[*] Binary protection state of libdbus-glib-1.so.2.1.0
Full RELRO Canary found NX enabled DSO No RPATH No RUNPATH No Symbols
[*] Function strcpy tear down of libdbus-glib-1.so.2.1.0
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libdbus-glib-1.so.2.1.0 @ 0xf78c */
| #include <stdint.h>
|
; (fcn) sym.dbus_g_type_struct_get_member () | void dbus_g_type_struct_get_member (int16_t arg1, int16_t arg2, int16_t arg3) {
| r0 = arg1;
| r1 = arg2;
| r2 = arg3;
0x0000f78c invalid |
0x0000f790 push.w {r4, r5, r6, r7, r8, lr} |
0x0000f794 add ip, pc |
0x0000f796 ldr.w r3, [ip, 4] | r3 = *((ip + 4));
| if (r3 == 0) {
0x0000f79a cbz r3, 0xf7fa | goto label_1;
| }
0x0000f79c mov r4, r0 | r4 = r0;
| if (r0 != 0) {
0x0000f79e cbz r0, 0xf7b2 |
0x0000f7a0 ldr r7, [r0] | r7 = *(r0);
0x0000f7a2 mov r5, r1 | r5 = r1;
0x0000f7a4 mov r6, r2 | r6 = r2;
0x0000f7a6 cmp r7, 0x48 |
| if (r7 == 0x48) {
0x0000f7a8 beq 0xf7ca | goto label_2;
| }
0x0000f7aa movs r1, 0x48 | r1 = 0x48;
0x0000f7ac blx 0x5d8c | r0 = g_string_append_printf ();
| if (r0 != 0) {
0x0000f7b0 cbnz r0, 0xf7ca | goto label_2;
| }
| }
0x0000f7b2 ldr r1, [pc, 0x8c] |
0x0000f7b4 movs r0, 0 | r0 = 0;
0x0000f7b6 ldr r2, [pc, 0x8c] |
0x0000f7b8 add r1, pc |
0x0000f7ba add r2, pc | r2 = 0x1f004;
0x0000f7bc add.w r1, r1, 0x274 | r1 = 0x1f272;
0x0000f7c0 blx 0x5878 | fcn_00005878 ();
| label_0:
0x0000f7c4 movs r0, 0 | r0 = 0;
0x0000f7c6 pop.w {r4, r5, r6, r7, r8, pc} |
| label_2:
0x0000f7ca ldr.w r8, [pc, 0x7c] | r8 = *(0x0000f848);
0x0000f7ce add r8, pc | r8 += pc;
0x0000f7d0 ldr.w r1, [r8] | r1 = *(r8);
| if (r1 == 0) {
0x0000f7d4 cbz r1, 0xf812 | goto label_3;
| }
0x0000f7d6 mov r0, r7 | r0 = r7;
0x0000f7d8 blx 0x54e8 | r0 = fcn_000054e8 ();
| if (r0 == 0) {
0x0000f7dc cbz r0, 0xf82a | goto label_4;
| }
| do {
0x0000f7de ldr r3, [r0, 8] | r3 = *((r0 + 8));
0x0000f7e0 mov r0, r4 | r0 = r4;
0x0000f7e2 ldr r3, [r3, 4] | r3 = *((r3 + 4));
0x0000f7e4 ldr r4, [r3, 0x18] | r4 = *((r3 + 0x18));
0x0000f7e6 blx 0x5ea8 | fcn_00005ea8 ();
0x0000f7ea mov r3, r6 | r3 = r6;
0x0000f7ec mov r1, r0 | r1 = r0;
0x0000f7ee mov r2, r5 | r2 = r5;
0x0000f7f0 mov r0, r7 | r0 = r7;
0x0000f7f2 mov ip, r4 |
0x0000f7f4 pop.w {r4, r5, r6, r7, r8, lr} |
0x0000f7f8 bx ip | return void (*ip)() ();
| label_1:
0x0000f7fa ldr r1, [pc, 0x50] |
0x0000f7fc mov r0, r3 | r0 = r3;
0x0000f7fe ldr r2, [pc, 0x50] |
0x0000f800 add r1, pc |
0x0000f802 add r2, pc | r2 = 0x1f058;
0x0000f804 add.w r1, r1, 0x274 | r1 = 0x1f2c6;
0x0000f808 blx 0x5878 | fcn_00005878 ();
0x0000f80c movs r0, 0 | r0 = 0;
0x0000f80e pop.w {r4, r5, r6, r7, r8, pc} |
| label_3:
0x0000f812 ldr r0, [pc, 0x40] |
