[*] Binary protection state of libkmod.so.2.3.7
Full RELRO Canary found NX enabled DSO No RPATH No RUNPATH No Symbols
[*] Function popen tear down of libkmod.so.2.3.7
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libkmod.so.2.3.7 @ 0x6bb8 */
| #include <stdint.h>
|
; (fcn) sym.kmod_module_get_initstate () | uint32_t kmod_module_get_initstate (int16_t arg1) {
| int16_t var_0h;
| int16_t var_4h;
| size_t size;
| int16_t var_18h;
| int16_t var_78h;
| int16_t var_94h;
| int16_t var_98h;
| int16_t var_1080h;
| r0 = arg1;
| label_3:
0x00005a90 mvnsmi lr, sp, lsr 18 | __asm ("mvnsmi lr, sp, lsr 18");
0x00005a94 sub.w sp, sp, 0x1080 |
0x00005a98 ldr r4, [pc, 0x138] |
0x00005a9a sub sp, 0x18 |
0x00005a9c add.w r5, sp, 0x1080 | r5 += var_1080h;
0x00005aa0 mov.w r3, 0x1000 | r3 = 0x1000;
0x00005aa4 str r0, [sp, 4] | var_4h = r0;
0x00005aa6 add r7, sp, 0x94 | r7 += var_94h;
0x00005aa8 add r4, pc | r4 = 0xb680;
0x00005aaa ldr r0, [pc, 0x12c] | r0 = *(0x5bda);
0x00005aac str r4, [sp] | *(sp) = r4;
0x00005aae adds r5, 0x14 | r5 += 0x14;
0x00005ab0 ldr r4, [pc, 0x128] |
0x00005ab2 mov r1, r3 | r1 = r3;
0x00005ab4 movs r2, 1 | r2 = 1;
0x00005ab6 add r4, pc | r4 = 0xb696;
0x00005ab8 ldr r0, [r4, r0] |
0x00005aba ldr r0, [r0] | r0 = *(0xb696);
0x00005abc str r0, [r5] | *(r5) = r0;
0x00005abe mov.w r0, 0 | r0 = 0;
0x00005ac2 mov r0, r7 | r0 = r7;
0x00005ac4 blx 0x2460 | fcn_00002460 ();
0x00005ac8 mov.w r1, 0x80000 | r1 = 0x80000;
0x00005acc mov r6, r0 | r6 = r0;
0x00005ace mov r0, r7 | r0 = r7;
0x00005ad0 blx 0x21cc | r0 = fcn_000021cc ();
0x00005ad4 subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 < r0) {
0x00005ad6 blt 0x5b4a | goto label_4;
| }
0x00005ad8 add r6, sp, 0x78 | r6 += var_78h;
0x00005ada movs r2, 0x20 | r2 = 0x20;
0x00005adc subs r7, r6, 4 | r7 = r6 - 4;
0x00005ade mov r1, r7 | r1 = r7;
0x00005ae0 bl 0xa69c | r0 = fcn_0000a69c (r0, r1, r2);
0x00005ae4 mov r5, r0 | r5 = r0;
0x00005ae6 mov r0, r4 | r0 = r4;
0x00005ae8 blx 0x2448 | fcn_00002448 ();
0x00005aec cmp r5, 0 |
| if (r5 < 0) {
0x00005aee blt 0x5bc8 | goto label_5;
| }
0x00005af0 ldr r2, [r6, -0x4] | r2 = *((r6 - 0x4));
0x00005af4 movw r3, 0x696c |
0x00005af8 movt r3, 0x6576 | r3 = 0x6576696c;
0x00005afc cmp r2, r3 |
| if (r2 == r3) {
0x00005afe beq 0x5b88 | goto label_6;
| }
