[*] Binary protection state of libosdp.so.2.0
Full RELRO Canary found NX enabled DSO No RPATH No RUNPATH No Symbols
[*] Function strcpy tear down of libosdp.so.2.0
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libosdp.so.2.0 @ 0x6b6c */
| #include <stdint.h>
|
; (fcn) sym.osdp_dev_int_release_device () | void osdp_dev_int_release_device (int16_t arg1) {
| r0 = arg1;
0x00006b6c invalid |
0x00006b70 ldr r2, [pc, 0xf8] |
0x00006b72 movs r1, 0x40 | r1 = 0x40;
0x00006b74 movs r5, 0 | r5 = 0;
0x00006b76 ldr r0, [pc, 0xf8] |
0x00006b78 add r2, pc | r2 = 0xd7e8;
0x00006b7a ldr r6, [pc, 0xf8] |
0x00006b7c add r0, pc | r0 = 0xd7f2;
0x00006b7e blx 0x56d4 | fcn_000056d4 ();
0x00006b82 ldr r0, [r4, 4] | r0 = *((r4 + 4));
0x00006b84 add r6, pc | r6 = 0xd7fe;
0x00006b86 str r5, [r4, 0x18] | *((r4 + 0x18)) = r5;
0x00006b88 blx 0x4f24 | fcn_00004f24 ();
0x00006b8c ldr r3, [r4] | r3 = *(r4);
0x00006b8e cmp r3, 0 |
0x00006b90 bne 0x6c5a |
| while (1) {
0x00006b92 ldr r0, [r4, 4] | r0 = *((r4 + 4));
0x00006b94 blx 0x4fd8 | fcn_00004fd8 ();
0x00006b98 ldr r0, [r4, 0x3c] | r0 = *((r4 + 0x3c));
0x00006b9a blx 0x5600 | fcn_00005600 ();
0x00006b9e ldr r0, [r4, 0x2c] | r0 = *((r4 + 0x2c));
0x00006ba0 movs r3, 0 | r3 = 0;
0x00006ba2 str r3, [r4, 0x2c] | *((r4 + 0x2c)) = r3;
| if (r0 != 0) {
0x00006ba4 cbz r0, 0x6baa |
0x00006ba6 blx 0x5024 | fcn_00005024 ();
| }
0x00006baa ldr r0, [r4, 0x30] | r0 = *((r4 + 0x30));
0x00006bac movs r3, 0 | r3 = 0;
0x00006bae str r3, [r4, 0x30] | *((r4 + 0x30)) = r3;
| if (r0 != 0) {
0x00006bb0 cbz r0, 0x6bb6 |
0x00006bb2 blx 0x5024 | fcn_00005024 ();
| }
0x00006bb6 ldr r3, [pc, 0xc0] | r3 = *(0x6c7a);
0x00006bb8 movs r5, 0 | r5 = 0;
0x00006bba str r5, [r4, 0x28] | *((r4 + 0x28)) = r5;
0x00006bbc str r5, [r4, 0x2c] | *((r4 + 0x2c)) = r5;
0x00006bbe str r5, [r4, 0x30] | *((r4 + 0x30)) = r5;
0x00006bc0 str r5, [r4, 0x34] | *((r4 + 0x34)) = r5;
0x00006bc2 str r5, [r4, 0x38] | *((r4 + 0x38)) = r5;
0x00006bc4 ldr r6, [r6, r3] | r6 = *((r6 + r3));
0x00006bc6 ldr r0, [r4, 0x5c] | r0 = *((r4 + 0x5c));
0x00006bc8 mov r1, r6 | r1 = r6;
0x00006bca blx 0x4dc4 | fcn_00004dc4 ();
0x00006bce mov r1, r6 | r1 = r6;
0x00006bd0 ldr r0, [r4, 0x60] | r0 = *((r4 + 0x60));
0x00006bd2 str r5, [r4, 0x5c] | *((r4 + 0x5c)) = r5;
0x00006bd4 blx 0x4dc4 | fcn_00004dc4 ();
0x00006bd8 ldr r0, [r4, 8] | r0 = *((r4 + 8));
0x00006bda str r5, [r4, 0x60] | *((r4 + 0x60)) = r5;
0x00006bdc blx 0x5154 | fcn_00005154 ();
0x00006be0 ldr r0, [r4, 0xc] | r0 = *((r4 + 0xc));
0x00006be2 blx 0x5154 | fcn_00005154 ();
0x00006be6 ldr r0, [r4, 8] | r0 = *((r4 + 8));
0x00006be8 blx 0x4aec | fcn_00004aec ();
0x00006bec ldr r0, [r4, 0xc] | r0 = *((r4 + 0xc));
0x00006bee blx 0x4aec | fcn_00004aec ();
0x00006bf2 ldr r0, [r4, 0x48] | r0 = *((r4 + 0x48));
0x00006bf4 str r5, [r4, 0x48] | *((r4 + 0x48)) = r5;
| if (r0 != 0) {
0x00006bf6 cbz r0, 0x6bfc |
0x00006bf8 blx 0x566c | fcn_0000566c ();
| }
0x00006bfc ldr r0, [r4, 0x50] | r0 = *((r4 + 0x50));
0x00006bfe movs r3, 0 | r3 = 0;
0x00006c00 str r3, [r4, 0x50] | *((r4 + 0x50)) = r3;
| if (r0 != 0) {
0x00006c02 cbz r0, 0x6c08 |
0x00006c04 blx 0x523c | fcn_0000523c ();
| }
0x00006c08 ldr r0, [r4, 0x54] | r0 = *((r4 + 0x54));
0x00006c0a movs r3, 0 | r3 = 0;
0x00006c0c str r3, [r4, 0x54] | *((r4 + 0x54)) = r3;
| if (r0 != 0) {
0x00006c0e cbz r0, 0x6c14 |
0x00006c10 blx 0x53c8 | fcn_000053c8 ();
| }
0x00006c14 ldr r0, [r4, 0x58] | r0 = *((r4 + 0x58));
0x00006c16 movs r3, 0 | r3 = 0;
0x00006c18 str r3, [r4, 0x58] | *((r4 + 0x58)) = r3;
