[*] Binary protection state of libexpat.so.1.6.10
Full RELRO Canary found NX disabled DSO No RPATH No RUNPATH No Symbols
[*] Function sprintf tear down of libexpat.so.1.6.10
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/lib/libexpat.so.1.6.10 @ 0x2984 */
| #include <stdint.h>
|
; (fcn) entry.fini0 () | void entry_fini0 () {
0x00002984 lui gp, 5 |
0x00002988 addiu gp, gp, 0x66c |
0x0000298c addu gp, gp, t9 | gp += t9;
0x00002990 addiu sp, sp, -0x20 |
0x00002994 sw s0, 0x18(sp) | *(var_18h) = s0;
0x00002998 lw s0, -0x7fe4(gp) | s0 = *((gp - 8185));
0x0000299c sw gp, 0x10(sp) | *(var_10h) = gp;
0x000029a0 sw ra, 0x1c(sp) | *(var_1ch) = ra;
0x000029a4 lbu v0, -0x4f20(s0) | v0 = *((s0 - 20256));
0x000029a8 lw v0, -0x7f24(gp) | v0 = *((gp - 8137));
| if (v0 == 0) {
0x000029ac bnez v0, 0x29e0 |
0x000029b0 lw v0, -0x7fe0(gp) | v0 = *((gp - 8184));
| if (v0 != 0) {
0x000029b4 beqz v0, 0x29c8 |
0x000029b8 lw t9, -0x7f24(gp) | t9 = *((gp - 8137));
0x000029bc lw a0, (v0) | a0 = *(v0);
0x000029c0 jalr t9 | t9 ();
0x000029c4 lw gp, 0x10(sp) | gp = *(var_10h);
| }
0x000029c8 lw t9, -0x7fdc(gp) | t9 = *((gp - 8183));
0x000029cc addiu t9, t9, 0x2900 | t9 += entry0;
0x000029d0 bal 0x2900 | entry0 ();
0x000029d4 nop |
0x000029d8 addiu v0, zero, 1 | v0 = 1;
0x000029dc sb v0, -0x4f20(s0) | *((s0 - 20256)) = v0;
| }
0x000029e0 lw ra, 0x1c(sp) | ra = *(var_1ch);
0x000029e4 lw s0, 0x18(sp) | s0 = *(var_18h);
0x000029e8 addiu sp, sp, 0x20 |
0x000029ec jr ra | return v0;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/lib/libexpat.so.1.6.10 @ 0x22c44 */
| #include <stdint.h>
|
; (fcn) fcn.00022c44 () | void fcn_00022c44 () {
0x00022c44 lui gp, 3 |
0x00022c48 addiu gp, gp, 0x3ac |
0x00022c4c addu gp, gp, t9 | gp += t9;
0x00022c50 addiu sp, sp, -0x90 |
0x00022c54 addiu v1, sp, 0x44 | v1 = sp + 0x44;
0x00022c58 sw s2, 0x70(sp) | *(var_70h) = s2;
0x00022c5c lw s2, -0x7f40(gp) | s2 = *((gp - 8144));
0x00022c60 sw gp, 0x20(sp) | *(var_20h_2) = gp;
0x00022c64 sw ra, 0x8c(sp) | *(var_8ch) = ra;
0x00022c68 sw fp, 0x88(sp) | *(var_88h) = fp;
0x00022c6c sw s7, 0x84(sp) | *(var_84h) = s7;
0x00022c70 sw s6, 0x80(sp) | *(var_80h) = s6;
0x00022c74 sw s5, 0x7c(sp) | *(var_7ch) = s5;
0x00022c78 sw s4, 0x78(sp) | *(var_78h) = s4;
0x00022c7c sw s3, 0x74(sp) | *(var_74h) = s3;
0x00022c80 sw s1, 0x6c(sp) | *(var_6ch) = s1;
0x00022c84 sw s0, 0x68(sp) | *(var_68h) = s0;
