4] | *((r0 + 4)) = r3;
0x00007dbc ldr r3, [r4, 8] | r3 = *((r4 + 8));
0x00007dbe str r0, [r3] | *(r3) = r0;
0x00007dc0 str r0, [r4, 8] | *((r4 + 8)) = r0;
0x00007dc2 bne 0x7da4 |
| } while (sb != r5);
0x00007dc4 mov r1, fp | r1 = fp;
0x00007dc6 mov r0, r4 | r0 = r4;
0x00007dc8 mov r3, r8 | r3 = r8;
0x00007dca add sp, 0x1c |
0x00007dcc pop.w {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x00007dd0 bx r3 | return uint32_t (*r3)() ();
| label_8:
0x00007dd2 ldr r2, [r4, 8] | r2 = *((r4 + 8));
0x00007dd4 ldr r1, [sp] | r1 = *(sp);
0x00007dd6 str r2, [sp, 4] | var_4h = r2;
0x00007dd8 ldr r2, [r4, 4] | r2 = *((r4 + 4));
0x00007dda cmp r2, r1 |
| if (r2 != r1) {
0x00007ddc beq 0x7dea |
0x00007dde ldr r2, [pc, 0x1f4] | r2 = *(0x7fd6);
0x00007de0 ldr r1, [sp, 4] | r1 = var_4h;
0x00007de2 ldr r2, [r3, r2] | r2 = *((r3 + r2));
0x00007de4 ldr r1, [r1, 8] | r1 = *((r1 + 8));
0x00007de6 cmp r1, r2 |
| if (r1 == r2) {
0x00007de8 beq 0x7ec2 | goto label_10;
| }
| }
0x00007dea ldr r1, [r4, 0xc] | r1 = *((r4 + 0xc));
0x00007dec mov.w r0, 0x1f40 | r0 = 0x1f40;
0x00007df0 str r3, [sp, 4] | var_4h = r3;
0x00007df2 movs r5, 0 | r5 = 0;
0x00007df4 blx 0x7170 | apr_pool_destroy ();
0x00007df8 ldr r3, [sp, 4] | r3 = var_4h;
0x00007dfa mov.w r1, 0x1f40 | r1 = 0x1f40;
0x00007dfe ldr r2, [pc, 0x1d8] | r2 = *(0x7fda);
0x00007e00 mov r8, r0 | r8 = r0;
0x00007e02 ldr r2, [r3, r2] | r2 = *((r3 + r2));
0x00007e04 ldr r3, [r4, 0xc] | r3 = *((r4 + 0xc));
0x00007e06 blx 0x7514 | fcn_00007514 ();
0x00007e0a str r0, [sp, 4] | var_4h = r0;
| label_0:
0x00007e0c add.w sl, r7, 4 | sl = r7 + 4;
0x00007e10 mov fp, r7 |
| do {
0x00007e12 ldr.w r7, [sl, r5, lsl 3] | offset_2 = r5 << 3;
| r7 = *((sl + offset_2));
0x00007e16 mov r0, r8 | r0 = r8;
0x00007e18 ldr.w r1, [fp, r5, lsl 3] | offset_3 = r5 << 3;
| r1 = *((fp + offset_3));
0x00007e1c adds r5, 1 | r5++;
0x00007e1e mov r2, r7 | r2 = r7;
0x00007e20 add r8, r7 | r8 += r7;
0x00007e22 blx 0x6a84 | fcn_00006a84 ();
0x00007e26 cmp sb, r5 |
0x00007e28 bhi 0x7e12 |
| } while (sb > r5);
| label_1:
0x00007e2a ldrd r3, r2, [sp] | __asm ("ldrd r3, r2, [sp]");
0x00007e2e movs r0, 0 | r0 = 0;
0x00007e30 str r3, [r2] | *(r2) = r3;
0x00007e32 ldr r3, [r4, 8] | r3 = *((r4 + 8));
0x00007e34 str r6, [r2, 0xc] | *((r2 + 0xc)) = r6;
0x00007e36 str r3, [r2, 4] | *((r2 + 4)) = r3;
0x00007e38 ldr r3, [r4, 8] | r3 = *((r4 + 8));
0x00007e3a str r2, [r3] | *(r3) = r2;
0x00007e3c str r2, [r4, 8] | *((r4 + 8)) = r2;
| label_3:
0x00007e3e add sp, 0x1c |
0x00007e40 pop.w {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| label_9:
0x00007e44 ldr r5, [sp] | r5 = *(sp);
