[*] Binary protection state of cmac.ko
No RELRO No Canary found NX disabled REL No RPATH No RUNPATH Symbols
[*] Function strcpy tear down of cmac.ko
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/modules/5.10.52-axis8/kernel/crypto/cmac.ko @ 0x8000258 */
| #include <stdint.h>
|
| #define BIT_MASK(t,v) ((t)(-((v)!= 0)))&(((t)-1)>>((sizeof(t)*CHAR_BIT)-(v)))
|
; (fcn) sym.cmac_create () | void cmac_create (int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_ch;
| int32_t var_10h;
| r0 = arg1;
| r1 = arg2;
0x08000258 push {r4, r5, r6, r7, r8, lr} |
0x0800025c mov r7, r0 | r7 = r0;
0x08000260 mov r6, r1 | r6 = r1;
0x08000264 sub sp, sp, 0x10 |
0x08000268 mov r0, r1 | r0 = r1;
0x0800026c add r2, sp, 0xc | r2 += var_ch;
0x08000270 mov r1, 0xe | r1 = 0xe;
0x08000274 stmdaeq r0, {r2, r3, r5, r6, r8, sb, ip} | __asm ("stmdaeq r0, {r2, r3, r5, r6, r8, sb, ip}");
0x08000278 subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 != r0) {
0x0800027c beq 0x800028c |
| label_0:
0x08000280 mov r0, r4 | r0 = r4;
0x08000284 add sp, sp, 0x10 |
0x08000288 pop {r4, r5, r6, r7, r8, pc} |
| }
0x0800028c stmdaeq r0, {r4, r5, r6, r8, sb, ip} | __asm ("stmdaeq r0, {r4, r5, r6, r8, sb, ip}");
0x08000290 stmdaeq r0, {r4, r5, r6, r8, sb, ip} | __asm ("stmdaeq r0, {r4, r5, r6, r8, sb, ip}");
0x08000294 mov r1, 0xdc0 | r1 = 0xdc0;
0x08000298 ldr r0, [r3, 0x28] | r0 = *((r3 + 0x28));
0x0800029c stmdaeq r0, {r2, r4, r5, r6, r8, sb, ip} | __asm ("stmdaeq r0, {r2, r4, r5, r6, r8, sb, ip}");
0x080002a0 subs r5, r0, 0 | r5 = r0 - 0;
| if (r5 == r0) {
0x080002a4 beq 0x80003c4 | goto label_2;
| }
0x080002a8 ldr r0, [r6, 4] | r0 = *((r6 + 4));
0x080002ac add r6, r5, 0xc0 | r6 = r5 + 0xc0;
0x080002b0 stmdaeq r0, {r3, r4, r5, r6, r8, sb, ip} | __asm ("stmdaeq r0, {r3, r4, r5, r6, r8, sb, ip}");
0x080002b4 ldr r3, [sp, 0xc] | r3 = var_ch;
0x080002b8 mov r2, r0 | r2 = r0;
0x080002bc mov r1, r6 | r1 = r6;
0x080002c0 orr r3, r3, 0xf | r3 |= 0xf;
0x080002c4 add r0, r5, 0x280 | r0 = r5 + 0x280;
0x080002c8 str r3, [sp] | *(sp) = r3;
0x080002cc mov r3, 1 | r3 = 1;
0x080002d0 stmdaeq r0, {r2, r3, r4, r5, r6, r8, sb, ip} | __asm ("stmdaeq r0, {r2, r3, r4, r5, r6, r8, sb, ip}");
0x080002d4 subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 != r0) {
0x080002d8 bne 0x80002f4 | goto label_1;
| }
0x080002dc ldr r8, [r5, 0x288] | r8 = *((r5 + 0x288));
0x080002e0 ldr r3, [r8, 0x14] | r3 = *((r8 + 0x14));
0x080002e4 sub r3, r3, 8 | r3 -= 8;
0x080002e8 bics r3, r3, 8 | __asm ("bics r3, r3, 8");
| if (r4 == r0) {
0x080002ec mvnne r4, 0x15 | r4 = ~0x15;
| }
0x080002f0 beq 0x8000308 |
| while (r4 != r0) {
| label_1:
0x080002f4 mov r0, r5 | r0 = r5;
0x080002f8 stmdaeq r0, {r7, r8, sb, ip} | __asm ("stmdaeq r0, {r7, r8, sb, ip}");
0x080002fc mov r0, r4 | r0 = r4;
0x08000300 add sp, sp, 0x10 |
0x08000304 pop {r4, r5, r6, r7, r8, pc} |
0x08000308 mov r2, r8 | r2 = r8;
0x0800030c mov r0, r6 | r0 = r6;