0x00022c88 lw s0, 0x40(a2) | s0 = *((a2 + 16));
0x00022c8c lw t0, (s2) | t0 = *(s2);
0x00022c90 sw v1, 0x28(sp) | *(var_28h_2) = v1;
0x00022c94 sw v1, 0x18(sp) | *(var_18h_2) = v1;
0x00022c98 lw v1, 0xb0(sp) | v1 = *(var_20h);
0x00022c9c lw s1, -0x7fd8(gp) | s1 = *((gp - 8182));
0x00022ca0 sw v1, 0x34(sp) | *(var_34h) = v1;
0x00022ca4 lw v1, 0xb4(sp) | v1 = *(var_24h);
0x00022ca8 move s3, a2 | s3 = a2;
0x00022cac sll v0, s0, 2 | v0 = s0 << 2;
0x00022cb0 lw a2, 0xa0(sp) | a2 = *(var_a0h);
0x00022cb4 addu v0, v0, s0 | v0 += s0;
0x00022cb8 sw v1, 0x38(sp) | *(var_38h) = v1;
0x00022cbc sll s0, s0, 1 | s0 <<= 1;
0x00022cc0 lw v1, 0xb8(sp) | v1 = *(var_28h);
0x00022cc4 addu v0, a3, v0 | v0 = a3 + v0;
0x00022cc8 addiu t1, sp, 0x54 | t1 = sp + 0x54;
0x00022ccc subu s0, a2, s0 | __asm ("subu s0, a2, s0");
0x00022cd0 addiu fp, sp, 0x50 | fp = sp + 0x50;
0x00022cd4 addiu a2, sp, 0x4c | a2 = sp + 0x4c;
0x00022cd8 addiu s1, s1, 0x27d4 | s1 += 0x27d4;
0x00022cdc sw a2, 0x2c(sp) | *(var_2ch) = a2;
0x00022ce0 sw t1, 0x30(sp) | *(var_30h) = t1;
0x00022ce4 sw a0, 0x3c(sp) | *(var_3ch_2) = a0;
0x00022ce8 sw a2, 0x14(sp) | *(var_14h) = a2;
0x00022cec sw t1, 0x10(sp) | *(var_10h) = t1;
0x00022cf0 sw v1, 0x40(sp) | *(var_40h_2) = v1;
0x00022cf4 move s5, a1 | s5 = a1;
0x00022cf8 move a3, fp | a3 = fp;
0x00022cfc move a2, s0 | a2 = s0;
0x00022d00 move a1, v0 | a1 = v0;
0x00022d04 move a0, s3 | a0 = s3;
0x00022d08 lw s4, 0xa4(sp) | s4 = *(var_a4h);
0x00022d0c lw s7, 0xa8(sp) | s7 = *(var_18h);
0x00022d10 lw s6, 0xac(sp) | s6 = *(var_ach);
0x00022d14 move t9, s1 | t9 = s1;
0x00022d18 sw t0, 0x64(sp) | *(var_64h_2) = t0;
0x00022d1c sw zero, 0x4c(sp) | *(var_4ch_2) = 0;
0x00022d20 sw zero, 0x50(sp) | *(var_50h_2) = 0;
0x00022d24 sw zero, 0x54(sp) | *(var_54h_2) = 0;
0x00022d28 sw v0, 0x44(sp) | *(var_44h_2) = v0;
0x00022d2c bal 0x227d4 | fcn_000227d4 ();
0x00022d30 lw gp, 0x20(sp) | gp = *(var_20h_2);
| if (v0 == 0) {
0x00022d34 beqz v0, 0x22ec8 | goto label_2;
| }
0x00022d38 lw a1, 0x50(sp) | a1 = *(var_50h_2);
0x00022d3c lw a3, -0x7fa0(gp) | a3 = *((gp - 8168));
| if (a1 == 0) {
0x00022d40 beqz a1, 0x22ec8 | goto label_2;
| }
0x00022d44 lw t9, 0x18(s3) | t9 = *((s3 + 6));
0x00022d48 lw a2, 0x54(sp) | a2 = *(var_54h_2);
0x00022d4c addiu a3, a3, 0x5588 | a3 += 0x5588;
0x00022d50 move a0, s3 | a0 = s3;
0x00022d54 jalr t9 | t9 ();
0x00022d58 lw gp, 0x20(sp) | gp = *(var_20h_2);
| if (v0 != 0) {