| if (r0 != 0) {
0x00006c1a cbz r0, 0x6c20 |
0x00006c1c blx 0x4e48 | fcn_00004e48 ();
| }
0x00006c20 ldr r0, [r4, 0x4c] | r0 = *((r4 + 0x4c));
0x00006c22 movs r3, 0 | r3 = 0;
0x00006c24 str r3, [r4, 0x4c] | *((r4 + 0x4c)) = r3;
| if (r0 != 0) {
0x00006c26 cbz r0, 0x6c2c |
0x00006c28 blx 0x5290 | fcn_00005290 ();
| }
0x00006c2c ldr r0, [r4, 0x44] | r0 = *((r4 + 0x44));
0x00006c2e movs r3, 0 | r3 = 0;
0x00006c30 str r3, [r4, 0x44] | *((r4 + 0x44)) = r3;
| if (r0 != 0) {
0x00006c32 cbz r0, 0x6c38 |
0x00006c34 blx 0x5578 | fcn_00005578 ();
| }
0x00006c38 ldr r0, [r4, 0x40] | r0 = *((r4 + 0x40));
0x00006c3a movs r3, 0 | r3 = 0;
0x00006c3c str r3, [r4, 0x40] | *((r4 + 0x40)) = r3;
| if (r0 != 0) {
0x00006c3e cbz r0, 0x6c44 |
0x00006c40 blx 0x4adc | fcn_00004adc ();
| }
0x00006c44 ldr r0, [r4, 0x3c] | r0 = *((r4 + 0x3c));
0x00006c46 movs r3, 0 | r3 = 0;
0x00006c48 str r3, [r4, 0x3c] | *((r4 + 0x3c)) = r3;
| if (r0 != 0) {
0x00006c4a cbz r0, 0x6c50 |
0x00006c4c blx 0x4b38 | fcn_00004b38 ();
| }
0x00006c50 mov r0, r4 | r0 = r4;
0x00006c52 pop.w {r4, r5, r6, lr} |
0x00006c56 b.w 0x4ae8 | void (*0x4ae8)() ();
0x00006c5a ldr r0, [r4, 8] | r0 = *((r4 + 8));
0x00006c5c blx 0x50b0 | fcn_000050b0 ();
0x00006c60 ldr r0, [r4] | r0 = *(r4);
0x00006c62 mov r1, r5 | r1 = r5;
0x00006c64 blx 0x4b08 | fcn_00004b08 ();
0x00006c68 str r5, [r4] | *(r4) = r5;
0x00006c6a b 0x6b92 |
| }
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libosdp.so.2.0 @ 0xd9d4 */
| #include <stdint.h>
|
; (fcn) sym.osdp_fdbk_mgr_set_custom_feedback () | void osdp_fdbk_mgr_set_custom_feedback (int16_t arg1) {
| r0 = arg1;
0x0000d9d4 push {r3, r4, r5, lr} |
0x0000d9d6 mov r5, r0 | r5 = r0;
0x0000d9d8 ldr r0, [r0] | r0 = *(r0);
0x0000d9da blx 0x53b0 | r0 = fcn_000053b0 ();
0x0000d9de mov r4, r0 | r4 = r0;
| if (r0 != 0) {
0x0000d9e0 cbz r0, 0xda04 |
0x0000d9e2 ldr r0, [r0, 4] | r0 = *((r0 + 4));
| if (r0 != 0) {
0x0000d9e4 cbz r0, 0xd9f2 |
0x0000d9e6 blx 0x4f9c | r0 = fcn_00004f9c ();
0x0000d9ea mov r1, r0 | r1 = r0;
0x0000d9ec ldr r0, [r5, 4] | r0 = *((r5 + 4));
0x0000d9ee blx 0x52d0 | fcn_000052d0 ();
| }
0x0000d9f2 ldr r0, [r4] | r0 = *(r4);
| if (r0 == 0) {
0x0000d9f4 cbz r0, 0xda06 | goto label_0;
| }
0x0000d9f6 blx 0x4f9c | r0 = fcn_00004f9c ();
0x0000d9fa mov r1, r0 | r1 = r0;
0x0000d9fc ldr r0, [r5, 4] | r0 = *((r5 + 4));
0x0000d9fe blx 0x52d0 | fcn_000052d0 ();
0x0000da02 movs r0, 1 | r0 = 1;
| }
0x0000da04 pop {r3, r4, r5, pc} |
| label_0:
0x0000da06 movs r0, 1 | r0 = 1;
0x0000da08 pop {r3, r4, r5, pc} |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libosdp.so.2.0 @ 0x9354 */
| #include <stdint.h>
|
; (fcn) sym.osdp_finalize_message () | void osdp_finalize_message (int16_t arg_1h, int16_t arg_50h, uint32_t arg1, int16_t arg2, int16_t arg3, int16_t arg4) {
| int16_t var_0h;
| int16_t var_ch;
| int16_t var_10h;
| int16_t var_14h;
| int16_t var_24h;
| r0 = arg1;
| r1 = arg2;
| r2 = arg3;
| r3 = arg4;
0x00009354 svcmi 0xf0e92d | __asm ("svcmi aav.0x000000ff");
0x00009358 mov r7, r2 | r7 = r2;
0x0000935a ldr r2, [pc, 0x304] |
0x0000935c mov sb, r3 | sb = r3;
0x0000935e sub sp, 0x2c |
0x00009360 ldr r3, [pc, 0x300] | r3 = *(0x9664);
0x00009362 add r2, pc | r2 = 0x129c8;
0x00009364 ldr.w sl, [sp, 0x50] | sl = *(arg_50h);
0x00009368 ldr r3, [r2, r3] |
0x0000936a ldr r3, [r3] | r3 = *(0x129c8);
0x0000936c str r3, [sp, 0x24] | var_24h = r3;
0x0000936e mov.w r3, 0 | r3 = 0;
0x00009372 cmp r0, 0 |
| if (arg_50h == ) {
0x00009374 beq.w 0x9584 | goto label_6;
| }
0x00009378 ldrh r5, [r0, 4] | r5 = *((r0 + 4));
