[*] Binary protection state of libwpa_ctrl.so
Full RELRO Canary found NX enabled DSO No RPATH No RUNPATH No Symbols
[*] Function fprintf tear down of libwpa_ctrl.so
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libwpa_ctrl.so @ 0x1a90 */
| #include <stdint.h>
|
; (fcn) sym.os_gmtime () | void os_gmtime (int16_t arg1, int16_t arg2) {
| int16_t var_0h;
| int16_t var_4h_2;
| r0 = arg1;
| r1 = arg2;
0x00001a90 invalid |
0x00001a94 ldr r1, [pc, 0x5c] |
0x00001a96 sub sp, 0xc |
0x00001a98 mov r3, r0 | r3 = r0;
0x00001a9a mov r0, sp | r0 = sp;
0x00001a9c ldr r2, [pc, 0x58] | r2 = *(0x1af8);
0x00001a9e add r1, pc | r1 = 0x3596;
0x00001aa0 ldr r2, [r1, r2] |
0x00001aa2 ldr r2, [r2] | r2 = *(0x3596);
0x00001aa4 str r2, [sp, 4] | var_4h_2 = r2;
0x00001aa6 mov.w r2, 0 | r2 = 0;
0x00001aaa str r3, [sp] | *(sp) = r3;
0x00001aac blx 0x114c | r0 = fprintf_chk ()
| if (r0 == 0) {
0x00001ab0 cbz r0, 0x1aea | goto label_0;
| }
0x00001ab2 ldr r1, [r0] | r1 = *(r0);
0x00001ab4 ldrd r2, r3, [r0, 0x10] | __asm ("ldrd r2, r3, [r0, 0x10]");
0x00001ab8 str r1, [r4] | *(r4) = r1;
0x00001aba ldr r1, [r0, 4] | r1 = *((r0 + 4));
0x00001abc adds r2, 1 | r2++;
0x00001abe addw r3, r3, 0x76c | __asm ("addw r3, r3, 0x76c");
0x00001ac2 str r1, [r4, 4] | *((r4 + 4)) = r1;
0x00001ac4 ldrd r5, r1, [r0, 8] | __asm ("ldrd r5, r1, [r0, 8]");
0x00001ac8 movs r0, 0 | r0 = 0;
0x00001aca strd r2, r3, [r4, 0x10] | __asm ("strd r2, r3, [r4, 0x10]");
0x00001ace strd r5, r1, [r4, 8] | __asm ("strd r5, r1, [r4, 8]");
| do {
0x00001ad2 ldr r2, [pc, 0x28] |
0x00001ad4 ldr r3, [pc, 0x20] | r3 = *(0x1af8);
0x00001ad6 add r2, pc | r2 = 0x35d8;
0x00001ad8 ldr r3, [r2, r3] | r3 = *(0x35d8);
0x00001ada ldr r2, [r3] | r2 = *(0x35d8);
0x00001adc ldr r3, [sp, 4] | r3 = var_4h_2;
0x00001ade eors r2, r3 | r2 ^= r3;
0x00001ae0 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00001ae4 bne 0x1af0 | goto label_1;
| }
0x00001ae6 add sp, 0xc |
0x00001ae8 pop {r4, r5, pc} |
| label_0:
0x00001aea mov.w r0, -1 | r0 = -1;
0x00001aee b 0x1ad2 |
| } while (1);
| label_1:
0x00001af0 blx 0x1018 | fcn_00001018 ();
0x00001af4 asrs r6, r1, 0x11 | r6 = r1 >> 0x11;
0x00001af6 movs r1, r0 | r1 = r0;
0x00001af8 lsls r4, r0, 4 | r4 = r0 << 4;
0x00001afa movs r0, r0 |
0x00001afc asrs r6, r2, 0x10 | r6 = r2 >> 0x10;
0x00001afe movs r1, r0 | r1 = r0;
| }
[*] Function fprintf used 2 times libwpa_ctrl.so
