[*] Binary protection state of dynamic_overlayd
Full RELRO Canary found NX disabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function printf tear down of dynamic_overlayd
sltiu v0, v0, 1
beqz a0, 0x3294
nop
beqz a1, 0x3294
nop
lw v1, (a0)
lw v0, (a1)
slt a2, v0, v1
bnez a2, 0x329c
nop
beql v1, v0, 0x32a4
lw v0, 4(a0)
jr ra
move v0, zero
jr ra
move v0, zero
jr ra
addiu v0, zero, 1
lw v1, 4(a1)
jr ra
slt v0, v1, v0
lui gp, 2
addiu gp, gp, 0x1e90
addu gp, gp, t9
beqz a0, 0x32d8
lw t9, -sym.imp.g_strdup_printf(gp)
lw a2, 4(a0)
lw a1, (a0)
lw a0, -0x7fc8(gp)
jr t9
addiu a0, a0, -0x54ac
lw a0, -0x7fc8(gp)
lw t9, -sym.imp.g_strdup(gp)
jr t9
addiu a0, a0, -0x4374
nop
nop
beqz a0, 0x3318
nop
beqz a1, 0x3320
nop
lw v0, (a0)
lw v1, (a1)
xor v0, v0, v1
sltu v0, zero, v0
jr ra
--
move a0, s1
jalr t9
move s0, v0
bnez v0, 0x3cec
lw gp, 0x18(sp)
lw v1, (s0)
addiu v0, zero, 3
bnel v1, v0, 0x3cb4
move a0, s1
lw t9, -sym.json_overlay_cgi_text_json_to_internal_style(gp)
bal sym.json_overlay_cgi_text_json_to_internal_style
move a0, s1
lw gp, 0x18(sp)
lw t9, -sym.imp.g_strdup(gp)
jalr t9
move a0, v0
lw gp, 0x18(sp)
move a0, s0
lw t9, -sym.imp.json_integer_value(gp)
jalr t9
move s0, v0
lw gp, 0x18(sp)
move a2, v0
move a3, v1
lw a0, -0x7fc8(gp)
lw t9, -sym.imp.g_strdup_printf(gp)
jalr t9
addiu a0, a0, -0x5388
lw gp, 0x18(sp)
lw t9, -sym.imp.g_hash_table_insert(gp)
move a2, v0
move a1, s0
lw ra, 0x3c(sp)
lw s5, 0x38(sp)
lw s4, 0x34(sp)
lw s2, 0x2c(sp)
lw s1, 0x28(sp)
lw s0, 0x24(sp)
move a0, s3
lw s3, 0x30(sp)
jr t9
addiu sp, sp, 0x40
move a0, s1
lw t9, -0x7fcc(gp)
addiu t9, t9, 0x3690
bal 0x3690
--
lw gp, 0x18(sp)
move a1, zero
move a0, s0
lw t9, -sym.imp.json_array_get(gp)
jalr t9
move s1, v0
lw gp, 0x18(sp)
lw t9, -sym.imp.json_number_value(gp)
jalr t9
move a0, v0
lw gp, 0x18(sp)
addiu a1, zero, 1
move a0, s0
lw t9, -sym.imp.json_array_get(gp)
move s5, v1
jalr t9
move s4, v0
lw gp, 0x18(sp)
lw t9, -sym.imp.json_number_value(gp)
jalr t9
move a0, v0
lw gp, 0x18(sp)
move a2, s4
move a3, s5
lw a0, -0x7fc8(gp)
lw t9, -sym.imp.g_strdup_printf(gp)
addiu a0, a0, -0x5378
sw v0, 0x10(sp)
jalr t9
sw v1, 0x14(sp)
lw gp, 0x18(sp)
move a2, v0
move a1, s1
b 0x3c88
lw t9, -sym.imp.g_hash_table_insert(gp)
lw v1, (s0)
addiu v0, zero, 2
bne v1, v0, 0x3cb4
move a0, s1
lw a1, -0x7fc8(gp)
lw t9, -sym.imp.g_strcmp0(gp)
addiu a1, a1, -0x5224
jalr t9
move a0, s1
beqz v0, 0x4014
lw gp, 0x18(sp)
--
addiu a0, v0, 0x13
move s0, v0
beqz v0, 0x45f8
lw gp, 0x18(sp)
lw s5, -0x7fcc(gp)
lw a1, -obj.validCommonParameterList(gp)
addiu s5, s5, 0x373c
move t9, s5
bal 0x373c
move a0, v0
bnez v0, 0x4534
lw gp, 0x18(sp)
addiu v0, sp, 0x34
move s6, zero
sw v0, 0x20(sp)
lw s5, -0x7fc8(gp)
lw t9, -sym.imp.json_object_get(gp)
lw a0, 0x38(sp)
jalr t9
addiu a1, s5, -0x5308
addiu s7, zero, 0x67
beqz v0, 0x4c14
lw gp, 0x18(sp)
lw a2, -0x7fc8(gp)
lw a1, -0x7fc8(gp)
lw t9, -sym.imp.g_string_append_printf(gp)
addiu a2, a2, -0x4fd0
addiu a1, a1, -0x4fa0
jalr t9
move a0, s1
lw gp, 0x18(sp)
lw a0, 0x38(sp)
lw t9, -sym.imp.json_dumps(gp)
jalr t9
addiu a1, zero, 0x84