0x0000937a mov r4, r0 | r4 = r0;
0x0000937c cmp r5, 0xe |
| if (r5 < 0xe) {
0x0000937e bls.w 0x94a8 | goto label_7;
| }
0x00009382 mov r8, r1 | r8 = r1;
0x00009384 blx 0x5584 | r0 = fcn_00005584 ();
0x00009388 mov r6, r0 | r6 = r0;
0x0000938a cmp.w sl, 0 |
| if (sl == 0) {
0x0000938e beq 0x93ba | goto label_8;
| }
0x00009390 mov r0, sl | r0 = sl;
0x00009392 blx 0x5324 | r0 = fcn_00005324 ();
0x00009396 cbz r0, 0x93ba |
| while (r3 < 1) {
0x00009398 ldrh r3, [r4, 4] | r3 = *((r4 + 4));
0x0000939a cmp r3, 0xe |
| if (r3 > 0xe) {
0x0000939c bhi.w 0x94c2 | goto label_9;
| }
0x000093a0 ldr r3, [pc, 0x2c4] |
0x000093a2 movs r2, 0x96 | r2 = 0x96;
0x000093a4 ldr r4, [pc, 0x2c4] |
0x000093a6 ldr r1, [pc, 0x2c8] |
0x000093a8 ldr r0, [pc, 0x2c8] |
0x000093aa add r3, pc | r3 = 0x12a16;
0x000093ac add r4, pc | r4 = 0x12a1c;
0x000093ae adds r3, 0x48 | r3 += 0x48;
0x000093b0 add r1, pc | r1 = 0x12a26;
0x000093b2 str r4, [sp] | *(sp) = r4;
0x000093b4 add r0, pc | r0 = 0x12a2c;
0x000093b6 blx 0x4e9c | g_list_length ();
| label_8:
0x000093ba ldrb r3, [r6] | r3 = *(r6);
0x000093bc subs r3, 0x76 | r3 -= 0x76;
0x000093be cmp r3, 1 |
0x000093c0 bls 0x9398 |
| }
0x000093c2 ldrh r3, [r4, 4] | r3 = *((r4 + 4));
0x000093c4 ldrb.w ip, [r4, 0x24] | ip = *((r4 + 0x24));
0x000093c8 subs r3, 3 | r3 -= 3;
0x000093ca strh r3, [r4, 4] | *((r4 + 4)) = r3;
| label_5:
0x000093cc ldrb.w r3, [r6, ip] | r3 = *((r6 + ip));
0x000093d0 add r6, ip | r6 += ip;
0x000093d2 subs r3, 0x76 | r3 -= 0x76;
0x000093d4 cmp r3, 1 |
| if (r3 < 1) {
0x000093d6 bls.w 0x952a | goto label_10;
| }
| do {
| label_2:
0x000093da ldr r2, [r4, 0x20] | r2 = *((r4 + 0x20));
| label_1:
0x000093dc subs r5, 0xf | r5 -= 0xf;
0x000093de ands r5, r5, 0xff | r5 &= 0xff;
0x000093e2 ite ne |
| if (r5 == r5) {
0x000093e4 movne r3, 1 | r3 = 1;
| }
| if (r5 != r5) {
0x000093e6 moveq r3, 0 | r3 = 0;
| }
0x000093e8 cmp r2, 0 |
0x000093ea ite eq |
| if (r2 != 0) {
0x000093ec moveq r3, 0 | r3 = 0;
| }
| if (r2 == 0) {
0x000093ee andne r3, r3, 1 | r3 &= 1;
| }
0x000093f2 cmp r3, 0 |
| if (r3 != 0) {
0x000093f4 bne.w 0x959e | goto label_11;
| }
| if (r7 == 0) {
| label_0:
0x000093f8 cbnz r7, 0x9400 |
0x000093fa ldrh r3, [r4, 4] | r3 = *((r4 + 4));
0x000093fc subs r3, 1 | r3--;
0x000093fe strh r3, [r4, 4] | *((r4 + 4)) = r3;
| }
0x00009400 ldr r3, [r4, 0x2c] | r3 = *((r4 + 0x2c));
| if (r3 == 0) {
0x00009402 cbnz r3, 0x940a |
0x00009404 ldrh r3, [r4, 4] | r3 = *((r4 + 4));
0x00009406 subs r3, 4 | r3 -= 4;
0x00009408 strh r3, [r4, 4] | *((r4 + 4)) = r3;
| }
0x0000940a ldr r3, [r4] | r3 = *(r4);
0x0000940c movs r2, 0x53 | r2 = 0x53;
0x0000940e strb r2, [r3] | *(r3) = r2;
0x00009410 ldr r3, [r4] | r3 = *(r4);
0x00009412 strb.w r8, [r3, 1] | *((r3 + 1)) = r8;
0x00009416 ldr r3, [r4] | r3 = *(r4);
0x00009418 ldrh r2, [r4, 4] | r2 = *((r4 + 4));
0x0000941a strb r2, [r3, 2] | *((r3 + 2)) = r2;
0x0000941c ldrh r3, [r4, 4] | r3 = *((r4 + 4));
0x0000941e ldr r2, [r4] | r2 = *(r4);
0x00009420 lsrs r3, r3, 8 | r3 >>= 8;
0x00009422 strb r3, [r2, 3] | *((r2 + 3)) = r3;
0x00009424 ldr r3, [r4] | r3 = *(r4);
0x00009426 strb.w sb, [r3, 4] | *((r3 + 4)) = sb;
0x0000942a ldr r3, [r4, 0x20] | r3 = *((r4 + 0x20));
| if (r3 != 0) {
0x0000942c cbz r3, 0x9438 |
0x0000942e ldr r2, [r4] | r2 = *(r4);
0x00009430 ldrb r3, [r2, 4] | r3 = *((r2 + 4));
0x00009432 orr r3, r3, 8 | r3 |= 8;
0x00009436 strb r3, [r2, 4] | *((r2 + 4)) = r3;
| }
0x00009438 ldr r0, [r4] | r0 = *(r4);
0x0000943a cmp r7, 0 |
| if (r7 == 0) {
0x0000943c beq.w 0x954e | goto label_12;