0x00022d5c bnez v0, 0x22e68 | goto label_3;
| }
0x00022d60 lw a1, 0x50(sp) | a1 = *(var_50h_2);
| if (s5 == 0) {
0x00022d64 beqz s5, 0x23020 | goto label_4;
| }
0x00022d68 lw a3, -0x7fa0(gp) | a3 = *((gp - 8168));
| do {
0x00022d6c lw t9, 0x18(s3) | t9 = *((s3 + 6));
0x00022d70 lw a2, 0x54(sp) | a2 = *(var_54h_2);
0x00022d74 addiu a3, a3, 0x557c | a3 += 0x557c;
0x00022d78 move a0, s3 | a0 = s3;
0x00022d7c jalr t9 | t9 ();
0x00022d80 lw gp, 0x20(sp) | gp = *(var_20h_2);
| if (v0 == 0) {
0x00022d84 beqz v0, 0x22f10 | goto label_5;
| }
0x00022d88 lw v0, 0x4c(sp) | v0 = *(var_4ch_2);
0x00022d8c lw t9, 0x38(s3) | t9 = *((s3 + 14));
0x00022d90 addiu s6, sp, 0x60 | s6 = sp + 0x60;
0x00022d94 addiu s7, sp, 0x61 | s7 = sp + 0x61;
0x00022d98 sw v0, 0x58(sp) | *(var_58h_2) = v0;
0x00022d9c sw s6, 0x5c(sp) | *(var_5ch_2) = s6;
0x00022da0 sw s7, 0x10(sp) | *(var_10h) = s7;
0x00022da4 addiu a3, sp, 0x5c | a3 = sp + 0x5c;
0x00022da8 move a2, s0 | a2 = s0;
0x00022dac addiu a1, sp, 0x58 | a1 = sp + 0x58;
0x00022db0 move a0, s3 | a0 = s3;
0x00022db4 jalr t9 | t9 ();
0x00022db8 lw v0, 0x5c(sp) | v0 = *(var_5ch_2);
0x00022dbc lw gp, 0x20(sp) | gp = *(var_20h_2);
| if (v0 == s6) {
0x00022dc0 beq v0, s6, 0x23070 | goto label_6;
| }
0x00022dc4 lb v0, 0x60(sp) | v0 = *(var_60h_2);
0x00022dc8 addiu a0, zero, -0x21 | a0 = -0x21;
0x00022dcc and v0, v0, a0 | v0 &= a0;
0x00022dd0 addiu v0, v0, -0x41 | v0 += -0x41;
0x00022dd4 andi v0, v0, 0xff | v0 &= 0xff;
0x00022dd8 sltiu v0, v0, 0x1a | v0 = (v0 < 0x1a) ? 1 : 0;
0x00022ddc lw v1, 0x34(sp) | v1 = *(var_34h);
| if (v0 == 0) {
0x00022de0 beqz v0, 0x23070 | goto label_6;
| }
0x00022de4 lw v0, 0x4c(sp) | v0 = *(var_4ch_2);
| if (v1 != 0) {
0x00022de8 beqz v1, 0x22df0 |
0x00022dec sw v0, (v1) | *(v1) = v0;
| }
0x00022df0 lw s6, 0x38(sp) | s6 = *(var_38h);
0x00022df4 lw a0, 0x44(sp) | a0 = *(var_44h_2);
| if (s6 != 0) {
0x00022df8 beqz s6, 0x22e1c |
0x00022dfc lw a2, 0x40(s3) | a2 = *((s3 + 16));
0x00022e00 lw a1, 0x4c(sp) | a1 = *(var_4ch_2);
0x00022e04 lw t9, 0x3c(sp) | t9 = *(var_3ch_2);
0x00022e08 subu a2, a0, a2 | __asm ("subu a2, a0, a2");
0x00022e0c move a0, s3 | a0 = s3;
0x00022e10 jalr t9 | t9 ();
0x00022e14 lw a0, 0x44(sp) | a0 = *(var_44h_2);
0x00022e18 sw v0, (s6) | *(s6) = v0;
| }
0x00022e1c lw v0, 0x28(sp) | v0 = *(var_28h_2);
0x00022e20 move a1, a0 | a1 = a0;
0x00022e24 sw v0, 0x18(sp) | *(var_18h_2) = v0;
0x00022e28 lw v0, 0x2c(sp) | v0 = *(var_2ch);