0x0000f814 add r0, pc | r0 = 0x1f06e;
0x0000f816 blx 0x59b0 | r0 = fcn_000059b0 ();
0x0000f81a mov r1, r0 | r1 = r0;
0x0000f81c str.w r0, [r8] | __asm ("str.w r0, [r8]");
0x0000f820 mov r0, r7 | r0 = r7;
0x0000f822 blx 0x54e8 | r0 = fcn_000054e8 ();
0x0000f826 cmp r0, 0 |
0x0000f828 bne 0xf7de |
| } while (r0 != 0);
| label_4:
0x0000f82a ldr r1, [pc, 0x2c] |
0x0000f82c ldr r2, [pc, 0x2c] |
0x0000f82e add r1, pc |
0x0000f830 add r2, pc | r2 = 0x1f090;
0x0000f832 add.w r1, r1, 0x274 | r1 = 0x1f300;
0x0000f836 blx 0x5878 | fcn_00005878 ();
0x0000f83a b 0xf7c4 | goto label_0;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libdbus-glib-1.so.2.1.0 @ 0xf934 */
| #include <stdint.h>
|
| #define BIT_MASK(t,v) ((t)(-((v)!= 0)))&(((t)-1)>>((sizeof(t)*CHAR_BIT)-(v)))
|
; (fcn) sym.dbus_g_type_struct_get () | void dbus_g_type_struct_get (int16_t arg1) {
| int16_t var_0h_2;
| int16_t var_ch;
| int16_t var_10h;
| int32_t var_10h_2;
| int32_t var_18h;
| int32_t var_18h_2;
| int32_t var_20h;
| int32_t var_20h_2;
| int16_t var_28h;
| int16_t var_8h;
| int16_t var_6ch;
| int16_t var_8ch;
| int16_t var_90h;
| r0 = arg1;
0x0000f934 push {r1, r2, r3} |
0x0000f936 movs r3, 0 | r3 = 0;
0x0000f938 ldr r1, [pc, 0x188] |
0x0000f93a ldr r2, [pc, 0x18c] | r2 = *(0xfaca);
0x0000f93c add r1, pc | r1 = 0x1f404;
0x0000f93e push.w {r4, r5, r6, r7, r8, sb, lr} |
0x0000f942 mov r6, r0 | r6 = r0;
0x0000f944 sub sp, 0x70 |
0x0000f946 ldr r2, [r1, r2] |
0x0000f948 ldr r0, [r0] | r0 = *(r0);
0x0000f94a ldr.w r8, [sp, 0x8c] | r8 = var_8ch;
0x0000f94e ldr r2, [r2] | r2 = *(0x1f404);
0x0000f950 str r2, [sp, 0x6c] | var_6ch = r2;
0x0000f952 mov.w r2, 0 | r2 = 0;
0x0000f956 strd r3, r3, [sp, 0x10] | __asm ("strd r3, r3, [var_10h]");
0x0000f95a strd r3, r3, [sp, 0x18] | __asm ("strd r3, r3, [var_18h]");
0x0000f95e strd r3, r3, [sp, 0x20] | __asm ("strd r3, r3, [var_20h]");
0x0000f962 blx 0x5bd4 | r0 = fcn_00005bd4 ();
| if (r0 == 0) {
0x0000f966 cbnz r0, 0xf99c |
0x0000f968 ldr r1, [pc, 0x160] |
0x0000f96a mov r5, r0 | r5 = r0;
0x0000f96c ldr r2, [pc, 0x160] |
0x0000f96e add r1, pc |
0x0000f970 add r2, pc | r2 = 0x1f444;
0x0000f972 add.w r1, r1, 0x2b4 | r1 = 0x1f6f2;
0x0000f976 blx 0x5878 | fcn_00005878 ();
| label_1:
0x0000f97a ldr r2, [pc, 0x158] |
0x0000f97c ldr r3, [pc, 0x148] | r3 = *(0xfac8);
0x0000f97e add r2, pc | r2 = 0x1f458;
0x0000f980 ldr r3, [r2, r3] | r3 = *(0x1f458);
0x0000f982 ldr r2, [r3] | r2 = *(0x1f458);
0x0000f984 ldr r3, [sp, 0x6c] | r3 = var_6ch;
0x0000f986 eors r2, r3 | r2 ^= r3;
0x0000f988 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x0000f98c bne.w 0xfabe | goto label_4;
| }
0x0000f990 mov r0, r5 | r0 = r5;