| }
0x00009440 ldrb r3, [r0, 4] | r3 = *((r0 + 4));
0x00009442 orr r3, r3, 4 | r3 |= 4;
0x00009446 strb r3, [r0, 4] | *((r0 + 4)) = r3;
0x00009448 ldr r3, [r4, 0x2c] | r3 = *((r4 + 0x2c));
0x0000944a cmp r3, 1 |
| if (r3 == 1) {
0x0000944c bne 0x9466 |
0x0000944e ldrh r5, [r4, 4] | r5 = *((r4 + 4));
0x00009450 add r3, sp, 0x14 | r3 += var_14h;
0x00009452 ldr r1, [r4] | r1 = *(r4);
0x00009454 mov r0, sl | r0 = sl;
0x00009456 mov r2, r5 | r2 = r5;
0x00009458 blx 0x5114 | fcn_00005114 ();
0x0000945c ldr r3, [r4] | r3 = *(r4);
0x0000945e ldr r2, [sp, 0x14] | r2 = var_14h;
0x00009460 add r3, r5 | r3 += r5;
0x00009462 str r2, [r3, -0x6] | *((r3 - 0x6)) = r2;
| }
0x00009466 ldrh r1, [r4, 4] | r1 = *((r4 + 4));
0x00009468 ldr r0, [r4] | r0 = *(r4);
0x0000946a subs r1, 2 | r1 -= 2;
0x0000946c uxth r1, r1 | r1 = (int16_t) r1;
0x0000946e blx 0x5418 | fcn_00005418 ();
0x00009472 ldrh r1, [r4, 4] | r1 = *((r4 + 4));
0x00009474 lsrs r2, r0, 8 | r2 = r0 >> 8;
0x00009476 ldr r3, [r4] | r3 = *(r4);
0x00009478 add r3, r1 | r3 += r1;
0x0000947a strb r2, [r3, -0x1] | *((r3 - 0x1)) = r2;
0x0000947e ldrh r2, [r4, 4] | r2 = *((r4 + 4));
0x00009480 ldr r3, [r4] | r3 = *(r4);
0x00009482 add r3, r2 | r3 += r2;
0x00009484 strb r0, [r3, -0x2] | *((r3 - 0x2)) = r0;
| label_3:
0x00009488 movs r3, 1 | r3 = 1;
0x0000948a ldr r2, [pc, 0x1ec] |
0x0000948c str r3, [r4, 0x1c] | *((r4 + 0x1c)) = r3;
0x0000948e ldr r3, [pc, 0x1d4] | r3 = *(0x9666);
0x00009490 add r2, pc | r2 = 0x12b0e;
0x00009492 ldr r3, [r2, r3] | r3 = *(0x12b0e);
0x00009494 ldr r2, [r3] | r2 = *(0x12b0e);
0x00009496 ldr r3, [sp, 0x24] | r3 = var_24h;
0x00009498 eors r2, r3 | r2 ^= r3;
0x0000949a mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x0000949e bne.w 0x965c | goto label_13;
| }
0x000094a2 add sp, 0x2c |
0x000094a4 pop.w {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| label_7:
0x000094a8 ldr r3, [pc, 0x1d0] |
0x000094aa movs r2, 0xd0 | r2 = 0xd0;
0x000094ac ldr r4, [pc, 0x1d0] |
0x000094ae ldr r1, [pc, 0x1d4] |
0x000094b0 ldr r0, [pc, 0x1d4] |
0x000094b2 add r3, pc | r3 = 0x12b32;
0x000094b4 add r4, pc | r4 = 0x12b38;
0x000094b6 adds r3, 0x30 | r3 += 0x30;
0x000094b8 add r1, pc | r1 = 0x12b42;
0x000094ba str r4, [sp] | *(sp) = r4;
0x000094bc add r0, pc | r0 = 0x12b48;
0x000094be blx 0x4e9c | g_list_length ();
| label_9:
0x000094c2 subs r3, 0xf | r3 -= 0xf;
0x000094c4 mov r0, r4 | r0 = r4;
0x000094c6 uxtb.w fp, r3 | fp = (int8_t) r3;
0x000094ca blx 0x5584 | r0 = fcn_00005584 ();
0x000094ce ldrb r3, [r0] | r3 = *(r0);
0x000094d0 mov r1, r0 | r1 = r0;
0x000094d2 add.w r2, fp, 1 | r2 += arg_1h;
0x000094d6 cmp r3, 0x76 |
| if (r3 == 0x76) {
0x000094d8 beq.w 0x9646 | goto label_14;
| }
0x000094dc cmp r3, 0x77 |
| if (r3 == 0x77) {
0x000094de beq.w 0x961e | goto label_15;
| }
0x000094e2 ldrh r3, [r4, 4] | r3 = *((r4 + 4));
0x000094e4 subs r3, 1 | r3--;
0x000094e6 strh r3, [r4, 4] | *((r4 + 4)) = r3;
0x000094e8 cmp.w fp, 0 |
| if (fp != 0) {
0x000094ec bne.w 0x9614 | goto label_16;
| }
0x000094f0 mov.w fp, 0x15 |
0x000094f4 str.w fp, [sp, 0xc] | __asm ("str.w fp, [var_ch]");
| label_4:
0x000094f8 adds r0, r1, 2 | r0 = r1 + 2;
0x000094fa str r1, [sp, 0xc] | var_ch = r1;
0x000094fc blx 0x5424 | fcn_00005424 ();
0x00009500 ldr r1, [sp, 0xc] | r1 = var_ch;
0x00009502 mov.w ip, 2 |
0x00009506 movs r3, 1 | r3 = 1;
0x00009508 strb.w fp, [r1, 1] | *((r1 + 1)) = fp;
0x0000950c strb.w ip, [r1] | *(r1) = ip;
0x00009510 str.w fp, [r4, 0x28] | __asm ("str.w fp, [r4, 0x28]");
