[*] Binary protection state of lens_correctiond
Full RELRO Canary found NX disabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function mmap tear down of lens_correctiond
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/lens_correctiond @ 0x4e20 */
| #include <stdint.h>
|
; (fcn) sym.trf_tab_init () | void trf_tab_init () {
0x00004e20 lui gp, 2 |
0x00004e24 addiu gp, gp, -0x4e10 |
0x00004e28 addu gp, gp, t9 | gp += t9;
0x00004e2c addiu sp, sp, -0x58 |
0x00004e30 lw t9, -0x7ea8(gp) | t9 = sym.imp.malloc;
0x00004e34 sw gp, 0x18(sp) | *(var_18h) = gp;
0x00004e38 sw s6, 0x48(sp) | *(var_48h) = s6;
0x00004e3c sw s3, 0x3c(sp) | *(var_3ch) = s3;
0x00004e40 sw s1, 0x34(sp) | *(var_34h) = s1;
0x00004e44 sw s0, 0x30(sp) | *(var_30h) = s0;
0x00004e48 sw ra, 0x54(sp) | *(var_54h) = ra;
0x00004e4c sw fp, 0x50(sp) | *(var_50h) = fp;
0x00004e50 sw s7, 0x4c(sp) | *(var_4ch) = s7;
0x00004e54 sw s5, 0x44(sp) | *(var_44h) = s5;
0x00004e58 sw s4, 0x40(sp) | *(var_40h) = s4;
0x00004e5c sw s2, 0x38(sp) | *(var_38h) = s2;
0x00004e60 move s3, a0 | s3 = a0;
0x00004e64 addiu a0, zero, 0x24 | a0 = 0x24;
0x00004e68 move s0, a1 | s0 = a1;
0x00004e6c move s1, a2 | s1 = a2;
0x00004e70 jalr t9 | t9 ();
0x00004e74 move s6, v0 | s6 = v0;
0x00004e78 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 == 0) {
0x00004e7c beqz v0, 0x4fd8 | goto label_2;
| }
0x00004e80 lw t9, -0x7ea8(gp) | t9 = sym.imp.malloc;
0x00004e84 addiu a0, zero, 0x10 | a0 = 0x10;
0x00004e88 jalr t9 | t9 ();
0x00004e8c move s2, v0 | s2 = v0;
0x00004e90 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 == 0) {
0x00004e94 beqz v0, 0x509c | goto label_3;
| }
0x00004e98 addiu s0, s0, 0x1f | s0 += 0x1f;
0x00004e9c addiu s1, s1, 0x1f | s1 += 0x1f;
0x00004ea0 srl s0, s0, 5 | s0 >>= 5;
0x00004ea4 srl fp, s1, 5 | fp = s1 >> 5;
0x00004ea8 addiu v0, zero, -4 | v0 = -4;
0x00004eac addiu s0, s0, 5 | s0 += 5;
0x00004eb0 and s0, s0, v0 | s0 &= v0;
0x00004eb4 addiu v0, fp, 1 | v0 = fp + 1;
0x00004eb8 mul s1, s0, v0 | __asm ("mul s1, s0, v0");
0x00004ebc sw v0, 0x2c(sp) | *(var_2ch) = v0;
0x00004ec0 negu t0, s0 | __asm ("negu t0, s0");
0x00004ec4 lui s7, 0xc0ff | s7 = 0xc0ff0000;
0x00004ec8 move s4, s2 | s4 = s2;
0x00004ecc sll v0, s1, 3 | v0 = s1 << 3;
0x00004ed0 sw v0, 0x20(sp) | *(var_20h) = v0;
0x00004ed4 addiu v0, s2, 0x10 | v0 = s2 + 0x10;
0x00004ed8 sw v0, 0x28(sp) | *(var_28h) = v0;
0x00004edc lui v0, 0x2000 | v0 = 0x20002aad;
0x00004ee0 addiu v0, v0, 0x2aad |
0x00004ee4 sll s1, s0, 3 | s1 = s0 << 3;
0x00004ee8 sll s5, t0, 3 | s5 = t0 << 3;
0x00004eec sw v0, 0x24(sp) | *(var_24h) = v0;
0x00004ef0 ori s7, s7, 0xfe00 | s7 |= 0xfe00;
| label_1:
0x00004ef4 lw t9, -0x7e5c(gp) | t9 = sym.imp.ioctl;