0x0000f992 add sp, 0x70 |
0x0000f994 pop.w {r4, r5, r6, r7, r8, sb, lr} |
0x0000f998 add sp, 0xc |
0x0000f99a bx lr | return;
| }
0x0000f99c add r3, sp, 0x90 | r3 += var_90h;
0x0000f99e ldr r0, [r6] | r0 = *(r6);
0x0000f9a0 str r3, [sp, 0xc] | var_ch = r3;
0x0000f9a2 blx 0x57ac | fcn_000057ac ();
0x0000f9a6 cmp.w r8, -1 |
0x0000f9aa mov r7, r0 | r7 = r0;
| if (r8 == -1) {
0x0000f9ac beq 0xfa7c | goto label_5;
| }
0x0000f9ae cmp r0, r8 |
| if (r0 < r8) {
0x0000f9b0 bls 0xfa54 | goto label_6;
| }
0x0000f9b2 add r4, sp, 0x10 | r4 += var_10h;
0x0000f9b4 add r5, sp, 0x28 | r5 += var_28h;
| label_0:
0x0000f9b6 mov r1, r8 | r1 = r8;
0x0000f9b8 ldr r0, [r6] | r0 = *(r6);
0x0000f9ba blx 0x5b18 | r0 = fcn_00005b18 ();
0x0000f9be mov r1, r0 | r1 = r0;
0x0000f9c0 mov r0, r4 | r0 = r4;
0x0000f9c2 blx 0x630c | fcn_0000630c ();
0x0000f9c6 mov r1, r8 | r1 = r8;
0x0000f9c8 mov r2, r4 | r2 = r4;
0x0000f9ca mov r0, r6 | r0 = r6;
0x0000f9cc blx 0x58c8 | fcn_000058c8 ();
0x0000f9d0 ldr r0, [sp, 0x10] | r0 = var_10h;
0x0000f9d2 blx 0x5374 | fcn_00005374 ();
0x0000f9d6 ldr.w sb, [r0, 0x18] | sb = *((r0 + 0x18));
0x0000f9da mov r8, r0 | r8 = r0;
0x0000f9dc movs r2, 0x40 | r2 = 0x40;
0x0000f9de movs r1, 0 | r1 = 0;
0x0000f9e0 mov r0, r5 | r0 = r5;
0x0000f9e2 blx 0x5db4 | fcn_00005db4 ();
0x0000f9e6 ldrb.w r3, [sb] | r3 = *(sb);
0x0000f9ea cmp r3, 0 |
| if (r3 == 0) {
0x0000f9ec beq 0xfa78 | goto label_7;
| }
0x0000f9ee ldr r2, [sp, 0xc] | r2 = var_ch;
0x0000f9f0 mov r0, sb | r0 = sb;
0x0000f9f2 mov ip, r5 |
0x0000f9f4 rsb.w lr, sb, 1 | lr = 1 - sb;
| do {
0x0000f9f8 subs r3, 0x64 | r3 -= 0x64;
0x0000f9fa add.w r1, lr, r0 | r1 = lr + r0;
0x0000f9fe cmp r3, 0xd |
| if (r3 > 0xd) {
0x0000fa00 bhi 0xfaa6 | goto label_8;
| }
| /* switch table (14 cases) at 0xfa06 */
0x0000fa02 tbb [pc, r3] | __asm ("tbb [0x0000fa08]");
0x0000fa14 ldr r3, [r2], 4 | r3 = *(r2);
| r2 += 4;
0x0000fa18 str.w r3, [ip] | __asm ("str.w r3, [ip]");
| label_2:
0x0000fa1c ldrb r3, [r0, 1]! | r3 = *((r0 += 1));
0x0000fa20 add.w ip, ip, 8 |
0x0000fa24 cmp r3, 0 |
0x0000fa26 bne 0xf9f8 |
| } while (r3 != 0);
0x0000fa28 str r2, [sp, 0xc] | var_ch = r2;
| label_3:
0x0000fa2a ldr.w r8, [r8, 0x1c] | r8 = *((r8 + 0x1c));
0x0000fa2e movs r3, 0 | r3 = 0;
0x0000fa30 mov r2, r5 | r2 = r5;
0x0000fa32 mov r0, r4 | r0 = r4;
0x0000fa34 blx r8 | r0 = uint32_t (*r8)(uint32_t, uint32_t, uint32_t) (r0, r2, r3);
0x0000fa36 mov r8, r0 | r8 = r0;
| if (r0 != 0) {
0x0000fa38 cbnz r0, 0xfa80 | goto label_9;
| }
0x0000fa3a mov r0, r4 | r0 = r4;
0x0000fa3c blx 0x5564 | g_value_array_free ();
0x0000fa40 ldr r3, [sp, 0xc] | r3 = var_ch;
0x0000fa42 ldr.w r8, [r3] | r8 = *(r3);