0x00022e2c move a3, fp | a3 = fp;
0x00022e30 sw v0, 0x14(sp) | *(var_14h) = v0;
0x00022e34 lw v0, 0x30(sp) | v0 = *(var_30h);
0x00022e38 move a2, s0 | a2 = s0;
0x00022e3c sw v0, 0x10(sp) | *(var_10h) = v0;
0x00022e40 move t9, s1 | t9 = s1;
0x00022e44 move a0, s3 | a0 = s3;
0x00022e48 bal 0x227d4 | fcn_000227d4 ();
0x00022e4c lw gp, 0x20(sp) | gp = *(var_20h_2);
| if (v0 == 0) {
0x00022e50 beqz v0, 0x23064 | goto label_7;
| }
0x00022e54 lw a1, 0x50(sp) | a1 = *(var_50h_2);
0x00022e58 lw a3, -0x7fa0(gp) | a3 = *((gp - 8168));
| if (a1 != 0) {
0x00022e5c bnez a1, 0x22f18 | goto label_8;
| }
0x00022e60 addiu v0, zero, 1 | v0 = 1;
0x00022e64 b 0x22ed4 | goto label_0;
| label_3:
0x00022e68 lw v0, 0x4c(sp) | v0 = *(var_4ch_2);
| if (s7 != 0) {
0x00022e6c beqz s7, 0x22e74 |
0x00022e70 sw v0, (s7) | *(s7) = v0;
| }
0x00022e74 lw a1, 0x44(sp) | a1 = *(var_44h_2);
| if (s6 != 0) {
0x00022e78 beqz s6, 0x22e80 |
0x00022e7c sw a1, (s6) | *(s6) = a1;
| }
0x00022e80 lw v0, 0x28(sp) | v0 = *(var_28h_2);
0x00022e84 move a3, fp | a3 = fp;
0x00022e88 sw v0, 0x18(sp) | *(var_18h_2) = v0;
0x00022e8c lw v0, 0x2c(sp) | v0 = *(var_2ch);
0x00022e90 move a2, s0 | a2 = s0;
0x00022e94 sw v0, 0x14(sp) | *(var_14h) = v0;
0x00022e98 lw v0, 0x30(sp) | v0 = *(var_30h);
0x00022e9c move a0, s3 | a0 = s3;
0x00022ea0 move t9, s1 | t9 = s1;
0x00022ea4 sw v0, 0x10(sp) | *(var_10h) = v0;
0x00022ea8 bal 0x227d4 | fcn_000227d4 ();
0x00022eac lw gp, 0x20(sp) | gp = *(var_20h_2);
| if (v0 == 0) {
0x00022eb0 beqz v0, 0x22ec8 | goto label_2;
| }
0x00022eb4 lw a1, 0x50(sp) | a1 = *(var_50h_2);
0x00022eb8 lw a3, -0x7fa0(gp) | a3 = *((gp - 8168));
0x00022ebc bnez a1, 0x22d6c |
| } while (a1 != 0);
0x00022ec0 addiu v0, zero, 1 | v0 = 1;
| if (s5 != 0) {
0x00022ec4 beqz s5, 0x22ed4 |
| label_2:
0x00022ec8 lw v1, 0x44(sp) | v1 = *(var_44h_2);
0x00022ecc move v0, zero | v0 = 0;
0x00022ed0 sw v1, (s4) | *(s4) = v1;
| }
| label_0:
0x00022ed4 lw a0, 0x64(sp) | a0 = *(var_64h_2);
0x00022ed8 lw v1, (s2) | v1 = *(s2);
0x00022edc lw ra, 0x8c(sp) | ra = *(var_8ch);
| if (a0 != v1) {
0x00022ee0 bne a0, v1, 0x2308c | goto label_9;
| }
0x00022ee4 lw fp, 0x88(sp) | fp = *(var_88h);
0x00022ee8 lw s7, 0x84(sp) | s7 = *(var_84h);
0x00022eec lw s6, 0x80(sp) | s6 = *(var_80h);
0x00022ef0 lw s5, 0x7c(sp) | s5 = *(var_7ch);
0x00022ef4 lw s4, 0x78(sp) | s4 = *(var_78h);
0x00022ef8 lw s3, 0x74(sp) | s3 = *(var_74h);