0x00005b00 ldr r2, [r6, -0x4] | r2 = *((r6 - 0x4));
0x00005b04 movw r3, 0x6f63 |
0x00005b08 movt r3, 0x696d | r3 = 0x696d6f63;
0x00005b0c cmp r2, r3 |
| if (r2 == r3) {
0x00005b0e beq 0x5ba2 | goto label_7;
| }
| label_1:
0x00005b10 ldr r2, [r6, -0x4] | r2 = *((r6 - 0x4));
0x00005b14 movw r3, 0x6f67 |
0x00005b18 movt r3, 0x6e69 | r3 = 0x6e696f67;
0x00005b1c cmp r2, r3 |
| if (r2 == r3) {
0x00005b1e beq 0x5bb4 | goto label_8;
| }
| label_2:
0x00005b20 mvn r5, 0x15 | r5 = ~0x15;
| do {
| label_0:
0x00005b24 ldr r2, [pc, 0xb8] |
0x00005b26 add.w r1, sp, 0x1080 | r1 += var_1080h;
0x00005b2a ldr r3, [pc, 0xac] | r3 = *(0x5bda);
0x00005b2c adds r1, 0x14 | r1 += 0x14;
0x00005b2e add r2, pc | r2 = 0xb712;
0x00005b30 ldr r3, [r2, r3] | r3 = *(0xb712);
0x00005b32 ldr r2, [r3] | r2 = *(0xb712);
0x00005b34 ldr r3, [r1] | r3 = *(r1);
0x00005b36 eors r2, r3 | r2 ^= r3;
0x00005b38 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00005b3c bne 0x5bd0 | goto label_9;
| }
0x00005b3e mov r0, r5 | r0 = r5;
0x00005b40 add.w sp, sp, 0x1080 |
0x00005b44 add sp, 0x18 |
0x00005b46 pop.w {r4, r5, r6, r7, r8, pc} |
| label_4:
0x00005b4a blx 0x22f4 | r0 = gzerror ();
0x00005b4e ldr r4, [r0] | r4 = *(r0);
0x00005b50 mov r0, r4 | r0 = r4;
0x00005b52 rsbs r5, r4, 0 | r5 = r4 - ;
0x00005b54 blx 0x2208 | fcn_00002208 ();
0x00005b58 cmp r6, 0xa |
| if (r6 > 0xa) {
0x00005b5a ble 0x5b80 |
0x00005b5c add.w r8, sp, 0x98 | r8 += var_98h;
0x00005b60 movs r2, 0 | r2 = 0;
0x00005b62 add.w r3, r8, r6 | r3 = r8 + r6;
0x00005b66 mov r0, r7 | r0 = r7;
0x00005b68 add r1, sp, 8 | r1 += size;
0x00005b6a strb r2, [r3, -0xe] | *((r3 - 0xe)) = r2;
0x00005b6e blx 0x212c | r0 = realloc (r0, r1);
| if (r0 != 0) {
0x00005b72 cbnz r0, 0x5b80 | goto label_10;
| }
0x00005b74 ldr r3, [sp, 0x18] | r3 = var_18h;
0x00005b76 and r3, r3, 0xf000 | r3 &= 0xf000;
0x00005b7a cmp.w r3, 0x4000 |
| if (r3 == 0x4000) {
0x00005b7e beq 0x5bb0 | goto label_11;
| }
| }
| label_10:
0x00005b80 mov r0, r4 | r0 = r4;
0x00005b82 blx 0x2208 | fcn_00002208 ();
0x00005b86 b 0x5b24 |
| } while (1);
| label_6:
0x00005b88 ldrh r3, [r7, 4] | r3 = *((r7 + 4));
0x00005b8a cmp r3, 0xa |
0x00005b8c it eq |
| if (r3 == 0xa) {
0x00005b8e moveq r5, 1 | r5 = 1;
| goto label_12;
| }
| if (r3 == 0xa) {
| label_12:
0x00005b90 beq 0x5b24 | goto label_0;
