[*] Binary protection state of libapiutil.so.0.0
Full RELRO Canary found NX enabled DSO No RPATH No RUNPATH No Symbols
[*] Function mmap tear down of libapiutil.so.0.0
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libapiutil.so.0.0 @ 0xa2f4 */
| #include <stdint.h>
|
; (fcn) sym.api_client_call_decode () | void api_client_call_decode (int16_t arg1, int16_t arg2, int16_t arg3) {
| int16_t var_0h;
| r0 = arg1;
| r1 = arg2;
| r2 = arg3;
| label_0:
0x00004530 invalid | void (*0x4534)() ();
0x0000a2f4 push.w {r4, r5, r6, r7, r8, sb, sl, lr} |
0x0000a2f8 mov r8, r1 | r8 = r1;
0x0000a2fa ldr r7, [r0, 0x18] | r7 = *((r0 + 0x18));
0x0000a2fc sub sp, 8 |
0x0000a2fe mov sb, r2 | sb = r2;
0x0000a300 ldr.w sl, [pc, 0xd0] | sl = *(0x0000a3d4);
0x0000a304 ldrb r3, [r7] | r3 = *(r7);
0x0000a306 add sl, pc | sl += pc;
0x0000a308 cmp r3, 0x7b |
| if (r3 != 0x7b) {
0x0000a30a bne 0xa37c | goto label_5;
| }
0x0000a30c ldrb r4, [r7, 1] | r4 = *((r7 + 1));
0x0000a30e mov r6, r0 | r6 = r0;
0x0000a310 adds r5, r7, 1 | r5 = r7 + 1;
| if (r4 == 0) {
0x0000a312 cbz r4, 0xa32a | goto label_6;
| }
0x0000a314 blx 0x4254 | r0 = fcn_00004254 ();
0x0000a318 ldr r3, [r0] | r3 = *(r0);
0x0000a31a b 0xa322 |
| while (r2 < r4) {
0x0000a31c ldrb r4, [r5, 1]! | r4 = *((r5 += 1));
| if (r4 == 0) {
0x0000a320 cbz r4, 0xa32a | goto label_6;
| }
0x0000a322 ldrh.w r4, [r3, r4, lsl 1] | offset_0 = r4 << 1;
| r4 = *((r3 + offset_0));
0x0000a326 lsls r2, r4, 0x12 | r2 = r4 << 0x12;
0x0000a328 bmi 0xa31c |
| }
| label_6:
0x0000a32a ldr r1, [pc, 0xac] |
0x0000a32c movs r2, 9 | r2 = 9;
0x0000a32e mov r0, r5 | r0 = r5;
0x0000a330 add r1, pc | r1 = 0x1470e;
0x0000a332 blx 0x46bc | r0 = fcn_000046bc ();
| if (r0 != 0) {
0x0000a336 cbnz r0, 0xa36a | goto label_7;
| }
| label_1:
0x0000a338 ldr r4, [r6, 0x50] | r4 = *((r6 + 0x50));
0x0000a33a cmp r4, 0 |
| if (r4 == 0) {
0x0000a33c beq 0xa3b4 | goto label_8;
| }
| label_4:
0x0000a33e ldr r3, [pc, 0x9c] | r3 = *(0xa3de);
0x0000a340 mov r1, r7 | r1 = r7;
0x0000a342 mov r2, r4 | r2 = r4;
0x0000a344 mov r0, r6 | r0 = r6;
0x0000a346 ldr.w r3, [sl, r3] | r3 = *((sl + r3));
0x0000a34a blx 0x4534 | fcn_00004534 ();
0x0000a34e ldr r7, [r4, 0x14] | r7 = *((r4 + 0x14));
| if (r7 == 0) {
0x0000a350 cbz r7, 0xa390 | goto label_9;
| }
| label_2:
0x0000a352 ldr r3, [r6, 0x30] | r3 = *((r6 + 0x30));
0x0000a354 str r7, [r6, 0x18] | *((r6 + 0x18)) = r7;
| if (r3 != 0) {
0x0000a356 cbnz r3, 0xa38a | goto label_3;
| }
| do {
0x0000a358 mov r3, sb | r3 = sb;
0x0000a35a mov r2, r8 | r2 = r8;
0x0000a35c mov r1, r7 | r1 = r7;
0x0000a35e mov r0, r6 | r0 = r6;
0x0000a360 add sp, 8 |
0x0000a362 pop.w {r4, r5, r6, r7, r8, sb, sl, lr} |
0x0000a366 b.w 0x4530 | goto label_0;
| label_7:
0x0000a36a ldr r1, [pc, 0x74] |
0x0000a36c mov r0, r5 | r0 = r5;
0x0000a36e movs r2, 0xc | r2 = 0xc;
0x0000a370 add r1, pc | r1 = 0x14756;
0x0000a372 blx 0x46bc | r0 = fcn_000046bc ();
0x0000a376 cmp r0, 0 |
0x0000a378 bne 0xa358 |
| } while (r0 != 0);
0x0000a37a b 0xa338 | goto label_1;