0x00009514 strb.w ip, [r4, 0x24] | *((r4 + 0x24)) = ip;
0x00009518 str r3, [r4, 0x20] | *((r4 + 0x20)) = r3;
0x0000951a str r3, [r4, 0x2c] | *((r4 + 0x2c)) = r3;
0x0000951c ldrb.w r3, [r6, ip] | r3 = *((r6 + ip));
0x00009520 add r6, ip | r6 += ip;
0x00009522 subs r3, 0x76 | r3 -= 0x76;
0x00009524 cmp r3, 1 |
0x00009526 bhi.w 0x93da |
| } while (r3 > 1);
| label_10:
0x0000952a mov r0, sl | r0 = sl;
0x0000952c blx 0x4f84 | fcn_00004f84 ();
0x00009530 ldr r2, [r4, 0x20] | r2 = *((r4 + 0x20));
0x00009532 cmp r2, 0 |
| if (r2 == 0) {
0x00009534 beq.w 0x93f8 | goto label_0;
| }
0x00009538 ldrb.w r3, [r4, 0x24] | r3 = *((r4 + 0x24));
0x0000953c cmp r3, 2 |
| if (r3 < 2) {
0x0000953e bls.w 0x93dc | goto label_1;
| }
0x00009542 ldr r3, [r4] | r3 = *(r4);
0x00009544 clz r0, r0 | r0 &= r0;
0x00009548 lsrs r0, r0, 5 | r0 >>= 5;
0x0000954a strb r0, [r3, 7] | *((r3 + 7)) = r0;
0x0000954c b 0x93da | goto label_2;
| label_12:
0x0000954e ldr r3, [r4, 0x2c] | r3 = *((r4 + 0x2c));
0x00009550 ldrh r5, [r4, 4] | r5 = *((r4 + 4));
0x00009552 cmp r3, 1 |
| if (r3 == 1) {
0x00009554 bne 0x956e |
0x00009556 mov r1, r0 | r1 = r0;
0x00009558 add r3, sp, 0x14 | r3 += var_14h;
0x0000955a mov r0, sl | r0 = sl;
0x0000955c mov r2, r5 | r2 = r5;
0x0000955e blx 0x5114 | fcn_00005114 ();
0x00009562 ldr r3, [r4] | r3 = *(r4);
0x00009564 ldr r2, [sp, 0x14] | r2 = var_14h;
0x00009566 add r3, r5 | r3 += r5;
0x00009568 str r2, [r3, -0x5] | *((r3 - 0x5)) = r2;
0x0000956c ldr r0, [r4] | r0 = *(r4);
| }
0x0000956e ldrh r1, [r4, 4] | r1 = *((r4 + 4));
0x00009570 subs r1, 1 | r1--;
0x00009572 uxth r1, r1 | r1 = (int16_t) r1;
0x00009574 blx 0x4d94 | fcn_00004d94 ();
0x00009578 ldrh r2, [r4, 4] | r2 = *((r4 + 4));
0x0000957a ldr r3, [r4] | r3 = *(r4);
0x0000957c add r3, r2 | r3 += r2;
0x0000957e strb r0, [r3, -0x1] | *((r3 - 0x1)) = r0;
0x00009582 b 0x9488 | goto label_3;
| label_6:
0x00009584 ldr r3, [pc, 0x104] |
0x00009586 movs r2, 0xcf | r2 = 0xcf;
0x00009588 ldr r4, [pc, 0x104] |
0x0000958a ldr r1, [pc, 0x108] |
0x0000958c ldr r0, [pc, 0x108] |
0x0000958e add r3, pc | r3 = 0x12c1e;
0x00009590 add r4, pc | r4 = 0x12c24;
0x00009592 adds r3, 0x30 | r3 += 0x30;
0x00009594 add r1, pc | r1 = 0x12c2e;
0x00009596 str r4, [sp] | *(sp) = r4;
0x00009598 add r0, pc | r0 = 0x12c34;
0x0000959a blx 0x4e9c | g_list_length ();
| label_11:
0x0000959e ldr r3, [r4, 0x28] | r3 = *((r4 + 0x28));
0x000095a0 subs r3, 0x17 | r3 -= 0x17;
0x000095a2 cmp r3, 1 |
| if (r3 > 1) {
0x000095a4 bhi.w 0x93f8 | goto label_0;
| }
0x000095a8 mov r2, r5 | r2 = r5;
0x000095aa adds r1, r6, 1 | r1 = r6 + 1;
0x000095ac add r3, sp, 0x10 | r3 += var_10h;
0x000095ae movs r6, 0 | r6 = 0;
0x000095b0 mov r0, sl | r0 = sl;
0x000095b2 str r6, [sp, 0x10] | var_10h = r6;
0x000095b4 blx 0x534c | fcn_0000534c ();
0x000095b8 ldrh r2, [r4, 4] | r2 = *((r4 + 4));
0x000095ba uxtb.w fp, r0 | fp = (int8_t) r0;
0x000095be ldrb.w r5, [r4, 0x24] | r5 = *((r4 + 0x24));
0x000095c2 ldr r3, [sp, 0x10] | r3 = var_10h;
0x000095c4 subs r5, r2, r5 | r5 = r2 - r5;
0x000095c6 subs r5, 0xc | r5 -= 0xc;
0x000095c8 uxtb r5, r5 | r5 = (int8_t) r5;
0x000095ca sub.w r5, fp, r5 | r5 = fp - r5;
0x000095ce cmp r5, r6 |
| if (r5 > r6) {
0x000095d0 ble 0x95f2 |
0x000095d2 add r2, r5 | r2 += r5;
0x000095d4 ldr r0, [r4] | r0 = *(r4);
0x000095d6 uxth r1, r2 | r1 = (int16_t) r2;
0x000095d8 str r3, [sp, 0xc] | var_ch = r3;
0x000095da strh r1, [r4, 4] | *((r4 + 4)) = r1;
0x000095dc blx 0x52a8 | fcn_000052a8 ();
0x000095e0 ldrh r2, [r4, 4] | r2 = *((r4 + 4));
0x000095e2 mov r1, r6 | r1 = r6;