0x00022efc lw s2, 0x70(sp) | s2 = *(var_70h);
0x00022f00 lw s1, 0x6c(sp) | s1 = *(var_6ch);
0x00022f04 lw s0, 0x68(sp) | s0 = *(var_68h);
0x00022f08 addiu sp, sp, 0x90 |
0x00022f0c jr ra | return v1;
| label_5:
0x00022f10 lw a1, 0x50(sp) | a1 = *(var_50h_2);
0x00022f14 lw a3, -0x7fa0(gp) | a3 = *((gp - 8168));
| label_8:
0x00022f18 lw t9, 0x18(s3) | t9 = *((s3 + 6));
0x00022f1c lw a2, 0x54(sp) | a2 = *(var_54h_2);
0x00022f20 addiu a3, a3, 0x5570 | a3 += 0x5570;
0x00022f24 move a0, s3 | a0 = s3;
0x00022f28 jalr t9 | t9 ();
0x00022f2c lw gp, 0x20(sp) | gp = *(var_20h_2);
| if (v0 == 0) {
0x00022f30 beqz v0, 0x23028 | goto label_10;
| }
0x00022f34 lw a3, -0x7fa0(gp) | a3 = *((gp - 8168));
| if (s5 != 0) {
0x00022f38 bnez s5, 0x23028 | goto label_10;
| }
0x00022f3c lw v0, 0x40(s3) | v0 = *((s3 + 16));
0x00022f40 lw a2, 0x44(sp) | a2 = *(var_44h_2);
0x00022f44 lw t9, 0x18(s3) | t9 = *((s3 + 6));
0x00022f48 lw a1, 0x4c(sp) | a1 = *(var_4ch_2);
0x00022f4c addiu a3, a3, 0x556c | a3 += 0x556c;
0x00022f50 subu a2, a2, v0 | __asm ("subu a2, a2, v0");
0x00022f54 move a0, s3 | a0 = s3;
0x00022f58 jalr t9 | t9 ();
0x00022f5c lw gp, 0x20(sp) | gp = *(var_20h_2);
| if (v0 != 0) {
0x00022f60 bnez v0, 0x23038 | goto label_11;
| }
0x00022f64 lw a3, -0x7fa0(gp) | a3 = *((gp - 8168));
0x00022f68 lw v0, 0x40(s3) | v0 = *((s3 + 16));
0x00022f6c lw a2, 0x44(sp) | a2 = *(var_44h_2);
0x00022f70 lw t9, 0x18(s3) | t9 = *((s3 + 6));
0x00022f74 lw a1, 0x4c(sp) | a1 = *(var_4ch_2);
0x00022f78 addiu a3, a3, 0x5568 | a3 += 0x5568;
0x00022f7c subu a2, a2, v0 | __asm ("subu a2, a2, v0");
0x00022f80 move a0, s3 | a0 = s3;
0x00022f84 jalr t9 | t9 ();
0x00022f88 lw gp, 0x20(sp) | gp = *(var_20h_2);
| if (v0 == 0) {
0x00022f8c beqz v0, 0x23080 | goto label_12;
| }
0x00022f90 lw v0, 0x40(sp) | v0 = *(var_40h_2);
0x00022f94 sw zero, (v0) | *(v0) = 0;
| if (v0 != 0) {
0x00022f98 bnel v0, zero, 0x22f9c |
| }
| label_1:
0x00022f9c lui s1, 0x80 | s1 = 0x800000;
0x00022fa0 lw a0, 0x44(sp) | a0 = *(var_44h_2);
0x00022fa4 addiu s6, sp, 0x60 | s6 = sp + 0x60;
0x00022fa8 addiu fp, sp, 0x5c | fp = sp + 0x5c;
0x00022fac addiu s5, sp, 0x58 | s5 = sp + 0x58;
0x00022fb0 addiu s7, sp, 0x61 | s7 = sp + 0x61;
0x00022fb4 addiu s1, s1, 0x13 | s1 += 0x13;
| do {
0x00022fb8 lw t9, 0x38(s3) | t9 = *((s3 + 14));
0x00022fbc sw a0, 0x58(sp) | *(var_58h_2) = a0;
0x00022fc0 sw s6, 0x5c(sp) | *(var_5ch_2) = s6;