0x00004ef8 lw a2, 0x20(sp) | a2 = *(var_20h);
0x00004efc lw a1, 0x24(sp) | a1 = *(var_24h);
0x00004f00 sw zero, (s4) | *(s4) = 0;
0x00004f04 sw zero, 4(s4) | *((s4 + 1)) = 0;
0x00004f08 move a0, s3 | a0 = s3;
0x00004f0c jalr t9 | t9 ();
0x00004f10 addiu v1, zero, -1 | v1 = -1;
0x00004f14 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 == v1) {
0x00004f18 beq v0, v1, 0x500c | goto label_4;
| }
0x00004f1c lw t9, -0x7db4(gp) | t9 = sym.imp.mmap
0x00004f20 lw a1, 0x20(sp) | a1 = *(var_20h);
0x00004f24 sw v0, 4(s4) | *((s4 + 1)) = v0;
0x00004f28 addiu a3, zero, 1 | a3 = 1;
0x00004f2c sw v0, 0x14(sp) | *(var_14h) = v0;
0x00004f30 sw s3, 0x10(sp) | *(var_10h) = s3;
0x00004f34 addiu a2, zero, 3 | a2 = 3;
0x00004f38 move a0, zero | a0 = 0;
0x00004f3c jalr t9 | t9 ();
0x00004f40 addiu v1, zero, -1 | v1 = -1;
0x00004f44 lw gp, 0x18(sp) | gp = *(var_18h);
0x00004f48 sw v0, (s4) | *(s4) = v0;
| if (v0 == v1) {
0x00004f4c beq v0, v1, 0x500c | goto label_4;
| }
0x00004f50 addu a2, v0, s1 | a2 = v0 + s1;
0x00004f54 move a3, zero | a3 = 0;
| label_0:
0x00004f58 sll a1, a3, 8 | a1 = a3 << 8;
0x00004f5c addu v0, a2, s5 | v0 = a2 + s5;
0x00004f60 andi a1, a1, 0xffff | a1 &= 0xffff;
0x00004f64 addiu a0, zero, 0x100 | a0 = 0x100;
| do {
0x00004f68 lw v1, 4(v0) | v1 = *((v0 + 1));
0x00004f6c sh a0, (v0) | *(v0) = a0;
0x00004f70 and v1, v1, s7 | v1 &= s7;
0x00004f74 ori v1, v1, 0x80 | v1 |= 0x80;
0x00004f78 sh a1, 2(v0) | *((v0 + 1)) = a1;
0x00004f7c sw v1, 4(v0) | *((v0 + 1)) = v1;
0x00004f80 addiu a0, a0, 0x100 | a0 += 0x100;
0x00004f84 addiu v0, v0, 8 | v0 += 8;
0x00004f88 andi a0, a0, 0xffff | a0 &= 0xffff;
0x00004f8c bne v0, a2, 0x4f68 |
| } while (v0 != a2);
0x00004f90 addiu v0, a3, 1 | v0 = a3 + 1;
0x00004f94 addu a2, a2, s1 | a2 += s1;
| if (fp != a3) {
0x00004f98 beq fp, a3, 0x4fa4 |
0x00004f9c move a3, v0 | a3 = v0;
0x00004fa0 b 0x4f58 | goto label_0;
| }
0x00004fa4 lw v0, 0x28(sp) | v0 = *(var_28h);
0x00004fa8 addiu s4, s4, 8 | s4 += 8;
0x00004fac lw v0, 0x2c(sp) | v0 = *(var_2ch);
| if (s4 != v0) {
0x00004fb0 bne s4, v0, 0x4ef4 | goto label_1;
| }
0x00004fb4 sw s3, (s6) | *(s6) = s3;
0x00004fb8 sw s0, 4(s6) | *((s6 + 1)) = s0;
0x00004fbc sw v0, 8(s6) | *((s6 + 2)) = v0;
0x00004fc0 sw zero, 0xc(s6) | *((s6 + 3)) = 0;
0x00004fc4 sw s2, 0x10(s6) | *((s6 + 4)) = s2;
0x00004fc8 sw zero, 0x14(s6) | *((s6 + 5)) = 0;
0x00004fcc sw zero, 0x18(s6) | *((s6 + 6)) = 0;
0x00004fd0 sw zero, 0x1c(s6) | *((s6 + 7)) = 0;
0x00004fd4 sw zero, 0x20(s6) | *((s6 + 8)) = 0;
| label_2:
0x00004fd8 lw ra, 0x54(sp) | ra = *(var_54h);
0x00004fdc move v0, s6 | v0 = s6;
0x00004fe0 lw fp, 0x50(sp) | fp = *(var_50h);
0x00004fe4 lw s7, 0x4c(sp) | s7 = *(var_4ch);
