[*] Binary protection state of netd_migrate
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function system tear down of netd_migrate
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-50593792.squashfs_v4_le_extract/usr/libexec/netd_migrate @ 0x63f0 */
| #include <stdint.h>
|
; (fcn) fcn.000063f0 () | void fcn_000063f0 (int16_t arg_164h, int16_t arg_168h, int16_t arg_28h, uint32_t arg1, uint32_t arg2, int16_t arg3, int16_t arg4) {
| int16_t var_0h;
| r0 = arg1;
| r1 = arg2;
| r2 = arg3;
| r3 = arg4;
0x000063f0 svcmi 0x70e92d | __asm ("svcmi 0x70e92d");
0x000063f4 sub sp, 8 |
0x000063f6 ldr.w sb, [sp, 0x28] | sb = *(arg_28h);
0x000063fa cmp r0, 0 |
| if (arg_28h == ) {
0x000063fc beq 0x649a | goto label_2;
| }
0x000063fe mov r4, r1 | r4 = r1;
0x00006400 cmp r1, 0 |
| if (r1 == 0) {
0x00006402 beq 0x64ce | goto label_3;
| }
0x00006404 mov r6, r2 | r6 = r2;
0x00006406 mov r8, r3 | r8 = r3;
0x00006408 mov r5, r0 | r5 = r0;
0x0000640a cmp r3, 0 |
| if (r3 != 0) {
0x0000640c bne 0x64b2 | goto label_4;
| }
0x0000640e blx 0x2854 | r0 = fcn_00002854 ();
0x00006412 mov sl, r0 | sl = r0;
0x00006414 mov r2, r6 | r2 = r6;
0x00006416 mov r0, r5 | r0 = r5;
0x00006418 movw r1, 0x8041 | r1 = 0x8041;
0x0000641c str.w r8, [sl] | __asm ("str.w r8, [sl]");
0x00006420 blx 0x2214 | r0 = fcn_00002214 ();
0x00006424 adds r3, r0, 1 | r3 = r0 + 1;
0x00006426 mov r5, r0 | r5 = r0;
| if (r3 == r0) {
0x00006428 beq 0x64e8 | goto label_5;
| }
0x0000642a ldr.w fp, [pc, 0x13c] |
0x0000642e add fp, pc | fp = 0xc99c;
0x00006430 add.w r1, fp, 0x164 | r1 += arg_164h;
0x00006434 blx 0x25b0 | r0 = fcn_000025b0 ();
0x00006438 mov r6, r0 | r6 = r0;
0x0000643a cmp r0, 0 |
| if (r0 == 0) {
0x0000643c beq.w 0x6544 | goto label_6;
| }
0x00006440 mov r3, r4 | r3 = r4;
0x00006442 add.w r2, fp, 0x168 | r2 += arg_168h;
0x00006446 movs r1, 1 | r1 = 1;
0x00006448 blx 0x2688 | r0 = fcn_00002688 ();
0x0000644c cmp r0, 0 |
| if (r0 < 0) {
0x0000644e blt 0x6518 | goto label_7;
| }
0x00006450 mov r0, r6 | r0 = r6;
0x00006452 blx 0x2330 | r0 = system (r0)
0x00006456 cmp r0, 0 |
| if (r0 == 0) {
0x00006458 beq 0x6510 | goto label_8;
| }
0x0000645a blx 0x241c | fcn_0000241c ();
0x0000645e ldr.w r6, [sl] | r6 = *(sl);
0x00006462 mov r4, r0 | r4 = r0;
0x00006464 mov r0, r6 | r0 = r6;
0x00006466 blx 0x2744 | g_bus_unown_name ();
0x0000646a mov r2, r6 | r2 = r6;
0x0000646c mov r3, r0 | r3 = r0;
0x0000646e mov r1, r4 | r1 = r4;
0x00006470 mov r0, sb | r0 = sb;
0x00006472 blx 0x26f8 | fcn_000026f8 ();
0x00006474 invalid |
| do {
| label_1:
0x00006476 mov r0, r5 | r0 = r5;
0x00006478 blx 0x25ec | fcn_000025ec ();
0x0000647c adds r0, 1 | r0++;
| if (r0 == 1) {
0x0000647e bne 0x6508 |
0x00006480 ldr.w r0, [sl] | r0 = *(sl);
0x00006484 blx 0x2744 | g_bus_unown_name ();
0x00006488 ldr r1, [pc, 0xe0] |
0x0000648a mov r2, r0 | r2 = r0;
0x0000648c movs r0, 3 | r0 = 3;
0x0000648e add r1, pc |
0x00006490 add.w r1, r1, 0x16c | r1 = 0xcb6a;
0x00006494 bl 0x4ff4 | fcn_00004ff4 (r0);