0x0000fa46 adds r3, 4 | r3 += 4;
0x0000fa48 str r3, [sp, 0xc] | var_ch = r3;
0x0000fa4a cmp.w r8, -1 |
| if (r8 == -1) {
0x0000fa4e beq 0xfa7c | goto label_5;
| }
0x0000fa50 cmp r7, r8 |
| if (r7 > r8) {
0x0000fa52 bhi 0xf9b6 | goto label_0;
| }
| label_6:
0x0000fa54 movs r5, 0 | r5 = 0;
0x0000fa56 b 0xf97a | goto label_1;
0x0000fa58 adds r2, 7 | r2 += 7;
0x0000fa5a bic r2, r2, 7 | r2 = BIT_MASK (r2, 7);
0x0000fa5e vldmia r2!, {d16} | __asm ("vldmia r2!, {d16}");
0x0000fa62 vstr d16, [ip] | __asm ("vstr d16, [ip]");
0x0000fa66 b 0xfa1c | goto label_2;
0x0000fa68 adds r2, 7 | r2 += 7;
0x0000fa6a bic r2, r2, 7 | r2 = BIT_MASK (r2, 7);
0x0000fa6e vldmia r2!, {d16} | __asm ("vldmia r2!, {d16}");
0x0000fa72 vstr d16, [ip] | __asm ("vstr d16, [ip]");
0x0000fa76 b 0xfa1c | goto label_2;
| label_7:
0x0000fa78 mov r1, r3 | r1 = r3;
0x0000fa7a b 0xfa2a | goto label_3;
| label_5:
0x0000fa7c movs r5, 1 | r5 = 1;
0x0000fa7e b 0xf97a | goto label_1;
| label_9:
0x0000fa80 ldr r3, [pc, 0x54] |
0x0000fa82 movs r1, 0x10 | r1 = 0x10;
0x0000fa84 ldr r2, [pc, 0x54] |
0x0000fa86 movs r5, 0 | r5 = 0;
0x0000fa88 str r0, [sp] | *(sp) = r0;
0x0000fa8a movs r0, 0 | r0 = 0;
0x0000fa8c add r3, pc |
0x0000fa8e add r2, pc | r2 = 0x1f56e;
0x0000fa90 add.w r3, r3, 0x2b4 | r3 = 0x1f81c;
0x0000fa94 blx 0x5e68 | fcn_00005e68 ();
0x0000fa98 mov r0, r8 | r0 = r8;
0x0000fa9a blx 0x5498 | g_value_get_ulong ();
0x0000fa9e mov r0, r4 | r0 = r4;
0x0000faa0 blx 0x5564 | g_value_array_free ();
0x0000faa4 b 0xf97a | goto label_1;
| label_8:
0x0000faa6 ldr r3, [pc, 0x38] |
0x0000faa8 movs r0, 0 | r0 = 0;
0x0000faaa ldr r1, [pc, 0x38] |
0x0000faac movw r2, 0x3d2 | r2 = 0x3d2;
0x0000fab0 str r0, [sp] | *(sp) = r0;
0x0000fab2 add r3, pc |
0x0000fab4 add r1, pc | r1 = 0x1f59e;
0x0000fab6 add.w r3, r3, 0x2b4 | r3 = 0x1f84c;
0x0000faba blx 0x5850 | fcn_00005850 ();
| label_4:
0x0000fabe blx 0x572c | dbus_message_get_signature ();
0x0000fac2 nop |
0x0000fac4 str r4, [r6, r3] | *((r6 + r3)) = r4;
0x0000fac6 movs r1, r0 | r1 = r0;
0x0000fac8 lsls r4, r5, 0x15 | r4 = r5 << 0x15;
0x0000faca movs r0, r0 |
0x0000facc subs r5, 0xfe | r5 -= 0xfe;
0x0000face movs r0, r0 |
0x0000fad0 subs r5, 0xc0 | r5 -= 0xc0;
0x0000fad2 movs r0, r0 |
0x0000fad4 str r2, [r6, r2] | *((r6 + r2)) = r2;
0x0000fad6 movs r1, r0 | r1 = r0;
0x0000fad8 subs r4, 0xe0 | r4 -= 0xe0;
0x0000fada movs r0, r0 |
0x0000fadc subs r4, 0xd2 | r4 -= 0xd2;
0x0000fade movs r0, r0 |
0x0000fae0 subs r4, 0xba | r4 -= 0xba;
0x0000fae2 movs r0, r0 |
0x0000fae4 subs r2, 0xa0 | r2 -= 0xa0;
0x0000fae6 movs r0, r0 |
| }
[*] Function strcpy used 1 times libdbus-glib-1.so.2.1.0