0x00007e46 add.w sl, r7, 4 | sl = r7 + 4;
| do {
0x00007e4a ldr r3, [r4, 0xc] | r3 = *((r4 + 0xc));
0x00007e4c movs r2, 0 | r2 = 0;
0x00007e4e ldr.w r1, [sl, r8, lsl 3] | offset_4 = r8 << 3;
| r1 = *((sl + offset_4));
0x00007e52 ldr.w r0, [r7, r8, lsl 3] | offset_5 = r8 << 3;
| r0 = *((r7 + offset_5));
0x00007e56 add.w r8, r8, 1 | r8++;
0x00007e5a blx 0x7514 | r0 = fcn_00007514 ();
0x00007e5e str r5, [r0] | *(r0) = r5;
0x00007e60 cmp sb, r8 |
0x00007e62 ldr r3, [r4, 8] | r3 = *((r4 + 8));
0x00007e64 str r3, [r0, 4] | *((r0 + 4)) = r3;
0x00007e66 ldr r3, [r4, 8] | r3 = *((r4 + 8));
0x00007e68 str r0, [r3] | *(r3) = r0;
0x00007e6a str r0, [r4, 8] | *((r4 + 8)) = r0;
0x00007e6c bne 0x7e4a |
| } while (sb != r8);
0x00007e6e movs r0, 0 | r0 = 0;
0x00007e70 add sp, 0x1c |
0x00007e72 pop.w {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| label_7:
0x00007e76 ldr r2, [r0, 8] | r2 = *((r0 + 8));
0x00007e78 adds r1, r0, 4 | r1 = r0 + 4;
0x00007e7a str r2, [sp, 4] | var_4h = r2;
0x00007e7c ldr r2, [r0, 4] | r2 = *((r0 + 4));
0x00007e7e cmp r2, r1 |
| if (r2 == r1) {
0x00007e80 beq 0x7f4e | goto label_11;
| }
0x00007e82 ldr r2, [pc, 0x150] | r2 = *(0x7fd6);
0x00007e84 ldr r1, [sp, 4] | r1 = var_4h;
0x00007e86 ldr r2, [r3, r2] | r2 = *((r3 + r2));
0x00007e88 ldr r1, [r1, 8] | r1 = *((r1 + 8));
0x00007e8a cmp r1, r2 |
| if (r1 != r2) {
0x00007e8c bne 0x7f4e | goto label_11;
| }
0x00007e8e ldr r2, [sp, 4] | r2 = var_4h;
0x00007e90 ldr r2, [r2, 0x18] | r2 = *((r2 + 0x18));
0x00007e92 ldr r2, [r2] | r2 = *(r2);
0x00007e94 cmp r2, 1 |
| if (r2 == 1) {
0x00007e96 beq 0x7f98 | goto label_12;
| }
0x00007e98 mov r5, sb | r5 = sb;
0x00007e9a mov r6, sb | r6 = sb;
| label_2:
0x00007e9c ldr r1, [r4, 0xc] | r1 = *((r4 + 0xc));
0x00007e9e mov.w r0, 0x1f40 | r0 = 0x1f40;
0x00007ea2 str r3, [sp, 4] | var_4h = r3;
0x00007ea4 blx 0x7170 | apr_pool_destroy ();
0x00007ea8 ldr r3, [sp, 4] | r3 = var_4h;
0x00007eaa mov.w r1, 0x1f40 | r1 = 0x1f40;
0x00007eae ldr r2, [pc, 0x128] | r2 = *(0x7fda);
0x00007eb0 mov r8, r0 | r8 = r0;
0x00007eb2 ldr r2, [r3, r2] | r2 = *((r3 + r2));
0x00007eb4 ldr r3, [r4, 0xc] | r3 = *((r4 + 0xc));
0x00007eb6 blx 0x7514 | fcn_00007514 ();
0x00007eba cmp r5, sb |
0x00007ebc str r0, [sp, 4] | var_4h = r0;
| if (r5 <= sb) {
0x00007ebe blo 0x7e0c | goto label_0;
| }
0x00007ec0 b 0x7e2a | goto label_1;
| label_10:
0x00007ec2 ldr r1, [sp, 4] | r1 = var_4h;
0x00007ec4 ldr r0, [r1, 0x18] | r0 = *((r1 + 0x18));
0x00007ec6 ldr r2, [r0] | r2 = *(r0);
0x00007ec8 cmp r2, 1 |
0x00007eca it ne |
| if (r2 != 1) {
0x00007ecc movne r5, 0 | r5 = 0;
| goto label_13;
