[*] Binary protection state of mkfs.ubifs
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function mmap tear down of mkfs.ubifs
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/sbin/mkfs.ubifs @ 0x6698 */
| #include <stdint.h>
|
; (fcn) fcn.00006698 () | void fcn_00006698 (int16_t arg1, int16_t arg2) {
| r0 = arg1;
| r1 = arg2;
0x00006698 push.w {r4, r5, r6, r7, r8, lr} |
0x0000669c mov r7, r0 | r7 = r0;
0x0000669e ldr r3, [r0, 0x14] | r3 = *((r0 + 0x14));
0x000066a0 mov r0, r1 | r0 = r1;
0x000066a2 mov r8, r1 | r8 = r1;
0x000066a4 blx r3 | r0 = uint32_t (*r3)(uint32_t) (r3);
0x000066a6 subs r5, r0, 1 | r5 = r0 - 1;
0x000066a8 ldr r3, [r7, 0x14] | r3 = *((r7 + 0x14));
0x000066aa sub.w r5, r5, r0, lsl 9 | r5 -= (r0 << 9);
0x000066ae mov r0, r8 | r0 = r8;
0x000066b0 ldr r4, [r7] | r4 = *(r7);
0x000066b2 blx r3 | r0 = uint32_t (*r3)(uint32_t, uint32_t) (r0, r3);
0x000066b4 subs r3, r0, 1 | r3 = r0 - 1;
0x000066b6 eor.w r5, r5, r5, ror 14 | r5 ^= (r5 >>> 14);
0x000066ba sub.w r0, r3, r0, lsl 9 | r0 = r3 - (r0 << 9);
0x000066be mov r1, r4 | r1 = r4;
0x000066c0 add.w r5, r5, r5, lsl 4 | r5 += (r5 << 4);
0x000066c4 eor.w r0, r0, r0, ror 14 | r0 ^= (r0 >>> 14);
0x000066c8 eor.w r5, r5, r5, ror 10 | r5 ^= (r5 >>> 10);
0x000066cc add.w r0, r0, r0, lsl 4 | r0 += (r0 << 4);
0x000066d0 eor.w r0, r0, r0, ror 10 | r0 ^= (r0 >>> 10);
0x000066d4 bl 0x9d84 | fcn_00009d84 (r0);
0x000066d8 ldr r6, [r7, 4] | r6 = *((r7 + 4));
0x000066da ldr.w r4, [r6, r1, lsl 2] | offset_0 = r1 << 2;
| r4 = *((r6 + offset_0));
0x000066de add.w r6, r6, r1, lsl 2 | r6 += (r1 << 2);
| if (r4 != 0) {
0x000066e2 cbnz r4, 0x66ee | goto label_1;
| }
0x000066e4 b 0x671e | goto label_2;
| do {
| label_0:
0x000066e6 add.w r6, r4, 0xc | r6 = r4 + 0xc;
0x000066ea ldr r4, [r4, 0xc] | r4 = *((r4 + 0xc));
| if (r4 == 0) {
0x000066ec cbz r4, 0x671e | goto label_2;
| }
| label_1:
0x000066ee ldr r3, [r4, 8] | r3 = *((r4 + 8));
0x000066f0 cmp r3, r5 |
0x000066f2 bne 0x66e6 |
| } while (r3 != r5);
0x000066f4 ldr r1, [r4] | r1 = *(r4);
0x000066f6 mov r0, r8 | r0 = r8;
0x000066f8 ldr r3, [r7, 0x18] | r3 = *((r7 + 0x18));
0x000066fa blx r3 | r0 = uint32_t (*r3)(uint32_t, uint32_t, uint32_t) (r0, r1, r3);
0x000066fc cmp r0, 0 |
| if (r0 == 0) {
0x000066fe beq 0x66e6 | goto label_0;
| }
0x00006700 ldr r3, [r7, 8] | r3 = *((r7 + 8));
0x00006702 ldr r2, [r4, 0xc] | r2 = *((r4 + 0xc));
0x00006704 subs r3, 1 | r3--;
0x00006706 str r2, [r6] | *(r6) = r2;
0x00006708 ldrd r0, r5, [r4] | __asm ("ldrd r0, r5, [r4]");
0x0000670c str r3, [r7, 8] | *((r7 + 8)) = r3;
0x0000670e blx 0x1048 | fcn_00001048 ();
0x00006712 mov r0, r4 | r0 = r4;
0x00006714 blx 0x1048 | fcn_00001048 ();
0x00006718 mov r0, r5 | r0 = r5;
0x0000671a pop.w {r4, r5, r6, r7, r8, pc} |
| label_2:
0x0000671e movs r5, 0 | r5 = 0;
0x00006720 mov r0, r5 | r0 = r5;
0x00006722 pop.w {r4, r5, r6, r7, r8, pc} |
| }
[*] Function mmap used 1 times mkfs.ubifs