[*] Binary protection state of libasound.so.2.0.0
Full RELRO Canary found NX enabled DSO No RPATH No RUNPATH No Symbols
[*] Function popen tear down of libasound.so.2.0.0
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/lib/libasound.so.2.0.0 @ 0x82bb4 */
| #include <stdint.h>
|
| #define BIT_MASK(t,v) ((t)(-((v)!= 0)))&(((t)-1)>>((sizeof(t)*CHAR_BIT)-(v)))
|
; (fcn) fcn.00082bb4 () | void fcn_00082bb4 (int16_t arg1, int16_t arg2) {
| int16_t var_0h_3;
| int16_t var_4h;
| int16_t var_8h;
| int16_t var_10h;
| r0 = arg1;
| r1 = arg2;
0x00082bb4 svcmi 0xf0e92d | __asm ("svcmi aav.0x000000ff");
0x00082bb8 sub.w sp, sp, 0x1080 |
0x00082bbc ldr r6, [pc, 0x164] |
0x00082bbe sub sp, 0xc |
0x00082bc0 add r7, sp, 0x10 | r7 += var_10h;
0x00082bc2 ldr r4, [pc, 0x164] | r4 = *(0x82d2a);
0x00082bc4 add.w ip, r7, 0x1060 |
0x00082bc8 ldrb r3, [r0] | r3 = *(r0);
0x00082bca add r6, pc | r6 = 0x1058f2;
0x00082bcc add.w sb, r7, 0x78 | sb = r7 + 0x78;
0x00082bd0 movs r2, 0 | r2 = 0;
0x00082bd2 ldr r4, [r6, r4] |
0x00082bd4 add.w ip, ip, 0x14 |
0x00082bd8 cmp r3, 0x2f |
0x00082bda mov r5, r0 | r5 = r0;
0x00082bdc ldr r4, [r4] | r4 = ALSA_0.9.0rc4;
0x00082bde str.w r4, [ip] | __asm ("str.w r4, [ip]");
0x00082be2 mov.w r4, 0 | r4 = 0;
0x00082be6 str r2, [sb, -0x64] | *((sb - 0x64)) = r2;
0x00082bea str r1, [r7] | *(r7) = r1;
| if (r3 == 0x2f) {
0x00082bec beq 0x82cb4 | goto label_4;
| }
0x00082bee ldr r0, [pc, 0x13c] |
0x00082bf0 add r0, pc | r0 = 0x105922;
0x00082bf2 blx 0x1c2dc | r0 = fcn_0001c2dc ();
0x00082bf6 mov r4, r0 | r4 = r0;
0x00082bf8 cmp r0, 0 |
| if (r0 == 0) {
0x00082bfa beq 0x82cd0 | goto label_2;
| }
0x00082bfc blx 0x1cd24 | r0 = fcn_0001cd24 ();
0x00082c00 add.w r3, r0, 8 | r3 = r0 + 8;
0x00082c04 adds r2, r0, 1 | r2 = r0 + 1;
0x00082c06 bic r3, r3, 7 | r3 = BIT_MASK (r3, 7);
0x00082c0a mov r1, r4 | r1 = r4;
0x00082c0c sub.w sp, sp, r3 |
0x00082c10 add.w sl, r7, 0x18 | sl = r7 + 0x18;
0x00082c14 add r3, sp, 0x10 | r3 += var_10h;
0x00082c16 mov r0, r3 | r0 = r3;
0x00082c18 blx 0x1ce20 | fcn_0001ce20 ();
0x00082c1c ldr r1, [pc, 0x110] |
0x00082c1e sub.w r2, sl, 4 | r2 = sl - 4;
0x00082c22 str r2, [r7, 8] | *((r7 + 8)) = r2;
0x00082c24 add r1, pc | r1 = 0x105958;
0x00082c26 blx 0x1d7a8 | r0 = popen (r0, r1)
0x00082c2a mov r6, r0 | r6 = r0;
0x00082c2c cmp r0, 0 |
| if (r0 == 0) {
0x00082c2e beq 0x82cd0 | goto label_2;
| }
0x00082c30 ldr r3, [pc, 0x100] |
0x00082c32 add r3, pc | r3 = 0x10596a;
0x00082c34 str r3, [r7, 0xc] | *((r7 + 0xc)) = r3;
0x00082c36 ldr r3, [pc, 0x100] |
0x00082c38 add r3, pc | r3 = 0x105976;
0x00082c3a str r3, [r7, 4] | *((r7 + 4)) = r3;
| label_1:
0x00082c3c mov r0, r6 | r0 = r6;
0x00082c3e blx 0x1bf78 | r0 = memcmp (r0, r1, r2);
0x00082c42 mov r4, r0 | r4 = r0;
0x00082c44 cmp r0, 0 |
| if (r0 == 0) {
0x00082c46 beq 0x82cfe | goto label_5;
| }
0x00082c48 sub.w r8, sb, 4 | r8 = sb - 4;
0x00082c4c mov fp, r6 |
| do {
| label_0:
0x00082c4e mov r0, r4 | r0 = r4;
0x00082c50 blx 0x1df28 | r0 = fcn_0001df28 ();
0x00082c54 cmp r0, 0 |
| if (r0 == 0) {
0x00082c56 beq 0x82cf8 | goto label_6;
| }
0x00082c58 add.w r6, r0, 0xb | r6 = r0 + 0xb;
0x00082c5c mov r1, r5 | r1 = r5;
0x00082c5e mov r0, r6 | r0 = r6;
0x00082c60 blx 0x1d330 | r0 = fcn_0001d330 ();
0x00082c64 cmp r6, r0 |
0x00082c66 bne 0x82c4e |