| }
0x00005b92 ldr r2, [r6, -0x4] | r2 = *((r6 - 0x4));
0x00005b96 movw r3, 0x6f63 |
0x00005b9a movt r3, 0x696d | r3 = 0x696d6f63;
0x00005b9e cmp r2, r3 |
| if (r2 != r3) {
0x00005ba0 bne 0x5b10 | goto label_1;
| }
| label_7:
0x00005ba2 ldr r2, [r7, 4] | r2 = *((r7 + 4));
0x00005ba4 movw r3, 0x676e |
0x00005ba8 movt r3, 0xa | r3 = 0xa676e;
0x00005bac cmp r2, r3 |
| if (r2 != r3) {
0x00005bae bne 0x5b10 | goto label_1;
| }
| label_11:
0x00005bb0 movs r5, 2 | r5 = 2;
0x00005bb2 b 0x5b24 | goto label_0;
| label_8:
0x00005bb4 ldrh r2, [r6] | r2 = *(r6);
0x00005bb6 movw r3, 0xa67 | r3 = 0xa67;
0x00005bba cmp r2, r3 |
| if (r2 != r3) {
0x00005bbc bne 0x5b20 | goto label_2;
| }
0x00005bbe ldrb r3, [r6, 2] | r3 = *((r6 + 2));
0x00005bc0 movs r5, 3 | r5 = 3;
0x00005bc2 cmp r3, 0 |
| if (r3 == 0) {
0x00005bc4 beq 0x5b24 | goto label_0;
| }
0x00005bc6 b 0x5b20 | goto label_2;
| label_5:
0x00005bc8 rsbs r0, r5, 0 | r0 = r5 - ;
0x00005bca blx 0x2208 | fcn_00002208 ();
0x00005bce b 0x5b24 | goto label_0;
| label_9:
0x00005bd0 blx 0x2108 | fcn_00002108 ();
0x00005bd4 strb r0, [r3, r4] | *((r3 + r4)) = r0;
0x00005bd6 movs r0, r0 |
0x00005bd8 lsls r4, r4, 6 | r4 <<= 6;
0x00005bda movs r0, r0 |
0x00005bdc str r2, [r2, 0x38] | *((r2 + 0x38)) = r2;
0x00005bde movs r1, r0 | r1 = r0;
0x00005be0 str r2, [r3, 0x30] | *((r3 + 0x30)) = r2;
0x00005be2 movs r1, r0 | r1 = r0;
| if (r0 == 0) {
0x00006bb8 cbz r0, 0x6be2 | goto label_13;
| }
0x00006bba push {r4, lr} |
0x00006bbc mov r4, r0 | r4 = r0;
0x00006bbe ldr r0, [r0, 0x34] | r0 = *((r0 + 0x34));
0x00006bc0 cbz r0, 0x6bd4 |
| while (1) {
0x00006bc2 cmp r0, 2 |
| if (r0 == 2) {
0x00006bc4 bne 0x6bca |
0x00006bc6 movs r0, 0 | r0 = 0;
0x00006bc8 pop {r4, pc} |
| }
0x00006bca ldr r0, [r4, 8] | r0 = *((r4 + 8));
0x00006bcc pop.w {r4, lr} |
0x00006bd0 b.w 0x5a90 | goto label_3;
0x00006bd4 ldr r1, [r4, 8] | r1 = *((r4 + 8));
0x00006bd6 ldr r0, [r4] | r0 = *(r4);
0x00006bd8 bl 0x2b44 | fcn_00002b44 (r0, r1);
0x00006bda vrev64.16 d3, d1 | __asm ("vrev64.16 d3, d1");
0x00006bde str r0, [r4, 0x34] | *((r4 + 0x34)) = r0;
0x00006be0 b 0x6bc2 |
| }
| label_13:
0x00006be2 mvn r0, 1 | r0 = ~1;
0x00006be6 bx lr | return r0;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libkmod.so.2.3.7 @ 0x7960 */
| #include <stdint.h>
|
