[*] Binary protection state of stm32flash
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function sprintf tear down of stm32flash
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/bin/stm32flash @ 0x22bc */
| #include <stdint.h>
|
; (fcn) fcn.000022bc () | void fcn_000022bc (char * arg1, int16_t arg2) {
| r0 = arg1;
| r1 = arg2;
0x000022bc push.w {r4, r5, r6, r7, r8, lr} |
0x000022c0 mov r6, r1 | r6 = r1;
0x000022c2 ldr.w r8, [pc, 0x7c] | r8 = *(0x00002340);
0x000022c6 movs r1, 0 | r1 = 0;
0x000022c8 mov r7, r0 | r7 = r0;
0x000022ca blx 0x1098 | r0 = ctype_b_loc ();
0x000022ce subs r5, r0, 0 | r5 = r0 - 0;
0x000022d0 add r8, pc | r8 += pc;
| if (r5 < r0) {
0x000022d2 blt 0x2324 | goto label_0;
| }
| do {
0x000022d4 movs r2, 1 | r2 = 1;
0x000022d6 mov r1, r6 | r1 = r6;
0x000022d8 mov r0, r5 | r0 = r5;
0x000022da blx 0xfa0 | r0 = fcn_00000fa0 ();
0x000022de subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 >= r0) {
0x000022e0 blt 0x22ee |
0x000022e2 mov r0, r5 | r0 = r5;
0x000022e4 blx 0x11a0 | snprintf_chk ();
0x000022e8 mov r0, r4 | r0 = r4;
0x000022ea pop.w {r4, r5, r6, r7, r8, pc} |
| }
0x000022ee blx 0x10f8 | r0 = sprintf_chk ()
0x000022f2 ldr r0, [r0] | r0 = *(r0);
0x000022f4 cmp r0, 0xb |
0x000022f6 it ne |
| if (r0 != 0xb) {
0x000022f8 cmpne r0, 4 | __asm ("cmpne r0, 4");
| }
0x000022fa ite eq |
| if (r0 != 0xb) {
0x000022fc moveq r0, 1 | r0 = 1;
| }
| if (r0 == 0xb) {
0x000022fe movne r0, 0 | r0 = 0;
| }
0x00002300 beq 0x22d4 |
| } while (r0 == 0xb);
0x00002302 ldr r2, [pc, 0x40] | r2 = *(0x2346);
0x00002304 mov r3, r7 | r3 = r7;
0x00002306 mov r4, r0 | r4 = r0;
0x00002308 ldr.w r1, [r8, r2] | r1 = *((r8 + r2));
0x0000230c ldr r2, [pc, 0x38] |
0x0000230e ldr r0, [r1] | r0 = *(r1);
0x00002310 movs r1, 1 | r1 = 1;
0x00002312 add r2, pc | r2 = 0x465e;
0x00002314 blx 0x1158 | sigemptyset ();
0x00002316 vmax.s32 d4, d0, d24 | __asm ("vmax.s32 d4, d0, d24");
0x0000231a blx 0x11a0 | snprintf_chk ();
0x0000231e mov r0, r4 | r0 = r4;
0x00002320 pop.w {r4, r5, r6, r7, r8, pc} |
| label_0:
0x00002324 ldr r0, [pc, 0x1c] |
0x00002326 mov r3, r7 | r3 = r7;
0x00002328 ldr r2, [pc, 0x20] |
0x0000232a movs r1, 1 | r1 = 1;
0x0000232c movs r4, 0 | r4 = 0;
0x0000232e ldr.w r0, [r8, r0] | r0 = *((r8 + r0));
0x00002332 add r2, pc | r2 = 0x4682;
0x00002334 ldr r0, [r0] | r0 = *(0x2344);
0x00002336 blx 0x1158 | sigemptyset ();
0x0000233a mov r0, r4 | r0 = r4;
0x0000233c pop.w {r4, r5, r6, r7, r8, pc} |
| }
[*] Function sprintf used 2 times stm32flash