| } while (r6 != r0);
0x00082c68 ldr r2, [r7, 0xc] | r2 = *((r7 + 0xc));
0x00082c6a mov.w r3, 0x1000 | r3 = 0x1000;
0x00082c6e mov r1, r3 | r1 = r3;
0x00082c70 mov r0, r8 | r0 = r8;
0x00082c72 str r6, [sp, 8] | var_8h = r6;
0x00082c74 str r2, [sp] | *(sp) = r2;
0x00082c76 movs r2, 1 | r2 = 1;
0x00082c78 str.w fp, [sp, 4] | __asm ("str.w fp, [var_4h]");
0x00082c7c blx 0x1d264 | fcn_0001d264 ();
0x00082c80 mov r1, sl | r1 = sl;
0x00082c82 mov r0, r8 | r0 = r8;
0x00082c84 blx 0x1dd28 | r0 = fcn_0001dd28 ();
0x00082c88 cmp r0, 0 |
| if (r0 != 0) {
0x00082c8a bne 0x82c4e | goto label_0;
| }
0x00082c8c ldr r2, [sb, -0x50] | r2 = *((sb - 0x50));
0x00082c90 movw r3, 0xf040 | r3 = 0xf040;
0x00082c94 ands r3, r2 | r3 &= r2;
0x00082c96 movw r2, 0x8040 | r2 = 0x8040;
0x00082c9a cmp r3, r2 |
| if (r3 != r2) {
0x00082c9c bne 0x82c4e | goto label_0;
| }
0x00082c9e mov.w r2, 0x1000 | r2 = 0x1000;
0x00082ca2 mov r1, r8 | r1 = r8;
0x00082ca4 ldr r0, [r7] | r0 = *(r7);
0x00082ca6 blx 0x1d774 | fcn_0001d774 ();
0x00082caa mov r0, r4 | r0 = r4;
0x00082cac blx 0x1d400 | fcn_0001d400 ();
0x00082cb0 movs r0, 1 | r0 = 1;
0x00082cb2 b 0x82cd2 | goto label_3;
| label_4:
0x00082cb4 add.w r1, r7, 0x18 | r1 = r7 + 0x18;
0x00082cb8 blx 0x1dd28 | r0 = fcn_0001dd28 ();
| if (r0 == 0) {
0x00082cbc cbnz r0, 0x82cd0 |
0x00082cbe ldr r1, [sb, -0x50] | r1 = *((sb - 0x50));
0x00082cc2 movw r3, 0xf040 | r3 = 0xf040;
0x00082cc6 movw r2, 0x8040 | r2 = 0x8040;
0x00082cca ands r3, r1 | r3 &= r1;
0x00082ccc cmp r3, r2 |
| if (r3 == r2) {
0x00082cce beq 0x82d10 | goto label_7;
| }
| }
| label_2:
0x00082cd0 movs r0, 0 | r0 = 0;
| label_3:
0x00082cd2 ldr r2, [pc, 0x68] |
0x00082cd4 add.w r1, r7, 0x1060 | r1 = r7 + 0x1060;
0x00082cd8 ldr r3, [pc, 0x4c] | r3 = *(0x82d28);
0x00082cda adds r1, 0x14 | r1 += 0x14;
0x00082cdc add r2, pc | r2 = 0x105a1e;
0x00082cde ldr r3, [r2, r3] | r3 = ALSA_0.9.0rc4;
0x00082ce0 ldr r2, [r3] | r2 = ALSA_0.9.0rc4;
0x00082ce2 ldr r3, [r1] | r3 = *(r1);
0x00082ce4 eors r2, r3 | r2 ^= r3;
0x00082ce6 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00082cea bne 0x82d20 | goto label_8;
| }
0x00082cec add.w r7, r7, 0x1060 | r7 += 0x1060;
0x00082cf0 adds r7, 0x1c | r7 += 0x1c;
0x00082cf2 mov sp, r7 |
0x00082cf4 pop.w {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| label_6:
0x00082cf8 mov r0, r4 | r0 = r4;
0x00082cfa blx 0x1d400 | fcn_0001d400 ();
| label_5:
0x00082cfe ldrd r1, r2, [r7, 4] | __asm ("ldrd r1, r2, [r7, 4]");
0x00082d02 movs r0, 0 | r0 = 0;
0x00082d04 blx 0x1d7a8 | r0 = popen (r0, r1)
0x00082d08 mov r6, r0 | r6 = r0;
0x00082d0a cmp r0, 0 |
| if (r0 != 0) {
0x00082d0c bne 0x82c3c | goto label_1;
| }
0x00082d0e b 0x82cd0 | goto label_2;
| label_7:
0x00082d10 ldr r0, [r7] | r0 = *(r7);
0x00082d12 mov.w r2, 0x1000 | r2 = 0x1000;
0x00082d16 mov r1, r5 | r1 = r5;
0x00082d18 blx 0x1d774 | fcn_0001d774 ();
0x00082d1c movs r0, 1 | r0 = 1;
0x00082d1e b 0x82cd2 | goto label_3;
| label_8:
0x00082d20 blx 0x1d5f8 | fcn_0001d5f8 ();
0x00082d24 ldm r0!, {r1, r4, r5} | r1 = *(r0!);
| r4 = *((r0! + 4));
| r5 = *((r0! + 8));
0x00082d26 movs r2, r0 | r2 = r0;
0x00082d28 lsrs r4, r7, 0xe | r4 = r7 >> 0xe;
0x00082d2a movs r0, r0 |
0x00082d2c bx r4 | return uint32_t (*r4)() ();
| }
[*] Function popen used 3 times libasound.so.2.0.0