0x00022fc4 sw s7, 0x10(sp) | *(var_10h) = s7;
0x00022fc8 move a3, fp | a3 = fp;
0x00022fcc move a2, s0 | a2 = s0;
0x00022fd0 move a1, s5 | a1 = s5;
0x00022fd4 move a0, s3 | a0 = s3;
0x00022fd8 jalr t9 | t9 ();
0x00022fdc lw v0, 0x5c(sp) | v0 = *(var_5ch_2);
0x00022fe0 lw gp, 0x20(sp) | gp = *(var_20h_2);
| if (v0 == s6) {
0x00022fe4 beq v0, s6, 0x2304c | goto label_13;
| }
0x00022fe8 lb v0, 0x60(sp) | v0 = *(var_60h_2);
0x00022fec addiu v0, v0, -9 | v0 += -9;
0x00022ff0 sltiu a1, v0, 0x18 | a1 = (v0 < 0x18) ? 1 : 0;
0x00022ff4 lw a0, 0x44(sp) | a0 = *(var_44h_2);
| if (a1 == 0) {
0x00022ff8 beqz a1, 0x23050 | goto label_14;
| }
0x00022ffc addiu v1, zero, 1 | v1 = 1;
0x00023000 sllv v0, v1, v0 | v0 = v1 << v0;
0x00023004 and v0, v0, s1 | v0 &= s1;
| if (v0 == 0) {
0x00023008 beqz v0, 0x23050 | goto label_14;
| }
0x0002300c nop |
0x00023010 lw v0, 0x40(s3) | v0 = *((s3 + 16));
0x00023014 addu a0, a0, v0 | a0 += v0;
0x00023018 sw a0, 0x44(sp) | *(var_44h_2) = a0;
0x0002301c b 0x22fb8 |
| } while (1);
| label_4:
0x00023020 sw a1, (s4) | *(s4) = a1;
0x00023024 b 0x22ed4 | goto label_0;
| label_10:
0x00023028 lw v1, 0x50(sp) | v1 = *(var_50h_2);
0x0002302c move v0, zero | v0 = 0;
0x00023030 sw v1, (s4) | *(s4) = v1;
0x00023034 b 0x22ed4 | goto label_0;
| label_11:
0x00023038 lw v1, 0x40(sp) | v1 = *(var_40h_2);
0x0002303c addiu v0, zero, 1 | v0 = 1;
| if (v1 == 0) {
0x00023040 beqz v1, 0x22f9c | goto label_1;
| }
0x00023044 sw v0, (v1) | *(v1) = v0;
0x00023048 b 0x22f9c | goto label_1;
| label_13:
0x0002304c lw a0, 0x44(sp) | a0 = *(var_44h_2);
| if (s0 == a0) {
| label_14:
0x00023050 beql s0, a0, 0x22ed4 | goto label_0;
| }
0x00023054 addiu v0, zero, 1 | v0 = 1;
0x00023058 sw a0, (s4) | *(s4) = a0;
0x0002305c move v0, zero | v0 = 0;
0x00023060 b 0x22ed4 | goto label_0;
| label_7:
0x00023064 lw v1, 0x44(sp) | v1 = *(var_44h_2);
0x00023068 sw v1, (s4) | *(s4) = v1;
0x0002306c b 0x22ed4 | goto label_0;
| label_6:
0x00023070 lw v1, 0x4c(sp) | v1 = *(var_4ch_2);
0x00023074 move v0, zero | v0 = 0;
0x00023078 sw v1, (s4) | *(s4) = v1;
0x0002307c b 0x22ed4 | goto label_0;
| label_12:
0x00023080 lw v1, 0x4c(sp) | v1 = *(var_4ch_2);
0x00023084 sw v1, (s4) | *(s4) = v1;
0x00023088 b 0x22ed4 | goto label_0;
| label_9:
0x0002308c lw t9, -0x7f4c(gp) | t9 = *((gp - 8147));
0x00023090 jalr t9 | t9 ();
0x00023094 nop |
| }
[*] Function sprintf used 1 times libexpat.so.1.6.10
