[*] Binary protection state of libpaho-mqtt3as.so.1.3.9
Full RELRO Canary found NX enabled DSO No RPATH No RUNPATH No Symbols
[*] Function strcat tear down of libpaho-mqtt3as.so.1.3.9
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libpaho-mqtt3as.so.1.3.9 @ 0x86ec */
| #include <stdint.h>
|
; (fcn) fcn.000086ec () | void fcn_000086ec (int16_t arg1) {
| int16_t var_0h;
| int16_t var_4h;
| int16_t var_0h_2;
| int16_t var_ch;
| int16_t var_10h;
| int16_t var_14h;
| int32_t var_28h;
| int16_t var_3ch;
| int16_t var_40h;
| r0 = arg1;
| if (? < ?) {
0x000086ec andhs r4, r3, 104, 22 | r4 = r3 & (104 22);
| }
0x000086f0 push.w {r4, r5, r6, r7, r8, sb, lr} |
0x000086f4 mov r5, r0 | r5 = r0;
0x000086f6 ldr r6, [pc, 0x19c] |
0x000086f8 sub sp, 0x44 |
0x000086fa add r3, pc | r3 += pc;
0x000086fc mov.w r1, 0x370 | r1 = 0x370;
0x00008700 add.w r0, r3, 0xb4 | r0 = r3 + 0xb4;
0x00008704 ldr r3, [pc, 0x190] | r3 = *(0x8898);
0x00008706 add r6, pc | r6 = 0x10fa0;
0x00008708 movs r4, 0 | r4 = 0;
0x0000870a ldr r3, [r6, r3] |
0x0000870c ldr r3, [r3] | r3 = *(0x10fa0);
0x0000870e str r3, [sp, 0x3c] | var_3ch = r3;
0x00008710 mov.w r3, 0 | r3 = 0;
0x00008714 strd r4, r4, [sp, 0xc] | __asm ("strd r4, r4, [var_ch]");
0x00008716 add r3, r0 | r3 += r0;
0x00008718 bl 0xfb54 | fcn_0000fb54 (r0, r1, r2);
0x0000871c mov r0, r5 | r0 = r5;
0x0000871e bl 0xd4e0 | fcn_0000d4e0 (r0);
0x00008722 ldr r2, [r0, 0xc] | r2 = *((r0 + 0xc));
0x00008724 cmp r2, 0 |
| if (r2 != 0) {
0x00008726 bne.w 0x8872 | goto label_5;
| }
0x0000872a ldr r6, [r0, 4] | r6 = *((r0 + 4));
0x0000872c mov r4, r0 | r4 = r0;
0x0000872e cmp r6, 0 |
| if (r6 <= 0) {
0x00008730 ble 0x878a | goto label_6;
| }
0x00008732 ldr r0, [r0, 0x10] | r0 = *((r0 + 0x10));
0x00008734 add.w r6, r4, r6, lsl 3 | r6 = r4 + (r6 << 3);
0x00008738 mov ip, r2 |
0x0000873a mov r1, r4 | r1 = r4;
0x0000873c b 0x8754 |
| while (r0 < lr) {
0x0000873e ldr r7, [r1, 0x14] | r7 = *((r1 + 0x14));
0x00008740 add.w lr, sp, 0x40 | lr += var_40h;
0x00008744 add.w lr, lr, r2, lsl 3 | lr += (r2 << 3);
0x00008748 adds r2, 1 | r2++;
0x0000874a strd r7, r3, [lr, -0x2c] | __asm ("strd r7, r3, [var_10h]");
| label_0:
0x0000874e adds r1, 8 | r1 += 8;
0x00008750 cmp r1, r6 |
| if (r1 == r6) {
0x00008752 beq 0x878a | goto label_6;
| }
| label_1:
0x00008754 mov lr, ip | lr = ip;
0x00008756 ldr r3, [r1, 0x18] | r3 = *((r1 + 0x18));
0x00008758 cmp r0, lr |
0x0000875a add ip, r3 |
0x0000875c bls 0x873e |
| }
0x0000875e cmp r0, ip |
| if (r0 >= ip) {
0x00008760 bhs 0x874e | goto label_0;
| }
0x00008762 ldr r7, [r1, 0x14] | r7 = *((r1 + 0x14));
0x00008764 add.w r8, sp, 0x40 | r8 += var_40h;
0x00008768 adds r1, 8 | r1 += 8;
0x0000876a add.w r8, r8, r2, lsl 3 | r8 += (r2 << 3);
0x0000876e sub.w sb, lr, r0 | sb = lr - r0;
0x00008772 cmp r1, r6 |
0x00008774 sub.w lr, r0, lr | lr = r0 - lr;