| }
| if (r2 != 1) {
| label_13:
0x00007ece bne 0x7e9c | goto label_2;
| }
0x00007ed0 ldrd lr, r1, [r1, 0xc] | __asm ("ldrd lr, r1, [r1, 0xc]");
0x00007ed4 ldrd r0, ip, [r0, 4] | __asm ("ldrd r0, ip, [r0, 4]");
0x00007ed8 add r1, lr | r1 += lr;
0x00007eda sub.w r2, ip, r1 | r2 = ip - r1;
0x00007ede adds r1, r0, r1 | r1 = r0 + r1;
0x00007ee0 cmp r2, r6 |
0x00007ee2 str r2, [sp, 0xc] | var_ch = r2;
0x00007ee4 str r1, [sp, 8] | var_8h = r1;
| if (r2 >= r6) {
0x00007ee6 bhs 0x7fac | goto label_14;
| }
0x00007ee8 mov r5, sb | r5 = sb;
0x00007eea cmp.w sb, 0 |
| if (sb == 0) {
0x00007eee beq 0x7f86 | goto label_15;
| }
0x00007ef0 ldr r2, [sp, 8] | r2 = var_8h;
0x00007ef2 movs r5, 0 | r5 = 0;
0x00007ef4 str r6, [sp, 0x10] | var_10h = r6;
0x00007ef6 add.w sl, r7, 4 | sl = r7 + 4;
0x00007efa ldr r6, [sp, 0xc] | r6 = var_ch;
0x00007efc str r3, [sp, 0x14] | var_14h = r3;
0x00007efe str r4, [sp, 0xc] | var_ch = r4;
0x00007f00 mov r4, r2 | r4 = r2;
0x00007f02 b 0x7f16 |
| while (r2 < r6) {
0x00007f04 ldr.w r1, [r7, r5, lsl 3] | offset_6 = r5 << 3;
| r1 = *((r7 + offset_6));
0x00007f08 mov r0, r4 | r0 = r4;
0x00007f0a adds r5, 1 | r5++;
0x00007f0c add r4, r2 | r4 += r2;
0x00007f0e blx 0x6a84 | fcn_00006a84 ();
0x00007f12 cmp sb, r5 |
| if (sb == r5) {
0x00007f14 beq 0x7f70 | goto label_16;
| }
0x00007f16 ldr.w r2, [sl, r5, lsl 3] | offset_7 = r5 << 3;
| r2 = *((sl + offset_7));
0x00007f1a cmp r2, r6 |
0x00007f1c sub.w r6, r6, r2 | r6 -= r2;
0x00007f20 bls 0x7f04 |
| }
0x00007f22 ldr r0, [sp, 4] | r0 = var_4h;
0x00007f24 mov r2, r4 | r2 = r4;
0x00007f26 ldr r1, [sp, 8] | r1 = var_8h;
0x00007f28 ldrd r4, r6, [sp, 0xc] | __asm ("ldrd r4, r6, [var_ch]");
0x00007f2c ldr r3, [sp, 0x14] | r3 = var_14h;
0x00007f2e subs r1, r2, r1 | r1 = r2 - r1;
0x00007f30 ldr r2, [r0, 0xc] | r2 = *((r0 + 0xc));
0x00007f32 subs r6, r6, r1 | r6 -= r1;
0x00007f34 add r2, r1 | r2 += r1;
0x00007f36 str r2, [r0, 0xc] | *((r0 + 0xc)) = r2;
0x00007f38 cmp.w r8, 0 |
| if (r8 == 0) {
0x00007f3c beq 0x7e9c | goto label_2;
| }
| label_4:
0x00007f3e str r3, [sp, 4] | var_4h = r3;
0x00007f40 mov r1, fp | r1 = fp;
0x00007f42 mov r0, r4 | r0 = r4;
0x00007f44 blx r8 | uint32_t (*r8)(uint32_t, uint32_t, uint32_t) (r0, r1, r3);
0x00007f46 ldr r3, [sp, 4] | r3 = var_4h;
0x00007f48 cmp r0, 0 |
| if (r0 == 0) {
0x00007f4a beq 0x7e9c | goto label_2;
| }
0x00007f4c b 0x7e3e | goto label_3;
| label_11:
0x00007f4e ldr r1, [r4, 0xc] | r1 = *((r4 + 0xc));
0x00007f50 mov r6, sb | r6 = sb;
0x00007f52 str r3, [sp, 4] | var_4h = r3;
| label_5:
0x00007f54 mov.w r0, 0x1f40 | r0 = 0x1f40;
0x00007f58 blx 0x7170 | apr_pool_destroy ();