; (fcn) sym.kmod_module_get_symbols () | void kmod_module_get_symbols (uint32_t arg1, uint32_t arg2) {
| int16_t var_0h;
| int16_t var_4h;
| r0 = arg1;
| r1 = arg2;
0x00007960 ldr r2, [pc, 0xf0] |
0x00007962 cmp r1, 0 |
0x00007964 it ne |
| if (r1 != 0) {
0x00007966 cmpne r0, 0 | __asm ("cmpne r0, 0");
| }
0x00007968 ldr r3, [pc, 0xec] | r3 = *(0x7a58);
0x0000796a push.w {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x0000796e sub sp, 0xc |
0x00007970 add r2, pc | r2 = 0xf3c8;
0x00007972 ldr r3, [r2, r3] |
0x00007974 ldr r3, [r3] | r3 = *(0xf3c8);
0x00007976 str r3, [sp, 4] | var_4h = r3;
0x00007978 mov.w r3, 0 | r3 = 0;
| if (r1 == 0) {
0x0000797c beq 0x7a36 | goto label_3;
| }
0x0000797e ldr r6, [r1] | r6 = *(r1);
0x00007980 mov r7, r1 | r7 = r1;
0x00007982 cmp r6, 0 |
| if (r6 != 0) {
0x00007984 bne 0x7a3c | goto label_4;
| }
0x00007986 bl 0x6420 | r0 = fcn_00006420 (r0);
0x0000798a cmp r0, 0 |
| if (r0 == 0) {
0x0000798c beq 0x7a16 | goto label_5;
| }
0x0000798e mov r1, sp | r1 = sp;
0x00007990 bl 0x8cd4 | r0 = fcn_00008cd4 (r0, r1, r2, r3);
0x00007994 subs.w r8, r0, 0 | r8 = r0 - 0;
| if (r8 < r0) {
0x00007998 blt 0x79a2 | goto label_2;
| }
| if (r8 != r0) {
0x0000799a bne 0x79c6 | goto label_6;
| }
| do {
| label_1:
0x0000799c ldr r0, [sp] | r0 = *(sp);
0x0000799e blx 0x20a4 | fcn_000020a4 ();
| label_2:
0x000079a2 ldr r2, [pc, 0xb8] |
0x000079a4 ldr r3, [pc, 0xb0] | r3 = *(0x7a58);
0x000079a6 add r2, pc | r2 = 0xf408;
0x000079a8 ldr r3, [r2, r3] | r3 = *(0xf408);
0x000079aa ldr r2, [r3] | r2 = *(0xf408);
0x000079ac ldr r3, [sp, 4] | r3 = var_4h;
0x000079ae eors r2, r3 | r2 ^= r3;
0x000079b0 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x000079b4 bne 0x7a50 | goto label_7;
| }
0x000079b6 mov r0, r8 | r0 = r8;
0x000079b8 add sp, 0xc |
0x000079ba pop.w {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| label_0:
0x000079be adds r6, 1 | r6++;
0x000079c0 str r0, [r7] | *(r7) = r0;
0x000079c2 cmp r8, r6 |
0x000079c4 beq 0x799c |
| } while (r8 == r6);
| label_6:
0x000079c6 ldr r3, [sp] | r3 = *(sp);
0x000079c8 add.w r3, r3, r6, lsl 4 | r3 += (r6 << 4);
0x000079cc ldr.w sb, [r3, 0xc] | sb = *((r3 + 0xc));
0x000079d0 ldrd sl, fp, [r3] | __asm ("ldrd sl, fp, [r3]");
0x000079d4 mov r0, sb | r0 = sb;
0x000079d6 blx 0x22a8 | r0 = fcn_000022a8 ();
