[*] Binary protection state of sar
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function fprintf tear down of sar
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/bin/sar @ 0x1043c */
| #include <stdint.h>
|
; (fcn) fcn.0001043c () | void fcn_0001043c (int16_t arg1, int16_t arg2, int16_t arg3, int16_t arg4) {
| r0 = arg1;
| r1 = arg2;
| r2 = arg3;
| r3 = arg4;
0x0001043c push {r3, r4, r5, r6, r7, lr} |
0x0001043e mov r7, r2 | r7 = r2;
0x00010440 ldr r4, [pc, 0x40] |
0x00010442 mov r5, r0 | r5 = r0;
0x00010444 movs r0, 1 | r0 = 1;
0x00010446 mov r6, r3 | r6 = r3;
0x00010448 add r4, pc | r4 = 0x208d0;
0x0001044a add.w r2, r4, 0x44 | r2 = r4 + 0x44;
0x0001044e mov r4, r1 | r4 = r1;
0x00010450 ldr r1, [pc, 0x34] |
0x00010452 add r1, pc | r1 = 0x208de;
0x00010454 blx 0x184c | fcn_0000184c ();
| if (r5 == 0) {
0x00010458 cbz r5, 0x10478 | goto label_0;
| }
0x0001045a mov r2, r7 | r2 = r7;
0x0001045c mov r1, r4 | r1 = r4;
0x0001045e movs r0, 1 | r0 = 1;
0x00010460 blx 0x184c | fcn_0000184c ();
| do {
0x00010464 ldr r2, [pc, 0x24] |
0x00010466 movs r0, 1 | r0 = 1;
0x00010468 ldr r1, [pc, 0x24] |
0x0001046a pop.w {r3, r4, r5, r6, r7, lr} |
0x0001046e add r2, pc | r2 = 0x208fe;
0x00010470 add r1, pc | r1 = 0x20904;
0x00010472 adds r2, 0x74 | r2 += 0x74;
0x00010474 b.w 0x1848 | void (*0x1848)() ();
| label_0:
0x00010478 mov r2, r6 | r2 = r6;
0x0001047a mov r1, r4 | r1 = r4;
0x0001047c movs r0, 1 | r0 = 1;
0x0001047e blx 0x184c | fcn_0000184c ();
0x00010482 b 0x10464 |
| } while (1);
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/bin/sar @ 0x10494 */
| #include <stdint.h>
|
; (fcn) fcn.00010494 () | void fcn_00010494 (uint32_t arg1, int16_t arg2, int16_t arg3) {
| r0 = arg1;
| r1 = arg2;
| r2 = arg3;
0x00010494 cmp r0, 1 |
0x00010496 push {r3, r4, r5, lr} |
0x00010498 mov r4, r1 | r4 = r1;
0x0001049a mov r5, r2 | r5 = r2;
| if (r0 == 1) {
0x0001049c beq 0x104e6 | goto label_1;
| }
0x0001049e cmp r0, 4 |
| if (r0 == 4) {
0x000104a0 beq 0x104f6 | goto label_2;
| }
0x000104a2 cmp r0, 2 |
| if (r0 == 2) {
0x000104a4 beq 0x104d4 | goto label_3;
| }
0x000104a6 ldr r2, [pc, 0x60] |
0x000104a8 movs r0, 1 | r0 = 1;
0x000104aa ldr r1, [pc, 0x60] |
0x000104ac add r2, pc | r2 = 0x209ba;
0x000104ae add r1, pc | r1 = 0x209c0;
0x000104b0 adds r2, 0x54 | r2 += 0x54;
0x000104b2 blx 0x184c | fcn_0000184c ();
| do {
| label_0:
0x000104b6 mov r2, r5 | r2 = r5;
0x000104b8 mov r1, r4 | r1 = r4;
0x000104ba movs r0, 1 | r0 = 1;
0x000104bc blx 0x184c | fcn_0000184c ();
0x000104c0 ldr r2, [pc, 0x4c] |
0x000104c2 movs r0, 1 | r0 = 1;
0x000104c4 ldr r1, [pc, 0x4c] |
0x000104c6 pop.w {r3, r4, r5, lr} |
0x000104ca add r2, pc | r2 = 0x209de;
0x000104cc add r1, pc | r1 = 0x209e4;
0x000104ce adds r2, 0x74 | r2 += 0x74;
0x000104d0 b.w 0x1848 | void (*0x1848)() ();
| label_3:
0x000104d4 ldr r2, [pc, 0x40] |
0x000104d6 movs r0, 1 | r0 = 1;
0x000104d8 ldr r1, [pc, 0x40] |
0x000104da add r2, pc | r2 = 0x209f6;
0x000104dc add r1, pc | r1 = 0x209fc;
0x000104de adds r2, 0x64 | r2 += 0x64;
0x000104e0 blx 0x184c | fcn_0000184c ();
0x000104e4 b 0x104b6 |
| } while (1);
| label_1:
0x000104e6 ldr r2, [pc, 0x38] |
0x000104e8 ldr r1, [pc, 0x38] |
0x000104ea add r2, pc | r2 = 0x20a10;
0x000104ec add r1, pc | r1 = 0x20a14;
0x000104ee adds r2, 0x34 | r2 += 0x34;
0x000104f0 blx 0x184c | fcn_0000184c ();
0x000104f4 b 0x104b6 | goto label_0;
| label_2:
0x000104f6 ldr r2, [pc, 0x30] |
0x000104f8 movs r0, 1 | r0 = 1;
0x000104fa ldr r1, [pc, 0x30] |
0x000104fc add r2, pc | r2 = 0x20a2a;
0x000104fe add r1, pc | r1 = 0x20a30;
0x00010500 adds r2, 0x24 | r2 += 0x24;
0x00010502 blx 0x184c | fcn_0000184c ();
0x00010506 b 0x104b6 | goto label_0;
| }
[*] Function fprintf used 1 times sar