| label_5:
0x0000a37c movs r4, 0 | r4 = 0;
0x0000a37e mov r3, r2 | r3 = r2;
0x0000a380 str r4, [sp] | *(sp) = r4;
0x0000a382 mov r2, r1 | r2 = r1;
0x0000a384 mov r1, r7 | r1 = r7;
0x0000a386 blx 0x4048 | fcn_00004048 ();
| label_3:
0x0000a38a add sp, 8 |
0x0000a38c pop.w {r4, r5, r6, r7, r8, sb, sl, pc} |
| label_9:
0x0000a390 ldr r7, [r4, 0x18] | r7 = *((r4 + 0x18));
0x0000a392 cmp r7, 0 |
| if (r7 != 0) {
0x0000a394 bne 0xa352 | goto label_2;
| }
0x0000a396 ldr r3, [r4, 0x1c] | r3 = *((r4 + 0x1c));
| if (r3 == 0) {
0x0000a398 cbz r3, 0xa3c6 | goto label_10;
| }
0x0000a39a ldrd r3, r4, [r3, 4] | __asm ("ldrd r3, r4, [r3, 4]");
0x0000a39e movs r2, 0xd | r2 = 0xd;
0x0000a3a0 str r2, [r6, 0x30] | *((r6 + 0x30)) = r2;
0x0000a3a2 str r3, [r6, 0x38] | *((r6 + 0x38)) = r3;
0x0000a3a4 cmp r4, 0 |
| if (r4 == 0) {
0x0000a3a6 beq 0xa38a | goto label_3;
| }
0x0000a3a8 ldm r4!, {r0, r1, r2, r3} | r0 = *(r4!);
| r1 = *((r4! + 4));
| r2 = *((r4! + 8));
| r3 = *((r4! + 12));
0x0000a3aa adds r6, 0x3c | r6 += 0x3c;
0x0000a3ac stm r6!, {r0, r1, r2, r3} | *(r6!) = r0;
| *((r6! + 4)) = r1;
| *((r6! + 8)) = r2;
| *((r6! + 12)) = r3;
0x0000a3ae ldr r3, [r4] | r3 = *(r4);
0x0000a3b0 str r3, [r6] | *(r6) = r3;
0x0000a3b2 b 0xa38a | goto label_3;
| label_8:
0x0000a3b4 movs r1, 0x24 | r1 = 0x24;
0x0000a3b6 add.w r0, r6, 0x58 | r0 = r6 + 0x58;
0x0000a3ba blx 0x4064 | strcasecmp (r0, r1);
0x0000a3be ldr r7, [r6, 0x18] | r7 = *((r6 + 0x18));
0x0000a3c0 mov r4, r0 | r4 = r0;
0x0000a3c2 str r0, [r6, 0x50] | *((r6 + 0x50)) = r0;
0x0000a3c4 b 0xa33e | goto label_4;
| label_10:
0x0000a3c6 ldr r3, [pc, 0x1c] |
0x0000a3c8 movs r2, 6 | r2 = 6;
0x0000a3ca str r2, [r6, 0x30] | *((r6 + 0x30)) = r2;
0x0000a3cc add r3, pc | r3 = 0x147b6;
0x0000a3ce str r3, [r6, 0x38] | *((r6 + 0x38)) = r3;
0x0000a3d0 b 0xa38a | goto label_3;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libapiutil.so.0.0 @ 0x8868 */
| #include <stdint.h>
|
; (fcn) sym.api_parse_request () | void api_parse_request (int16_t arg1, int16_t arg2, int16_t arg3, int16_t arg4) {
| int16_t var_0h;
| r0 = arg1;
| r1 = arg2;
| r2 = arg3;
| r3 = arg4;
0x00008868 push.w {r4, r5, r6, r7, r8, sb, sl, lr} |
0x0000886c sub sp, 8 |
0x0000886e mov r5, r0 | r5 = r0;
0x00008870 mov r6, r2 | r6 = r2;
0x00008872 mov r7, r3 | r7 = r3;
0x00008874 mov r8, r1 | r8 = r1;
0x00008876 blx 0x471c | r0 = fcn_0000471c ();
0x0000887a cmp r0, 1 |
| if (r0 >= 1) {
0x0000887c bls 0x88ae |
0x0000887e cmp r0, 2 |
| if (r0 == 2) {
0x00008880 beq 0x8914 | goto label_2;
| }
0x00008882 subs r3, r0, 3 | r3 = r0 - 3;
0x00008884 cmp r3, 1 |
| if (r3 < 1) {
0x00008886 bls 0x890c | goto label_3;
| }
0x00008888 cmp r0, 5 |
0x0000888a it ne |
| if (r0 == 5) {
0x0000888c movne r0, -1 | r0 = -1;
| }
| if (r0 == 5) {
0x00008890 bne 0x88a8 |
0x00008892 ldr r1, [pc, 0xcc] |
0x00008894 movs r3, 7 | r3 = 7;
0x00008896 add r1, pc | r1 = "null";
| label_1:
0x00008898 str r3, [r5, 0x30] | *((r5 + 0x30)) = r3;
0x0000889a add.w r0, r5, 0x58 | r0 = r5 + 0x58;
