[*] Binary protection state of hmac.ko
No RELRO No Canary found NX disabled REL No RPATH No RUNPATH Symbols
[*] Function strcpy tear down of hmac.ko
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/modules/5.10.52-axis8/kernel/crypto/hmac.ko @ 0x8000170 */
| #include <stdint.h>
|
| #define BIT_MASK(t,v) ((t)(-((v)!= 0)))&(((t)-1)>>((sizeof(t)*CHAR_BIT)-(v)))
|
; (fcn) sym.hmac_create () | void hmac_create (int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_ch;
| int32_t var_10h;
| r0 = arg1;
| r1 = arg2;
0x08000170 push {r4, r5, r6, r7, r8, sb, sl, lr} |
0x08000174 mov r7, r0 | r7 = r0;
0x08000178 mov r5, r1 | r5 = r1;
0x0800017c sub sp, sp, 0x10 |
0x08000180 mov r0, r1 | r0 = r1;
0x08000184 add r2, sp, 0xc | r2 += var_ch;
0x08000188 mov r1, 0xe | r1 = 0xe;
0x0800018c stmdaeq r0, {r3, r5, r6, sl, ip} | __asm ("stmdaeq r0, {r3, r5, r6, sl, ip}");
0x08000190 subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 != r0) {
0x08000194 beq 0x80001a4 |
| label_2:
0x08000198 mov r0, r4 | r0 = r4;
0x0800019c add sp, sp, 0x10 |
0x080001a0 pop {r4, r5, r6, r7, r8, sb, sl, pc} |
| }
0x080001a4 stmdaeq r0, {r2, r3, r5, r6, sl, ip} | __asm ("stmdaeq r0, {r2, r3, r5, r6, sl, ip}");
0x080001a8 stmdaeq r0, {r2, r3, r5, r6, sl, ip} | __asm ("stmdaeq r0, {r2, r3, r5, r6, sl, ip}");
0x080001ac mov r1, 0xdc0 | r1 = 0xdc0;
0x080001b0 ldr r0, [r3, 0x28] | r0 = *((r3 + 0x28));
0x080001b4 stmdaeq r0, {r4, r5, r6, sl, ip} | __asm ("stmdaeq r0, {r4, r5, r6, sl, ip}");
0x080001b8 subs r6, r0, 0 | r6 = r0 - 0;
| if (r6 == r0) {
0x080001bc beq 0x800032c | goto label_3;
| }
0x080001c0 ldr r0, [r5, 4] | r0 = *((r5 + 4));
0x080001c4 add r8, r6, 0xc0 | r8 = r6 + 0xc0;
0x080001c8 stmdaeq r0, {r2, r4, r5, r6, sl, ip} | __asm ("stmdaeq r0, {r2, r4, r5, r6, sl, ip}");
0x080001cc ldr r1, [sp, 0xc] | r1 = var_ch;
0x080001d0 mov r2, r0 | r2 = r0;
0x080001d4 mov r3, r4 | r3 = r4;
0x080001d8 str r1, [sp] | *(sp) = r1;
0x080001dc add r0, r6, 0x280 | r0 = r6 + 0x280;
0x080001e0 mov r1, r8 | r1 = r8;
0x080001e4 stmdaeq r0, {r3, r4, r5, r6, sl, ip} | __asm ("stmdaeq r0, {r3, r4, r5, r6, sl, ip}");
0x080001e8 subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 != r0) {
0x080001ec bne 0x8000230 | goto label_1;
| }
0x080001f0 ldr r5, [r6, 0x288] | r5 = *((r6 + 0x288));
0x080001f4 sub r0, r5, 0x80 | r0 = r5 - 0x80;