lw gp, 0x18(sp)
move a1, v0
move a0, s2
lw t9, -sym.imp.g_string_append(gp)
jalr t9
move s5, v0
lw gp, 0x18(sp)
lw a1, (s2)
lw t9, -sym.imp.g_string_append(gp)
jalr t9
move a0, s1
--
lw a1, -0x7fc8(gp)
lw t9, -sym.imp.g_strcmp0(gp)
lw a0, 0x50(sp)
jalr t9
addiu a1, a1, -0x4da4
bnez v0, 0x6a14
lw gp, 0x18(sp)
lw t9, -sym.imp.g_stpcpy(gp)
addiu s5, sp, 0x110
lw a1, 0x54(sp)
jalr t9
move a0, s5
move t9, s0
bal 0x5b38
move a0, s5
lw t9, 0x28(sp)
addiu a3, zero, 0xa
move a2, zero
addiu a1, sp, 0x60
move a0, s5
jalr t9
sw zero, 0x60(sp)
beqz v0, 0x6bfc
lw gp, 0x18(sp)
lw a1, -0x7fc8(gp)
lw t9, -sym.imp.g_sprintf(gp)
lw a2, 0x60(sp)
addiu a1, a1, -0x44f0
jalr t9
move a0, s5
lw gp, 0x18(sp)
move a3, s5
lw a2, -0x7fc8(gp)
lw t9, -sym.imp.g_variant_builder_add(gp)
b 0x62f0
addiu a2, a2, -0x4e28
lw t9, -sym.imp.g_stpcpy(gp)
addiu s5, sp, 0x110
lw a1, 0x54(sp)
jalr t9
move a0, s5
move t9, s0
bal 0x5b38
move a0, s5
lw t9, 0x28(sp)
addiu a3, zero, 0x64
move a2, zero
addiu a1, sp, 0x60
move a0, s5
jalr t9
sw zero, 0x60(sp)
beqz v0, 0x6be8
lw gp, 0x18(sp)
lw a1, -0x7fc8(gp)
lw t9, -sym.imp.g_sprintf(gp)
lw a2, 0x60(sp)
addiu a1, a1, -0x44f0
jalr t9
move a0, s5
lw gp, 0x18(sp)
move a3, s5
move a0, s4
lw a2, -0x7fc8(gp)
lw a1, -0x7fc8(gp)
lw t9, -sym.imp.g_variant_builder_add(gp)
addiu a2, a2, -0x4ee0
jalr t9
addiu a1, a1, -0x4d04
lw v1, 0x2c(sp)
lw v0, 0x60(sp)
lw gp, 0x18(sp)
b 0x6258
sw v0, (v1)
lw a2, -0x7fc8(gp)
lw t9, -sym.imp.g_variant_builder_add(gp)
--
lw t1, 0x64(sp)
lw t9, -0x7f48(gp)
lw a2, 0x20(sp)
lw a3, 0x24(sp)
move a0, t0
move a1, t1
sw t0, 0x48(sp)
bal 0x9d10
sw t1, 0x4c(sp)
bltz v0, 0x6858
lw gp, 0x18(sp)
lw v1, 0x38(sp)
lw t0, 0x48(sp)
lw t1, 0x4c(sp)
lw t9, -0x7f44(gp)
lw a2, -0x4718(v1)
lw a3, -0x4714(v1)
move a0, t0
bal 0x9e60
move a1, t1
bgtz v0, 0x6858
lw gp, 0x18(sp)
lw t0, 0x48(sp)
lw t1, 0x4c(sp)
lw a1, -0x7fc8(gp)
lw t9, -sym.imp.g_string_printf(gp)
lw a2, 0x40(sp)
lw a3, 0x44(sp)
lw a0, 0x3c(sp)
sw t0, 0x10(sp)
sw t1, 0x14(sp)
jalr t9
addiu a1, a1, -0x5378
lw gp, 0x18(sp)
move a0, s0
lw t9, -sym.imp.g_string_free(gp)
jalr t9
addiu a1, zero, 1
lw gp, 0x18(sp)
addiu a1, zero, 1
lw t9, -sym.imp.g_string_free(gp)
jalr t9
move a0, s5
lw gp, 0x18(sp)
lw s0, 0x3c(sp)
move a0, s4
--
move a0, s2
addiu v1, zero, 1
lw gp, 0x18(sp)
b 0x7ffc
movz s5, v1, v0
lw s1, 0x60(sp)
lw s6, 0x6c(sp)
bnez s3, 0x7f40
lw s0, 0x70(sp)
b 0x7ca8
lw v0, 0x50(sp)
lw t9, -sym.imp.g_variant_unref(gp)
jalr t9
lw a0, 0xac(sp)
b 0x7fac
lw gp, 0x18(sp)
lw a0, -0x7fc8(gp)
lw t9, -sym.imp.g_string_new(gp)
addiu a0, a0, -0x4374
jalr t9
lw s2, 0x9c(sp)
lw gp, 0x18(sp)
lw a2, 0x54(sp)
move a0, v0
lw a1, -0x7fc8(gp)
lw t9, -sym.imp.g_string_printf(gp)
sw v0, 0x6c(sp)
addiu a1, a1, -0x44f0
jalr t9
move s4, v0
lw gp, 0x18(sp)
addiu v0, sp, 0x104
sw v0, 0x60(sp)
lw t9, -sym.imp.g_variant_iter_init(gp)
move a1, s2
jalr t9
move a0, v0
lw gp, 0x18(sp)
move v1, zero
sw s1, 0x70(sp)
lw v0, -0x7fc8(gp)
lw s3, -0x7fc8(gp)
sw v0, 0x44(sp)
addiu v0, s3, -0x4ee0
addiu s7, sp, 0xac
addiu fp, sp, 0xa8
[*] Function printf used 8 times dynamic_overlayd