0x00006498 b 0x6508 | goto label_0;
| label_2:
0x0000649a ldr r1, [pc, 0xd4] |
0x0000649c movw r2, 0x189 | r2 = 0x189;
0x000064a0 add r1, pc | r1 = 0xca16;
0x000064a2 add.w r4, r1, 0x144 | r4 = r1 + 0x144;
0x000064a6 add.w r3, r1, 0x124 | r3 = r1 + 0x124;
0x000064aa str r4, [sp] | *(sp) = r4;
0x000064ac adds r1, 0x74 | r1 += 0x74;
0x000064ae blx 0x2434 | fcn_00002434 ();
| label_4:
0x000064b2 mov r0, r1 | r0 = r1;
0x000064b4 blx 0x24e0 | unlink (r0);
0x000064b8 mov r3, r6 | r3 = r6;
0x000064ba mov r2, r0 | r2 = r0;
0x000064bc mov r1, r4 | r1 = r4;
0x000064be mov r0, r5 | r0 = r5;
0x000064c0 str.w sb, [sp, 0x28] | __asm ("str.w sb, [arg_28h]");
0x000064c4 add sp, 8 |
0x000064c6 pop.w {r4, r5, r6, r8, sb, sl, fp, lr} |
0x000064ca b.w 0x2504 | void (*0x2504)() ();
| label_3:
0x000064ce ldr r1, [pc, 0xa4] |
0x000064d0 mov r0, r4 | r0 = r4;
0x000064d2 mov.w r2, 0x18a | r2 = 0x18a;
0x000064d6 add r1, pc | r1 = 0xca50;
0x000064d8 add.w r4, r1, 0x154 | r4 = r1 + 0x154;
0x000064dc add.w r3, r1, 0x124 | r3 = r1 + 0x124;
0x000064e0 str r4, [sp] | *(sp) = r4;
0x000064e2 adds r1, 0x74 | r1 += 0x74;
0x000064e4 blx 0x2434 | fcn_00002434 ();
| label_5:
0x000064e8 blx 0x241c | fcn_0000241c ();
0x000064ec ldr.w r5, [sl] | r5 = *(sl);
0x000064f0 mov r4, r0 | r4 = r0;
0x000064f2 mov r0, r5 | r0 = r5;
0x000064f4 blx 0x2744 | g_bus_unown_name ();
0x000064f8 mov r2, r5 | r2 = r5;
0x000064fa mov r3, r0 | r3 = r0;
0x000064fc mov r1, r4 | r1 = r4;
0x000064fe mov r0, sb | r0 = sb;
0x00006500 blx 0x26f8 | fcn_000026f8 ();
0x00006504 str.w r8, [sl] | __asm ("str.w r8, [sl]");
| }
| label_0:
0x00006508 movs r0, 0 | r0 = 0;
0x0000650a add sp, 8 |
0x0000650c pop.w {r4, r5, r6, r8, sb, sl, fp, pc} |
| label_8:
0x00006510 movs r0, 1 | r0 = 1;
0x00006512 add sp, 8 |
0x00006514 pop.w {r4, r5, r6, r8, sb, sl, fp, pc} |
0x00006516 ldrh r0, [r6, 0x3a] | r0 = *((r6 + 0x3a));
| label_7:
0x00006518 blx 0x241c | fcn_0000241c ();
0x0000651c ldr.w fp, [sl] | fp = *(sl);
0x00006520 mov r4, r0 | r4 = r0;
0x00006522 mov r0, fp | r0 = fp;
0x00006524 blx 0x2744 | g_bus_unown_name ();
0x00006528 mov r2, fp | r2 = fp;
0x0000652a mov r3, r0 | r3 = r0;
0x0000652c mov r1, r4 | r1 = r4;
0x0000652e mov r0, sb | r0 = sb;
0x00006530 blx 0x26f8 | fcn_000026f8 ();
0x00006534 mov r0, r6 | r0 = r6;
0x00006536 str.w r8, [sl] | __asm ("str.w r8, [sl]");
0x0000653a blx 0x2330 | r0 = system (r0)
0x0000653e cmp r0, 0 |
0x00006540 bne 0x6476 |
| } while (r0 != 0);
0x00006542 b 0x6508 | goto label_0;
| label_6:
0x00006544 blx 0x241c | fcn_0000241c ();
0x00006548 ldr.w r8, [sl] | r8 = *(sl);
0x0000654c mov r4, r0 | r4 = r0;
0x0000654e mov r0, r8 | r0 = r8;
0x00006550 blx 0x2744 | g_bus_unown_name ();
0x00006554 mov r2, r8 | r2 = r8;
0x00006556 mov r3, r0 | r3 = r0;
0x00006558 mov r1, r4 | r1 = r4;
0x0000655a mov r0, sb | r0 = sb;
0x0000655c blx 0x26f8 | fcn_000026f8 ();
0x00006560 str.w r6, [sl] | __asm ("str.w r6, [sl]");
0x00006564 b 0x6476 | goto label_1;
| }
[*] Function system used 3 times netd_migrate