0x00004fe8 lw s6, 0x48(sp) | s6 = *(var_48h);
0x00004fec lw s5, 0x44(sp) | s5 = *(var_44h);
0x00004ff0 lw s4, 0x40(sp) | s4 = *(var_40h);
0x00004ff4 lw s3, 0x3c(sp) | s3 = *(var_3ch);
0x00004ff8 lw s2, 0x38(sp) | s2 = *(var_38h);
0x00004ffc lw s1, 0x34(sp) | s1 = *(var_34h);
0x00005000 lw s0, 0x30(sp) | s0 = *(var_30h);
0x00005004 addiu sp, sp, 0x58 |
0x00005008 jr ra | return v0;
| label_4:
0x0000500c lw a0, (s2) | a0 = *(s2);
0x00005010 lw t9, -0x7eec(gp) | t9 = sym.imp.munmap;
| if (a0 != 0) {
0x00005014 beqz a0, 0x5024 |
0x00005018 lw a1, 0x20(sp) | a1 = *(var_20h);
0x0000501c jalr t9 | t9 ();
0x00005020 lw gp, 0x18(sp) | gp = *(var_18h);
| }
0x00005024 lw a2, 4(s2) | a2 = *((s2 + 1));
0x00005028 lw t9, -0x7e5c(gp) | t9 = sym.imp.ioctl;
| if (a2 != 0) {
0x0000502c beqz a2, 0x5044 |
0x00005030 lui a1, 0x2000 | a1 = 0x20002aae;
0x00005034 addiu a1, a1, 0x2aae |
0x00005038 move a0, s3 | a0 = s3;
0x0000503c jalr t9 | t9 ();
0x00005040 lw gp, 0x18(sp) | gp = *(var_18h);
| }
0x00005044 lw a0, 8(s2) | a0 = *((s2 + 2));
0x00005048 sw zero, (s2) | *(s2) = 0;
0x0000504c sw zero, 4(s2) | *((s2 + 1)) = 0;
| if (a0 != 0) {
0x00005050 beqz a0, 0x5064 |
0x00005054 lw t9, -0x7eec(gp) | t9 = sym.imp.munmap;
0x00005058 lw a1, 0x20(sp) | a1 = *(var_20h);
0x0000505c jalr t9 | t9 ();
0x00005060 lw gp, 0x18(sp) | gp = *(var_18h);
| }
0x00005064 lw a2, 0xc(s2) | a2 = *((s2 + 3));
0x00005068 lw t9, -0x7e5c(gp) | t9 = sym.imp.ioctl;
| if (a2 != 0) {
0x0000506c beqz a2, 0x5084 |
0x00005070 lui a1, 0x2000 | a1 = 0x20002aae;
0x00005074 addiu a1, a1, 0x2aae |
0x00005078 move a0, s3 | a0 = s3;
0x0000507c jalr t9 | t9 ();
0x00005080 lw gp, 0x18(sp) | gp = *(var_18h);
| }
0x00005084 lw t9, -0x7e40(gp) | t9 = sym.imp.free;
0x00005088 move a0, s2 | a0 = s2;
0x0000508c sw zero, 8(s2) | *((s2 + 2)) = 0;
0x00005090 sw zero, 0xc(s2) | *((s2 + 3)) = 0;
0x00005094 jalr t9 | t9 ();
0x00005098 lw gp, 0x18(sp) | gp = *(var_18h);
| label_3:
0x0000509c lw t9, -0x7e40(gp) | t9 = sym.imp.free;
0x000050a0 move a0, s6 | a0 = s6;
0x000050a4 jalr t9 | t9 ();
0x000050a8 lw ra, 0x54(sp) | ra = *(var_54h);
0x000050ac move s6, zero | s6 = 0;
0x000050b0 move v0, s6 | v0 = s6;
0x000050b4 lw fp, 0x50(sp) | fp = *(var_50h);
0x000050b8 lw s7, 0x4c(sp) | s7 = *(var_4ch);
0x000050bc lw s6, 0x48(sp) | s6 = *(var_48h);
0x000050c0 lw s5, 0x44(sp) | s5 = *(var_44h);
0x000050c4 lw s4, 0x40(sp) | s4 = *(var_40h);
0x000050c8 lw s3, 0x3c(sp) | s3 = *(var_3ch);
0x000050cc lw s2, 0x38(sp) | s2 = *(var_38h);
0x000050d0 lw s1, 0x34(sp) | s1 = *(var_34h);
0x000050d4 lw s0, 0x30(sp) | s0 = *(var_30h);
0x000050d8 addiu sp, sp, 0x58 |
0x000050dc jr ra | return v0;
| }
[*] Function mmap used 2 times lens_correctiond