0x0000889e blx 0x411c | r0 = fcn_0000411c ();
0x000088a2 mov r3, r0 | r3 = r0;
0x000088a4 movs r0, 0 | r0 = 0;
0x000088a6 str r3, [r5, 0x38] | *((r5 + 0x38)) = r3;
| }
| label_0:
0x000088a8 add sp, 8 |
0x000088aa pop.w {r4, r5, r6, r7, r8, sb, sl, pc} |
| }
0x000088ae ldr r4, [r5, 8] | r4 = *((r5 + 8));
| if (r4 == 0) {
0x000088b0 cbz r4, 0x88f0 | goto label_4;
| }
0x000088b2 cmp r8, r4 |
| if (r8 > r4) {
0x000088b4 blo 0x88be |
0x000088b6 ldr r3, [r5, 0xc] | r3 = *((r5 + 0xc));
0x000088b8 add r3, r4 | r3 += r4;
0x000088ba cmp r8, r3 |
| if (r8 < r3) {
0x000088bc bls 0x88f0 | goto label_4;
| }
| }
0x000088be mov r0, r4 | r0 = r4;
0x000088c0 mov.w sl, 0 | sl = 0;
0x000088c4 blx 0x42f4 | r0 = fcn_000042f4 ();
0x000088c8 add.w sb, r4, r0 | sb = r4 + r0;
| do {
0x000088cc mov r1, r4 | r1 = r4;
0x000088ce mov r3, r7 | r3 = r7;
0x000088d0 mov r2, r6 | r2 = r6;
0x000088d2 mov r0, r5 | r0 = r5;
0x000088d4 str.w sl, [sp] | __asm ("str.w sl, [sp]");
0x000088d8 blx 0x4048 | r0 = fcn_00004048 ();
0x000088dc mov r4, r0 | r4 = r0;
0x000088de blx 0x42f4 | fcn_000042f4 ();
0x000088e2 adds r0, 1 | r0++;
0x000088e4 add r4, r0 | r4 += r0;
0x000088e6 mov r0, r5 | r0 = r5;
0x000088e8 blx 0x3f28 | fcn_00003f28 ();
0x000088ec cmp sb, r4 |
0x000088ee bhi 0x88cc |
| } while (sb > r4);
| label_4:
0x000088f0 ldrb.w r0, [r8] | r0 = *(r8);
0x000088f4 cmp r0, 0 |
| if (r0 == 0) {
0x000088f6 beq 0x88a8 | goto label_0;
| }
0x000088f8 movs r4, 0 | r4 = 0;
0x000088fa mov r3, r7 | r3 = r7;
0x000088fc mov r2, r6 | r2 = r6;
0x000088fe mov r1, r8 | r1 = r8;
0x00008900 mov r0, r5 | r0 = r5;
0x00008902 str r4, [sp] | *(sp) = r4;
0x00008904 blx 0x4048 | fcn_00004048 ();
0x00008908 mov r0, r4 | r0 = r4;
0x0000890a b 0x88a8 | goto label_0;
| label_3:
0x0000890c ldr r1, [pc, 0x54] |
0x0000890e movs r3, 7 | r3 = 7;
0x00008910 add r1, pc | r1 = 0x11278;
0x00008912 b 0x8898 | goto label_1;
| label_2:
0x00008914 ldr r4, [r5, 8] | r4 = *((r5 + 8));
| if (r4 == 0) {
0x00008916 cbz r4, 0x894a | goto label_5;
| }
0x00008918 mov r0, r4 | r0 = r4;
0x0000891a mov.w sl, 0 | sl = 0;
0x0000891e blx 0x42f4 | r0 = fcn_000042f4 ();
0x00008922 add.w sb, r4, r0 | sb = r4 + r0;
| do {
0x00008926 mov r1, r4 | r1 = r4;
0x00008928 mov r3, r7 | r3 = r7;
0x0000892a mov r2, r6 | r2 = r6;
0x0000892c mov r0, r5 | r0 = r5;
0x0000892e str.w sl, [sp] | __asm ("str.w sl, [sp]");
0x00008932 blx 0x4048 | fcn_00004048 ();
0x00008934 invalid |
0x00008938 blx 0x42f4 | fcn_000042f4 ();
0x0000893c adds r0, 1 | r0++;
0x0000893e add r4, r0 | r4 += r0;
0x00008940 mov r0, r5 | r0 = r5;
0x00008942 blx 0x3f28 | fcn_00003f28 ();
0x00008946 cmp sb, r4 |
0x00008948 bhi 0x8926 |
| } while (sb > r4);
| label_5:
0x0000894a mov r3, r7 | r3 = r7;
0x0000894c mov r2, r6 | r2 = r6;
0x0000894e mov r1, r8 | r1 = r8;
0x00008950 mov r0, r5 | r0 = r5;
0x00008952 blx 0x4534 | fcn_00004534 ();
0x00008956 movs r0, 0 | r0 = 0;
0x00008958 add sp, 8 |
0x0000895a pop.w {r4, r5, r6, r7, r8, sb, sl, pc} |
| }
[*] Function mmap used 1 times libapiutil.so.0.0