0x000095e4 str r0, [r4] | *(r4) = r0;
0x000095e6 subs r2, r2, r5 | r2 -= r5;
0x000095e8 add r0, r2 | r0 += r2;
0x000095ea mov r2, r5 | r2 = r5;
0x000095ec blx 0x4da0 | g_queue_free_full ();
0x000095f0 ldr r3, [sp, 0xc] | r3 = var_ch;
| }
0x000095f2 mov r0, r4 | r0 = r4;
0x000095f4 str r3, [sp, 0xc] | var_ch = r3;
0x000095f6 blx 0x5584 | fcn_00005584 ();
0x000095fa ldr r3, [sp, 0xc] | r3 = var_ch;
0x000095fc mov r2, fp | r2 = fp;
0x000095fe mov r1, r3 | r1 = r3;
0x00009600 ldrb.w r3, [r4, 0x24] | r3 = *((r4 + 0x24));
0x00009604 adds r3, 1 | r3++;
0x00009606 add r0, r3 | r0 += r3;
0x00009608 blx 0x5094 | feof (r0);
0x0000960c ldr r0, [sp, 0x10] | r0 = var_10h;
0x0000960e blx 0x4aec | fcn_00004aec ();
0x00009612 b 0x93f8 | goto label_0;
| label_16:
0x00009614 mov.w fp, 0x17 |
0x00009618 str.w fp, [sp, 0xc] | __asm ("str.w fp, [var_ch]");
0x0000961c b 0x94f8 | goto label_4;
| label_15:
0x0000961e adds r0, 3 | r0 += 3;
0x00009620 str r1, [sp, 0xc] | var_ch = r1;
0x00009622 blx 0x5424 | fcn_00005424 ();
0x00009626 ldr r1, [sp, 0xc] | r1 = var_ch;
0x00009628 movs r3, 0x13 | r3 = 0x13;
0x0000962a mov.w ip, 3 |
0x0000962e strb.w ip, [r1] | *(r1) = ip;
| do {
0x00009632 movs r2, 0 | r2 = 0;
0x00009634 strh.w r2, [r1, 1] | *((r1 + 1)) = r2;
0x00009638 strb r3, [r1, 1] | *((r1 + 1)) = r3;
0x0000963a str r3, [r4, 0x28] | *((r4 + 0x28)) = r3;
0x0000963c movs r3, 1 | r3 = 1;
0x0000963e strb.w ip, [r4, 0x24] | *((r4 + 0x24)) = ip;
0x00009642 str r3, [r4, 0x20] | *((r4 + 0x20)) = r3;
0x00009644 b 0x93cc | goto label_5;
| label_14:
0x00009646 adds r0, 3 | r0 += 3;
0x00009648 str r1, [sp, 0xc] | var_ch = r1;
0x0000964a blx 0x5424 | fcn_00005424 ();
0x0000964e ldr r1, [sp, 0xc] | r1 = var_ch;
0x00009650 mov.w ip, 3 |
0x00009654 movs r3, 0x11 | r3 = 0x11;
0x00009656 strb.w ip, [r1] | *(r1) = ip;
0x0000965a b 0x9632 |
| } while (1);
| label_13:
0x0000965c blx 0x5300 | fcn_00005300 ();
0x00009660 ldrb r2, [r3, 1] | r2 = *((r3 + 1));
0x00009662 movs r1, r0 | r1 = r0;
0x00009664 lsls r0, r6, 0x10 | r0 = r6 << 0x10;
0x00009666 movs r0, r0 |
0x00009668 ldr r2, [r1, r7] | r2 = *((r1 + r7));
0x0000966a movs r0, r0 |
0x0000966c ldr r4, [r0, r5] | r4 = *((r0 + r5));
0x0000966e movs r0, r0 |
0x00009670 ldrsb r4, [r2, r6] | r4 = *((r2 + r6));
0x00009672 movs r0, r0 |
0x00009674 ldr r2, [pc, 0x1a0] | r2 = *(0x9818);
0x00009676 movs r0, r0 |
0x00009678 strb r4, [r5, 0x1c] | *((r5 + 0x1c)) = r4;
0x0000967a movs r1, r0 | r1 = r0;
0x0000967c ldr r2, [r0, r3] | r2 = *((r0 + r3));
0x0000967e movs r0, r0 |
0x00009680 ldr r4, [r7, r0] | r4 = *((r7 + r0));
0x00009682 movs r0, r0 |
0x00009684 ldrsb r4, [r1, r2] | r4 = *((r1 + r2));
0x00009686 movs r0, r0 |
0x00009688 ldr r1, [pc, 0x180] | r1 = *(0x980c);
0x0000968a movs r0, r0 |
0x0000968c ldrsb r6, [r4, r7] | r6 = *((r4 + r7));
0x0000968e movs r0, r0 |
0x00009690 strb r0, [r3, r0] | *((r3 + r0)) = r0;
0x00009692 movs r0, r0 |
0x00009694 strb r0, [r6, r6] | *((r6 + r6)) = r0;
0x00009696 movs r0, r0 |
0x00009698 ldr r0, [pc, 0x210] | r0 = *(0x98ac);
0x0000969a movs r0, r0 |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libosdp.so.2.0 @ 0x88c4 */
| #include <stdint.h>
|
; (fcn) sym.osdp_get_chlg_message () | void osdp_get_chlg_message (int16_t arg1) {
| int16_t var_0h_3;
| int16_t var_1h;
| int16_t var_5h;
| int16_t var_ch_2;
| r0 = arg1;
| if (? >= ?) {
0x000088c4 addlt fp, r5, r0, lsl 10 |
| }
0x000088c8 ldr.w lr, [pc, 0x4c] |
0x000088cc mov.w ip, 0x76 |
0x000088d0 movs r1, 9 | r1 = 9;
0x000088d2 ldr r2, [r0] | r2 = *(r0);