0x00008778 add r3, sb | r3 += sb;
0x0000877a add r7, lr | r7 += lr;
0x0000877c add.w r2, r2, 1 | r2++;
0x00008780 str r3, [r8, -0x28] | var_28h = r3;
0x00008784 str r7, [r8, -0x2c] | var_14h = r7;
| if (r1 != r6) {
0x00008788 bne 0x8754 | goto label_1;
| }
| label_6:
0x0000878a add r3, sp, 0x10 | r3 += var_10h;
0x0000878c add r1, sp, 0x14 | r1 += var_14h;
0x0000878e mov r0, r5 | r0 = r5;
0x00008790 bl 0x8320 | fcn_00008320 (r0, r1, r2, r3);
0x00008794 str r0, [sp, 0xc] | var_ch = r0;
0x00008796 adds r0, 1 | r0++;
| if (r0 == 1) {
0x00008798 beq 0x8834 | goto label_7;
| }
0x0000879a ldr r2, [r4, 0x10] | r2 = *((r4 + 0x10));
0x0000879c ldr r3, [sp, 0x10] | r3 = var_10h;
0x0000879e ldr r1, [r4, 8] | r1 = *((r4 + 8));
0x000087a0 add r2, r3 | r2 += r3;
0x000087a2 cmp r2, r1 |
0x000087a4 str r2, [r4, 0x10] | *((r4 + 0x10)) = r2;
0x000087a6 ite eq |
| if (r2 != r1) {
0x000087a8 moveq r2, 1 | r2 = 1;
| }
| if (r2 == r1) {
0x000087aa movne r2, 0 | r2 = 0;
| }
0x000087ac str r2, [sp, 0xc] | var_ch = r2;
| if (r2 != r1) {
0x000087ae bne 0x887a | goto label_8;
| }
0x000087b0 ldr r3, [r4, 4] | r3 = *((r4 + 4));
0x000087b2 cmp r3, 0 |
| if (r3 <= 0) {
0x000087b4 ble 0x87f2 | goto label_9;
| }
0x000087b6 ldr.w sb, [pc, 0xe4] |
0x000087ba add.w r7, r4, 0x3c | r7 = r4 + 0x3c;
0x000087bc lsls r4, r7, 0x1c | r4 = r7 << 0x1c;
0x000087be movs r6, 0 | r6 = 0;
0x000087c0 add.w r8, r4, 0x14 | r8 = r4 + 0x14;
0x000087c4 add sb, pc | sb = 0x11066;
0x000087c6 b 0x87ce |
| while (r2 == 0) {
0x000087c8 adds r6, 1 | r6++;
0x000087ca cmp r3, r6 |
| if (r3 <= r6) {
0x000087cc ble 0x87f2 | goto label_9;
| }
| label_2:
0x000087ce ldr r2, [r7], 4 | r2 = *(r7);
| r7 += 4;
0x000087d2 cmp r2, 0 |
0x000087d4 beq 0x87c8 |
| }
0x000087d6 ldr.w r2, [r8, r6, lsl 3] | offset_0 = r6 << 3;
| r2 = *((r8 + offset_0));
0x000087da movw r1, 0x396 | r1 = 0x396;
0x000087de mov r0, sb | r0 = sb;
0x000087e0 bl 0x10194 | fcn_00010194 (r0, r1, r2);
0x000087e4 ldr r3, [r4, 4] | r3 = *((r4 + 4));
0x000087e6 movs r2, 0 | r2 = 0;
0x000087e8 str.w r2, [r8, r6, lsl 3] | __asm ("str.w r2, [r8, r6, lsl 3]");
0x000087ec adds r6, 1 | r6++;
0x000087ee cmp r3, r6 |
| if (r3 > r6) {
0x000087f0 bgt 0x87ce | goto label_2;
| }
| label_9:
0x000087f2 ldr r2, [pc, 0xac] |
0x000087f4 movs r4, 1 | r4 = 1;
0x000087f6 mov r3, r5 | r3 = r5;
0x000087f8 mov.w r1, -1 | r1 = -1;
0x000087fc movs r0, 3 | r0 = 3;
0x000087fe str r4, [sp, 0xc] | var_ch = r4;
0x00008800 add r2, pc | r2 = 0x110a6;
0x00008802 bl 0x9a28 | fcn_00009a28 (r0, r1);
| do {
| label_3:
0x00008806 ldr r0, [pc, 0x9c] |
0x00008808 movs r3, 3 | r3 = 3;
0x0000880a add r2, sp, 0xc | r2 += var_ch;
0x0000880c movw r1, 0x3b1 | r1 = 0x3b1;
0x0000880e adds r1, 0xb1 | r1 += 0xb1;
0x00008810 add r0, pc | r0 = 0x110ba;
0x00008812 adds r0, 0xb4 | r0 += 0xb4;
0x00008814 bl 0xfbf4 | fcn_0000fbf4 (r0, r1, r2, r3);