0x080001f8 stmdaeq r0, {r2, r3, r4, r5, r6, sl, ip} | __asm ("stmdaeq r0, {r2, r3, r4, r5, r6, sl, ip}");
0x080001fc cmp r0, 0 |
| if (r0 != 0) {
0x08000200 bne 0x8000244 | goto label_4;
| }
| label_0:
0x08000204 ldr r2, [r5, 0x14] | r2 = *((r5 + 0x14));
0x08000208 ldr sl, [r5, -0x40] | sl = *((r5 - 0x40));
0x0800020c ldr sb, [r5, -0x3c] | sb = *((r5 - 0x3c));
0x08000210 cmp sl, r2 |
| if (sl > r2) {
0x08000214 movls r3, 0 | r3 = 0;
| }
| if (sl <= r2) {
0x08000218 movhi r3, 1 | r3 = 1;
| }
0x0800021c cmp sb, r2 |
| if (sb >= r2) {
0x08000220 orrlo r3, r3, 1 | r3 |= 1;
| }
0x08000224 cmp r3, 0 |
| if (r3 == 0) {
0x08000228 beq 0x8000254 | goto label_5;
| }
| do {
0x0800022c mvn r4, 0x15 | r4 = ~0x15;
| label_1:
0x08000230 mov r0, r6 | r0 = r6;
0x08000234 stmdaeq r0, {r7, sl, ip} | __asm ("stmdaeq r0, {r7, sl, ip}");
0x08000238 mov r0, r4 | r0 = r4;
0x0800023c add sp, sp, 0x10 |
0x08000240 pop {r4, r5, r6, r7, r8, sb, sl, pc} |
| label_4:
0x08000244 ldr r3, [r5, 0x10] | r3 = *((r5 + 0x10));
0x08000248 tst r3, 0x4000 |
0x0800024c beq 0x800022c |
| } while ((r3 & 0x4000) == 0);
0x08000250 b 0x8000204 | goto label_0;
| label_5:
0x08000254 mov r0, r8 | r0 = r8;
0x08000258 mov r2, r5 | r2 = r5;
0x0800025c add r1, r7, 0x14 | r1 = r7 + 0x14;
0x08000260 stmdaeq r0, {r2, r7, sl, ip} | __asm ("stmdaeq r0, {r2, r7, sl, ip}");
0x08000264 subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 != r0) {
0x08000268 bne 0x8000230 | goto label_1;
| }
0x0800026c ldr r3, [r5, 0x20] | r3 = *((r5 + 0x20));
0x08000270 mov r0, r7 | r0 = r7;
0x08000274 str r3, [r6, 0xe0] | *((r6 + 0xe0)) = r3;
0x08000278 mov r1, r6 | r1 = r6;
0x0800027c stmdaeq r0, {r2, r4, r6, r8, sl} | __asm ("stmdaeq r0, {r2, r4, r6, r8, sl}");
0x08000280 stmdaeq r0, {r2, r4, r6, r8, sl} | __asm ("stmdaeq r0, {r2, r4, r6, r8, sl}");
0x08000284 ldr r3, [r5, 0x14] | r3 = *((r5 + 0x14));
0x08000288 str r3, [r6, 0xd4] | *((r6 + 0xd4)) = r3;
0x0800028c ldr r3, [r5, 0x1c] | r3 = *((r5 + 0x1c));
0x08000290 str r3, [r6, 0xdc] | *((r6 + 0xdc)) = r3;
0x08000294 add sb, sb, r3 | sb += r3;
0x08000298 str r2, [r6, 0x40] | *((r6 + 0x40)) = r2;
0x0800029c bic sb, sb, r3 | sb = BIT_MASK (sb, r3);
0x080002a0 str sl, [r6, 0x80] | *((r6 + 0x80)) = sl;
0x080002a4 str sb, [r6, 0x84] | *((r6 + 0x84)) = sb;
0x080002a8 stmdaeq r0, {r2, r3, r4, r6, r7} | __asm ("stmdaeq r0, {r2, r3, r4, r6, r7}");