0x000088d4 ldr r3, [r0, 4] | r3 = *((r0 + 4));
0x000088d6 add lr, pc | lr += pc;
0x000088d8 ldr r0, [pc, 0x40] |
0x000088da ldr.w r0, [lr, r0] | r0 = *((lr + r0));
0x000088de ldr r0, [r0] | r0 = *(0x891c);
0x000088e0 str r0, [sp, 0xc] | var_ch_2 = r0;
0x000088e2 mov.w r0, 0 | r0 = 0;
0x000088e6 mov r0, sp | r0 = sp;
0x000088e8 str.w r2, [sp, 1] | __asm ("str.w r2, [var_1h]");
0x000088ec str.w r3, [sp, 5] | __asm ("str.w r3, [var_5h]");
0x000088f0 strb.w ip, [sp] | *(sp) = ip;
0x000088f4 bl 0x83b8 | fcn_000083b8 (r0, r1);
0x000088f8 ldr r2, [pc, 0x24] |
0x000088fa ldr r3, [pc, 0x20] | r3 = *(0x891e);
0x000088fc add r2, pc | r2 = 0x11220;
0x000088fe ldr r3, [r2, r3] | r3 = *(0x11220);
0x00008900 ldr r2, [r3] | r2 = *(0x11220);
0x00008902 ldr r3, [sp, 0xc] | r3 = var_ch_2;
0x00008904 eors r2, r3 | r2 ^= r3;
0x00008906 mov.w r3, 0 | r3 = 0;
| if (r2 == r3) {
0x0000890a bne 0x8912 |
0x0000890c add sp, 0x14 |
0x0000890e ldr pc, [sp], 4 | pc = *(sp);
| sp += 4;
| }
0x00008912 blx 0x5300 | fcn_00005300 ();
0x00008916 nop |
0x00008918 strh r6, [r4, 0x16] | *((r4 + 0x16)) = r6;
0x0000891a movs r1, r0 | r1 = r0;
0x0000891c lsls r0, r6, 0x10 | r0 = r6 << 0x10;
0x0000891e movs r0, r0 |
0x00008920 strh r0, [r0, 0x16] | *((r0 + 0x16)) = r0;
0x00008922 movs r1, r0 | r1 = r0;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libosdp.so.2.0 @ 0x92e4 */
| #include <stdint.h>
|
; (fcn) sym.osdp_get_message_command () | uint32_t osdp_get_message_command (int16_t arg1) {
| r0 = arg1;
0x000092e4 mlahs r4, r0, r8, pc | __asm ("mlahs r4, r0, r8, pc");
0x000092e8 ldr r3, [r0] | r3 = *(r0);
0x000092ea add r3, r2 | r3 += r2;
0x000092ec ldrb r0, [r3, 5] | r0 = *((r3 + 5));
0x000092ee bx lr | return r0;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libosdp.so.2.0 @ 0xb168 */
| #include <stdint.h>
|
; (fcn) sym.osdp_identity_id_read () | uint32_t osdp_identity_id_read (int16_t arg1) {
| r0 = arg1;
0x0000b168 ldr r0, [r0] | r0 = *(r0);
0x0000b16a bx lr | return r0;
| }
r2dec has crashed (info: /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libosdp.so.2.0 @ 0xa8e0).
Please report the bug at https://github.com/radareorg/r2dec-js/issues
Use the option '--issue' or the command 'pddi' to generate
the needed data for the issue.
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libosdp.so.2.0 @ 0xad28 */
| #include <stdint.h>
|
; (fcn) sym.osdp_util_validate_message_structure () | void osdp_util_validate_message_structure (int16_t arg1, int16_t arg2) {
| int16_t var_0h;
| int32_t var_4h;
| int32_t var_4h_2;
| r0 = arg1;
| r1 = arg2;
0x0000ad28 push {r4, r5, r6, r7, lr} |
0x0000ad2a mov r6, r0 | r6 = r0;
0x0000ad2c sub sp, 0x14 |
0x0000ad2e mov r0, r1 | r0 = r1;
0x0000ad30 mov r4, r1 | r4 = r1;
0x0000ad32 blx 0x5440 | fcn_00005440 ();
0x0000ad36 ldrb r3, [r6] | r3 = *(r6);
0x0000ad38 mov r5, r0 | r5 = r0;
0x0000ad3a cmp r3, 0xff |
0x0000ad3c ittte eq |
| if (r3 != 0xff) {
0x0000ad3e addeq r4, r4, -1 | r4 += -1;
| }
| if (r3 != 0xff) {
0x0000ad42 addeq r1, r6, 1 | r1 = r6 + 1;
| }
| if (r3 == 0xff) {
0x0000ad44 uxthne r4, r4 | __asm ("uxthne r4, r4");
| }
| if (r3 != 0xff) {
0x0000ad46 mov r2, r4 | r2 = r4;
| }
0x0000ad48 ite ne |
| if (r3 == 0xff) {
0x0000ad4a movne r1, r6 | r1 = r6;
| }
| if (r3 != 0xff) {
0x0000ad4c moveq r2, r4 | r2 = r4;
| }
0x0000ad4e blx 0x5094 | feof (r0);
0x0000ad52 cmp r4, 6 |
| if (r4 < 6) {
0x0000ad54 bls 0xadf2 | goto label_2;
| }
0x0000ad56 cmp.w r4, 0x5a0 |
| if (r4 > 0x5a0) {
0x0000ad5a bhi 0xae04 | goto label_3;
| }