0x00008816 invalid |
0x00008818 ldr r2, [pc, 0x8c] |
0x0000881a ldr r3, [pc, 0x7c] | r3 = *(0x889a);
0x0000881c ldr r0, [sp, 0xc] | r0 = var_ch;
0x0000881e add r2, pc | r2 = 0x110ca;
0x00008820 ldr r3, [r2, r3] | r3 = *(0x110ca);
0x00008822 ldr r2, [r3] | r2 = *(0x110ca);
0x00008824 ldr r3, [sp, 0x3c] | r3 = var_3ch;
0x00008826 eors r2, r3 | r2 ^= r3;
0x00008828 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x0000882c bne 0x888c | goto label_10;
| }
0x0000882e add sp, 0x44 |
0x00008830 pop.w {r4, r5, r6, r7, r8, sb, pc} |
| label_7:
0x00008834 ldr r3, [r4, 4] | r3 = *((r4 + 4));
0x00008836 cmp r3, 0 |
0x00008838 ble 0x8806 |
| } while (r3 <= 0);
0x0000883a ldr.w r8, [pc, 0x70] |
0x0000883e add.w r6, r4, 0x3c | r6 = r4 + 0x3c;
0x00008842 movs r5, 0 | r5 = 0;
0x00008844 add.w r7, r4, 0x14 | r7 = r4 + 0x14;
0x00008848 add r8, pc | r8 = 0x110fa;
0x0000884a b 0x8852 | goto label_11;
| label_4:
0x0000884c adds r5, 1 | r5++;
0x0000884e cmp r3, r5 |
| if (r3 <= r5) {
0x00008850 ble 0x8806 | goto label_3;
| }
| label_11:
0x00008852 ldr r2, [r6], 4 | r2 = *(r6);
| r6 += 4;
0x00008856 cmp r2, 0 |
| if (r2 == 0) {
0x00008858 beq 0x884c | goto label_4;
| }
0x0000885a ldr.w r2, [r7, r5, lsl 3] | offset_1 = r5 << 3;
| r2 = *((r7 + offset_1));
0x0000885e movw r1, 0x3a9 | r1 = 0x3a9;
0x00008862 mov r0, r8 | r0 = r8;
0x00008864 bl 0x10194 | fcn_00010194 (r0, r1, r2);
0x00008866 ldc2 p2, c2, [r6], {0} | __asm ("ldc2 p2, c2, [r6], {0}");
0x0000886a ldr r3, [r4, 4] | r3 = *((r4 + 4));
0x0000886c str.w r2, [r7, r5, lsl 3] | __asm ("str.w r2, [r7, r5, lsl 3]");
0x00008870 b 0x884c | goto label_4;
| label_5:
0x00008872 bl 0x18f6c | fcn_00018f6c (r0);
0x00008876 str r0, [sp, 0xc] | var_ch = r0;
0x00008878 b 0x8806 | goto label_3;
| label_8:
0x0000887a ldr r2, [pc, 0x34] |
0x0000887c mov.w r1, -1 | r1 = -1;
0x00008880 movs r0, 3 | r0 = 3;
0x00008882 str r5, [sp] | *(sp) = r5;
0x00008884 add r2, pc | r2 = 0x1113a;
0x00008886 bl 0x9a28 | fcn_00009a28 (r0, r1);
0x0000888a b 0x8806 | goto label_3;
| label_10:
0x0000888c blx 0x348c | fprintf_chk ();
0x00008890 movs r2, 0x32 | r2 = 0x32;
0x00008892 movs r1, r0 | r1 = r0;
0x00008894 str r2, [r1, 0x58] | *((r1 + 0x58)) = r2;
0x00008896 movs r2, r0 | r2 = r0;
0x00008898 lsls r0, r4, 0xc | r0 = r4 << 0xc;
0x0000889a movs r0, r0 |
0x0000889c adds r4, r2, 7 | r4 = r2 + 7;
0x0000889e movs r1, r0 | r1 = r0;
0x000088a0 subs r0, r1, 4 | r0 = r1 - 4;
0x000088a2 movs r1, r0 | r1 = r0;
0x000088a4 movs r1, 0x1c | r1 = 0x1c;
0x000088a6 movs r1, r0 | r1 = r0;
0x000088a8 str r2, [r6, 0x44] | *((r6 + 0x44)) = r2;
0x000088aa movs r2, r0 | r2 = r0;
0x000088ac adds r0, r2, 5 | r0 = r2 + 5;
0x000088ae movs r1, r0 | r1 = r0;
0x000088b0 subs r4, r7, 2 | r4 = r7 - 2;
0x000088b2 movs r1, r0 | r1 = r0;
| }
[*] Function strcat used 1 times libpaho-mqtt3as.so.1.3.9