0x000079da mov r2, r0 | r2 = r0;
0x000079dc adds r0, 9 | r0 += 9;
0x000079de adds r4, r2, 1 | r4 = r2 + 1;
0x000079e0 blx 0x21fc | r0 = fcn_000021fc ();
0x000079e4 mov r5, r0 | r5 = r0;
| if (r0 == 0) {
0x000079e6 cbz r0, 0x7a22 | goto label_8;
| }
0x000079e8 mov r2, r4 | r2 = r4;
0x000079ea mov r1, sb | r1 = sb;
0x000079ec strd sl, fp, [r0], 8 | __asm ("strd sl, fp, [r0], 8");
0x000079f0 blx 0x20c0 | mmap64 ();
0x000079f4 ldr r0, [r7] | r0 = *(r7);
0x000079f6 mov r1, r5 | r1 = r5;
0x000079f8 bl 0x37c0 | fcn_000037c0 (r0, r1);
0x000079fa cdp2 p6, 0xe, c4, c2, c4, 0 | __asm ("cdp2 p6, 0xe, c4, c2, c4, 0");
0x000079fe cmp r0, 0 |
| if (r0 != 0) {
0x00007a00 bne 0x79be | goto label_0;
| }
0x00007a02 mov r0, r5 | r0 = r5;
0x00007a04 mvn r8, 0xb | r8 = ~0xb;
0x00007a08 blx 0x20a4 | fcn_000020a4 ();
0x00007a0c ldr r0, [r7] | r0 = *(r7);
0x00007a0e blx 0x2348 | memchr (r0, r1, r2);
0x00007a12 str r4, [r7] | *(r7) = r4;
0x00007a14 b 0x799c | goto label_1;
| label_5:
0x00007a16 blx 0x22f4 | r0 = gzerror ();
0x00007a1a ldr r3, [r0] | r3 = *(r0);
0x00007a1c rsb.w r8, r3, 0 | r8 = r3 - ;
0x00007a20 b 0x79a2 | goto label_2;
| label_8:
0x00007a22 blx 0x22f4 | r0 = gzerror ();
0x00007a26 ldr r3, [r0] | r3 = *(r0);
0x00007a28 ldr r0, [r7] | r0 = *(r7);
0x00007a2a rsb.w r8, r3, 0 | r8 = r3 - ;
0x00007a2e blx 0x2348 | memchr (r0, r1, r2);
0x00007a32 str r5, [r7] | *(r7) = r5;
0x00007a34 b 0x799c | goto label_1;
| label_3:
0x00007a36 mvn r8, 1 | r8 = ~1;
0x00007a3a b 0x79a2 | goto label_2;
| label_4:
0x00007a3c ldr r3, [pc, 0x20] |
0x00007a3e movw r2, 0xa48 | r2 = 0xa48;
0x00007a42 ldr r1, [pc, 0x20] |
0x00007a44 ldr r0, [pc, 0x20] |
0x00007a46 add r3, pc | r3 = 0xf4aa;
0x00007a48 add r1, pc | r1 = 0xf4b2;
0x00007a4a add r0, pc | r0 = 0xf4b6;
0x00007a4c blx 0x246c | fcn_0000246c ();
| label_7:
0x00007a50 blx 0x2108 | fcn_00002108 ();
0x00007a54 add r8, fp | r8 += fp;
0x00007a56 movs r1, r0 | r1 = r0;
0x00007a58 lsls r4, r4, 6 | r4 <<= 6;
0x00007a5a movs r0, r0 |
0x00007a5c add sl, r4 | sl += r4;
0x00007a5e movs r1, r0 | r1 = r0;
0x00007a60 adds r7, 0x2a | r7 += 0x2a;
0x00007a62 movs r0, r0 |
0x00007a64 adds r5, 0xac | r5 += 0xac;
0x00007a66 movs r0, r0 |
0x00007a68 adds r3, 0x82 | r3 += 0x82;
0x00007a6a movs r0, r0 |
| }
[*] Function popen used 1 times libkmod.so.2.3.7