0x0000ad5c ldrb r3, [r5, 4] | r3 = *((r5 + 4));
0x0000ad5e subs r6, r4, 1 | r6 = r4 - 1;
0x0000ad60 lsls r3, r3, 0x1d | r3 <<= 0x1d;
| if (r3 >= r3) {
0x0000ad62 bpl 0xadb4 | goto label_4;
| }
0x0000ad64 subs r7, r4, 2 | r7 = r4 - 2;
0x0000ad66 mov r0, r5 | r0 = r5;
0x0000ad68 uxth r1, r7 | r1 = (int16_t) r7;
0x0000ad6a blx 0x5418 | fcn_00005418 ();
0x0000ad6e ldrb r1, [r5, r6] | r1 = *((r5 + r6));
0x0000ad70 ubfx r6, r0, 8, 0x10 | r6 = (r0 >> 8) & ((1 << 0x10) - 1);
0x0000ad74 uxtb r2, r6 | r2 = (int8_t) r6;
0x0000ad76 ldrb r3, [r5, r7] | r3 = *((r5 + r7));
0x0000ad78 uxtb r0, r0 | r0 = (int8_t) r0;
0x0000ad7a cmp r1, r2 |
0x0000ad7c beq 0xadd0 |
| while (r3 != r0) {
0x0000ad7e cmp r2, r3 |
0x0000ad80 it eq |
| if (r2 == r3) {
0x0000ad82 cmpeq r1, r0 | __asm ("cmpeq r1, r0");
| }
| if (r2 == r3) {
0x0000ad84 beq 0xadd6 | goto label_5;
| }
0x0000ad86 ldr r2, [pc, 0xa0] |
0x0000ad88 strd r6, r0, [sp, 4] | __asm ("strd r6, r0, [var_4h]");
0x0000ad8c ldr r0, [pc, 0x9c] |
0x0000ad8e str r1, [sp] | *(sp) = r1;
0x0000ad90 add r2, pc | r2 = 0x15bbe;
0x0000ad92 movs r1, 0x10 | r1 = 0x10;
0x0000ad94 add r0, pc | r0 = 0x15bc4;
0x0000ad96 blx 0x56d4 | fcn_000056d4 ();
| label_1:
0x0000ad9a ldr r0, [pc, 0x94] |
0x0000ad9c mov r2, r4 | r2 = r4;
0x0000ad9e mov r1, r5 | r1 = r5;
0x0000ada0 movs r4, 2 | r4 = 2;
0x0000ada2 add r0, pc | r0 = 0x15bd8;
0x0000ada4 blx 0x4b60 | g_queue_push_tail ();
0x0000ada8 mov r0, r5 | r0 = r5;
0x0000adaa blx 0x4aec | fcn_00004aec ();
0x0000adae mov r0, r4 | r0 = r4;
0x0000adb0 add sp, 0x14 |
0x0000adb2 pop {r4, r5, r6, r7, pc} |
| label_4:
0x0000adb4 uxth r1, r6 | r1 = (int16_t) r6;
0x0000adb6 mov r0, r5 | r0 = r5;
0x0000adb8 blx 0x4d94 | fcn_00004d94 ();
0x0000adbc ldrb r3, [r5, r6] | r3 = *((r5 + r6));
0x0000adbe cmp r3, r0 |
| if (r3 != r0) {
0x0000adc0 bne 0xae16 | goto label_6;
| }
| label_0:
0x0000adc2 mov r0, r5 | r0 = r5;
0x0000adc4 movs r4, 0 | r4 = 0;
0x0000adc6 blx 0x4aec | fcn_00004aec ();
0x0000adca mov r0, r4 | r0 = r4;
0x0000adcc add sp, 0x14 |
0x0000adce pop {r4, r5, r6, r7, pc} |
0x0000add0 cmp r3, r0 |
0x0000add2 bne 0xad7e |
| }
0x0000add4 b 0xadc2 | goto label_0;
| label_5:
0x0000add6 ldr r2, [pc, 0x5c] |
0x0000add8 movs r1, 0x10 | r1 = 0x10;
0x0000adda ldr r0, [pc, 0x5c] |
0x0000addc movs r4, 1 | r4 = 1;
0x0000adde add r2, pc | r2 = 0x15c18;
0x0000ade0 add r0, pc | r0 = 0x15c1e;
0x0000ade2 blx 0x56d4 | fcn_000056d4 ();
0x0000ade6 mov r0, r5 | r0 = r5;
0x0000ade8 blx 0x4aec | fcn_00004aec ();
0x0000adec mov r0, r4 | r0 = r4;
0x0000adee add sp, 0x14 |
0x0000adf0 pop {r4, r5, r6, r7, pc} |
| label_2:
0x0000adf2 ldr r2, [pc, 0x48] |
0x0000adf4 mov r3, r4 | r3 = r4;
0x0000adf6 ldr r0, [pc, 0x48] |
0x0000adf8 movs r1, 0x10 | r1 = 0x10;
0x0000adfa add r2, pc | r2 = 0x15c3c;
0x0000adfc add r0, pc | r0 = 0x15c42;
0x0000adfe blx 0x56d4 | fcn_000056d4 ();
0x0000ae02 b 0xad9a | goto label_1;
| label_3:
0x0000ae04 ldr r2, [pc, 0x3c] |
0x0000ae06 mov r3, r4 | r3 = r4;
0x0000ae08 ldr r0, [pc, 0x3c] |
0x0000ae0a movs r1, 0x10 | r1 = 0x10;
0x0000ae0c add r2, pc | r2 = 0x15c54;
0x0000ae0e add r0, pc | r0 = 0x15c5a;
0x0000ae10 blx 0x56d4 | fcn_000056d4 ();
0x0000ae14 b 0xad9a | goto label_1;
| label_6:
0x0000ae16 str r0, [sp] | *(sp) = r0;
0x0000ae18 movs r1, 0x10 | r1 = 0x10;
0x0000ae1a ldr r2, [pc, 0x30] |
0x0000ae1c ldr r0, [pc, 0x30] |
0x0000ae1e add r2, pc | r2 = 0x15c70;
0x0000ae20 add r0, pc | r0 = 0x15c74;
0x0000ae22 blx 0x56d4 | fcn_000056d4 ();
0x0000ae26 b 0xad9a | goto label_1;
| }
[*] Function strcpy used 1 times libosdp.so.2.0