0x00007f5c ldr r3, [sp, 4] | r3 = var_4h;
0x00007f5e mov.w r1, 0x1f40 | r1 = 0x1f40;
0x00007f62 ldr r2, [pc, 0x74] | r2 = *(0x7fda);
0x00007f64 ldr r2, [r3, r2] | r2 = *((r3 + r2));
0x00007f66 ldr r3, [r4, 0xc] | r3 = *((r4 + 0xc));
0x00007f68 blx 0x7514 | fcn_00007514 ();
0x00007f6c str r0, [sp, 4] | var_4h = r0;
0x00007f6e b 0x7e2a | goto label_1;
| label_16:
0x00007f70 ldr r1, [sp, 8] | r1 = var_8h;
0x00007f72 mov r2, r4 | r2 = r4;
0x00007f74 ldrd r4, r6, [sp, 0xc] | __asm ("ldrd r4, r6, [var_ch]");
0x00007f78 ldr r3, [sp, 0x14] | r3 = var_14h;
0x00007f7a subs r2, r2, r1 | r2 -= r1;
0x00007f7c ldr r1, [sp, 4] | r1 = var_4h;
0x00007f7e subs r6, r6, r2 | r6 -= r2;
0x00007f80 ldr r1, [r1, 0xc] | r1 = *((r1 + 0xc));
0x00007f82 add.w lr, r2, r1 | lr = r2 + r1;
| label_15:
0x00007f86 ldr r2, [sp, 4] | r2 = var_4h;
0x00007f88 str.w lr, [r2, 0xc] | __asm ("str.w lr, [r2, 0xc]");
0x00007f8c cmp.w r8, 0 |
| if (r8 != 0) {
0x00007f90 bne 0x7f3e | goto label_4;
| }
0x00007f92 ldr r1, [r4, 0xc] | r1 = *((r4 + 0xc));
0x00007f94 str r3, [sp, 4] | var_4h = r3;
0x00007f96 b 0x7f54 | goto label_5;
| label_12:
0x00007f98 ldr r3, [sp, 4] | r3 = var_4h;
0x00007f9a mov r6, sb | r6 = sb;
0x00007f9c ldr.w lr, [r3, 0xc] |
| do {
| label_6:
0x00007fa0 ldr r3, [sp, 4] | r3 = var_4h;
0x00007fa2 add.w r2, lr, r6 | r2 = lr + r6;
0x00007fa6 movs r0, 0 | r0 = 0;
0x00007fa8 str r2, [r3, 0xc] | *((r3 + 0xc)) = r2;
0x00007faa b 0x7e3e | goto label_3;
| label_14:
0x00007fac cmp.w sb, 0 |
0x00007fb0 beq 0x7fa0 |
| } while (sb == 0);
0x00007fb2 ldr r4, [sp, 8] | r4 = var_8h;
0x00007fb4 add r5, r7 | r5 += r7;
| do {
0x00007fb6 ldr r2, [r7, 4] | r2 = *((r7 + 4));
0x00007fb8 mov r0, r4 | r0 = r4;
0x00007fba ldr r1, [r7], 8 | r1 = *(r7);
| r7 += 8;
0x00007fbe add r4, r2 | r4 += r2;
0x00007fc0 blx 0x6a84 | fcn_00006a84 ();
0x00007fc4 cmp r5, r7 |
0x00007fc6 bne 0x7fb6 |
| } while (r5 != r7);
0x00007fc8 ldr r3, [sp, 4] | r3 = var_4h;
0x00007fca ldr.w lr, [r3, 0xc] |
0x00007fce b 0x7fa0 | goto label_6;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libaprutil-1.so.0.6.1 @ 0x8de4 */
| #include <stdint.h>
|
; (fcn) sym.apr_bucket_shared_split () | void apr_bucket_shared_split (int16_t arg1) {
| r0 = arg1;
0x00008de4 push {r4, lr} |
0x00008de6 ldr r4, [r0, 0x18] | r4 = *((r0 + 0x18));
0x00008de8 blx 0x73c8 | r0 = fcn_000073c8 ();
| if (r0 == 0) {
0x00008dec cbnz r0, 0x8df4 |
0x00008dee ldr r3, [r4] | r3 = *(r4);
0x00008df0 adds r3, 1 | r3++;
0x00008df2 str r3, [r4] | *(r4) = r3;
| }
0x00008df4 pop {r4, pc} |
| }
[*] Function fprintf used 1 times libaprutil-1.so.0.6.1