0x080002ac stmdaeq r0, {r2, r3, r4, r6, r7} | __asm ("stmdaeq r0, {r2, r3, r4, r6, r7}");
0x080002b0 lsl r3, sb, 1 | r3 = sb << 1;
0x080002b4 add r3, r3, 0x3f | r3 += 0x3f;
0x080002b8 bic r3, r3, 0x3f | r3 = BIT_MASK (r3, 0x3f);
0x080002bc add r3, r3, 4 | r3 += 4;
0x080002c0 str r3, [r6, 0xd8] | *((r6 + 0xd8)) = r3;
0x080002c4 stmdaeq r0, {r4, r5, r6, r8, sl} | __asm ("stmdaeq r0, {r4, r5, r6, r8, sl}");
0x080002c8 stmdaeq r0, {r4, r5, r6, r8, sl} | __asm ("stmdaeq r0, {r4, r5, r6, r8, sl}");
0x080002cc strd r2, r3, [r6, 0x44] | __asm ("strd r2, r3, [r6, 0x44]");
0x080002d0 stmdaeq r0, {r2, r5, r6, r7} | __asm ("stmdaeq r0, {r2, r5, r6, r7}");
0x080002d4 stmdaeq r0, {r2, r5, r6, r7} | __asm ("stmdaeq r0, {r2, r5, r6, r7}");
0x080002d8 stmdaeq r0, {r4, r5, r6} | __asm ("stmdaeq r0, {r4, r5, r6}");
0x080002dc stmdaeq r0, {r4, r5, r6} | __asm ("stmdaeq r0, {r4, r5, r6}");
0x080002e0 str r2, [r6, 0x4c] | *((r6 + 0x4c)) = r2;
0x080002e4 str r3, [r6, 0x54] | *((r6 + 0x54)) = r3;
0x080002e8 stmdaeq r0, {r3, r4, r5, r6, r7, sl} | __asm ("stmdaeq r0, {r3, r4, r5, r6, r7, sl}");
0x080002ec stmdaeq r0, {r3, r4, r5, r6, r7, sl} | __asm ("stmdaeq r0, {r3, r4, r5, r6, r7, sl}");
0x080002f0 stmdaeq r0, {r2, r5, r6, r8, sb} | __asm ("stmdaeq r0, {r2, r5, r6, r8, sb}");
0x080002f4 stmdaeq r0, {r2, r5, r6, r8, sb} | __asm ("stmdaeq r0, {r2, r5, r6, r8, sb}");
0x080002f8 strd r2, r3, [r6, 0x58] | __asm ("strd r2, r3, [r6, 0x58]");
0x080002fc stmdaeq r0, {r3, r7} | __asm ("stmdaeq r0, {r3, r7}");
0x08000300 stmdaeq r0, {r3, r7} | __asm ("stmdaeq r0, {r3, r7}");
0x08000304 stmdaeq r0, {r2, r4, r5, r8, sb} | __asm ("stmdaeq r0, {r2, r4, r5, r8, sb}");
0x08000308 stmdaeq r0, {r2, r4, r5, r8, sb} | __asm ("stmdaeq r0, {r2, r4, r5, r8, sb}");
0x0800030c strd r2, r3, [r6, 0x60] | __asm ("strd r2, r3, [r6, 0x60]");
0x08000310 stmdaeq r0, {r7, sl, ip} | __asm ("stmdaeq r0, {r7, sl, ip}");
0x08000314 stmdaeq r0, {r7, sl, ip} | __asm ("stmdaeq r0, {r7, sl, ip}");
0x08000318 str r3, [r6] | *(r6) = r3;
0x0800031c stmdaeq r0, {r3, r7, sl, ip} | __asm ("stmdaeq r0, {r3, r7, sl, ip}");
0x08000320 subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 == r0) {
0x08000324 beq 0x8000198 | goto label_2;
| }
0x08000328 b 0x8000230 | goto label_1;
| label_3:
0x0800032c mvn r4, 0xb | r4 = ~0xb;
0x08000330 b 0x8000198 | goto label_2;
| }
[*] Function strcpy used 1 times hmac.ko