0x08000310 add r1, r7, 0x14 | r1 = r7 + 0x14;
0x08000314 stmdaeq r0, {r2, r7, r8, sb, ip} | __asm ("stmdaeq r0, {r2, r7, r8, sb, ip}");
0x08000318 subs r4, r0, 0 | r4 = r0 - 0;
0x0800031c bne 0x80002f4 |
| }
0x08000320 ldr r3, [r8, 0x1c] | r3 = *((r8 + 0x1c));
0x08000324 mov r0, r7 | r0 = r7;
0x08000328 str r3, [r5, 0xdc] | *((r5 + 0xdc)) = r3;
0x0800032c mov r1, r5 | r1 = r5;
0x08000330 bic r3, r3, 0x3f | r3 = BIT_MASK (r3, 0x3f);
0x08000334 ldr r2, [r8, 0x20] | r2 = *((r8 + 0x20));
0x08000338 add r3, r3, 0x40 | r3 += 0x40;
0x0800033c str r2, [r5, 0xe0] | *((r5 + 0xe0)) = r2;
0x08000340 ldr r2, [r8, 0x14] | r2 = *((r8 + 0x14));
0x08000344 str r2, [r5, 0xd4] | *((r5 + 0xd4)) = r2;
0x08000348 str r2, [r5, 0x80] | *((r5 + 0x80)) = r2;
0x0800034c stmdaeq r0, {r2, r3, r5, sb} | __asm ("stmdaeq r0, {r2, r3, r5, sb}");
0x08000350 stmdaeq r0, {r2, r3, r5, sb} | __asm ("stmdaeq r0, {r2, r3, r5, sb}");
0x08000354 ldr ip, [r8, 0x14] | ip = *((r8 + 0x14));
0x08000358 add ip, r3, ip, lsl 1 |
0x0800035c str ip, [r5, 0x68] | *((r5 + 0x68)) = ip;
0x08000360 ldr ip, [r8, 0x14] | ip = *((r8 + 0x14));
0x08000364 str r2, [r5, 0x200] | *((r5 + 0x200)) = r2;
0x08000368 stmdaeq r0, {r5, sb} | __asm ("stmdaeq r0, {r5, sb}");
0x0800036c stmdaeq r0, {r5, sb} | __asm ("stmdaeq r0, {r5, sb}");
0x08000370 str r2, [r5, 0x204] | *((r5 + 0x204)) = r2;
0x08000374 add r3, r3, ip, lsl 1 | r3 += (ip << 1);
0x08000378 stmdaeq r0, {r4, r5, r6} | __asm ("stmdaeq r0, {r4, r5, r6}");
0x0800037c stmdaeq r0, {r4, r5, r6} | __asm ("stmdaeq r0, {r4, r5, r6}");
0x08000380 str r3, [r5, 0xd8] | *((r5 + 0xd8)) = r3;
0x08000384 stmdaeq r0, {r2, r3, r6, r7, r8, sb} | __asm ("stmdaeq r0, {r2, r3, r6, r7, r8, sb}");
0x08000388 stmdaeq r0, {r2, r3, r6, r7, r8, sb} | __asm ("stmdaeq r0, {r2, r3, r6, r7, r8, sb}");
0x0800038c strd r2, r3, [r5, 0x40] | __asm ("strd r2, r3, [r5, 0x40]");
0x08000390 stmdaeq r0, {r2, r3, r4, r6, r7, sl} | __asm ("stmdaeq r0, {r2, r3, r4, r6, r7, sl}");
0x08000394 stmdaeq r0, {r2, r3, r4, r6, r7, sl} | __asm ("stmdaeq r0, {r2, r3, r4, r6, r7, sl}");
0x08000398 stmdaeq r0, {r2, r3, r5, r7} | __asm ("stmdaeq r0, {r2, r3, r5, r7}");
0x0800039c stmdaeq r0, {r2, r3, r5, r7} | __asm ("stmdaeq r0, {r2, r3, r5, r7}");
0x080003a0 str r2, [r5, 0x48] | *((r5 + 0x48)) = r2;
0x080003a4 str r3, [r5, 0x5c] | *((r5 + 0x5c)) = r3;
0x080003a8 stmdaeq r0, {r7, r8, sb, ip} | __asm ("stmdaeq r0, {r7, r8, sb, ip}");
0x080003ac stmdaeq r0, {r7, r8, sb, ip} | __asm ("stmdaeq r0, {r7, r8, sb, ip}");
0x080003b0 str r3, [r5] | *(r5) = r3;
0x080003b4 stmdaeq r0, {r3, r7, r8, sb, ip} | __asm ("stmdaeq r0, {r3, r7, r8, sb, ip}");
0x080003b8 subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 == r0) {
0x080003bc beq 0x8000280 | goto label_0;
| }
0x080003c0 b 0x80002f4 | goto label_1;
| label_2:
0x080003c4 mvn r4, 0xb | r4 = ~0xb;
0x080003c8 b 0x8000280 | goto label_0;
| }
[*] Function strcpy used 1 times cmac.ko
