[*] Binary protection state of zip
Full RELRO Canary found NX disabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function popen tear down of zip
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/zip @ 0xe8cc */
| #include <stdint.h>
|
; (fcn) fcn.0000e8cc () | void fcn_0000e8cc () {
0x0000e8cc lui gp, 4 |
0x0000e8d0 addiu gp, gp, 0x33c4 |
0x0000e8d4 addu gp, gp, t9 | gp += t9;
0x0000e8d8 addiu sp, sp, -0x13d0 |
0x0000e8dc lw v1, -0x7f90(gp) | v1 = *(gp);
0x0000e8e0 sw s2, 0x13c4(sp) | *(var_13c4h) = s2;
0x0000e8e4 lw s2, -0x7a44(gp) | s2 = *((gp - 7825));
0x0000e8e8 addiu a0, sp, 0x410 | a0 = sp + 0x410;
0x0000e8ec sw gp, 0x18(sp) | *(var_18h) = gp;
0x0000e8f0 lw v0, (s2) | v0 = *(s2);
0x0000e8f4 lw v1, -0x1c04(v1) | v1 = *((v1 - 1793));
0x0000e8f8 sw v0, 0x13b4(sp) | *(var_13b4h) = v0;
0x0000e8fc move v0, zero | v0 = 0;
0x0000e900 sw v0, 0x20(sp) | *(var_20h) = v0;
0x0000e904 lui v0, 0x697a | v0 = 0x697a6e75;
0x0000e908 addiu v0, v0, 0x6e75 |
0x0000e90c sw v0, 0x410(sp) | *(var_410h) = v0;
0x0000e910 addiu v0, zero, 0x70 | v0 = 0x70;
0x0000e914 sw ra, 0x13cc(sp) | *(var_13cch) = ra;
0x0000e918 sw s3, 0x13c8(sp) | *(var_13c8h) = s3;
0x0000e91c sw s1, 0x13c0(sp) | *(var_13c0h) = s1;
0x0000e920 sw s0, 0x13bc(sp) | *(var_13bch) = s0;
0x0000e924 lw a1, -0x7f90(gp) | a1 = *(gp);
0x0000e928 sb v0, 4(a0) | *((a0 + 4)) = v0;
0x0000e92c addiu v0, sp, 0x415 | v0 = sp + 0x415;
0x0000e930 lw t9, -0x7b30(gp) | t9 = sym.imp.popen
0x0000e934 swl v1, 0x418(sp) | __asm ("swl v1, (var_418h)");
0x0000e938 swr v1, (v0) | __asm ("swr v1, (v0)");
0x0000e93c addiu a1, a1, -0x1d48 | a1 += -0x1d48;
0x0000e940 jalr t9 | t9 ();
0x0000e944 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 == 0) {
0x0000e948 beqz v0, 0xea38 | goto label_3;
| }
0x0000e94c lw t9, -0x7a4c(gp) | t9 = sym.imp.fgets;
0x0000e950 addiu s1, sp, 0x24 | s1 = sp + 0x24;
0x0000e954 move a2, v0 | a2 = v0;
0x0000e958 addiu a1, zero, 0x3e8 | a1 = 0x3e8;
0x0000e95c move a0, s1 | a0 = s1;
0x0000e960 move s0, v0 | s0 = v0;
0x0000e964 jalr t9 | t9 ();
0x0000e968 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 == 0) {
0x0000e96c beqz v0, 0xea18 | goto label_4;
| }
0x0000e970 lw a1, -0x7f90(gp) | a1 = *(gp);
0x0000e974 lw t9, -0x7af4(gp) | t9 = sym.imp.__isoc99_sscanf;
0x0000e978 addiu a2, sp, 0x20 | a2 = sp + 0x20;
| /* str.UnZip__f_ */
0x0000e97c addiu a1, a1, -0x1bc4 | a1 += -0x1bc4;
0x0000e980 move a0, s1 | a0 = s1;
0x0000e984 jalr t9 | t9 ();
0x0000e988 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 <= 0) {
0x0000e98c blez v0, 0xeac0 | goto label_5;
| }
| do {
0x0000e990 lw t9, -0x7a4c(gp) | t9 = sym.imp.fgets;
0x0000e994 move a2, s0 | a2 = s0;
0x0000e998 addiu a1, zero, 0x3e8 | a1 = 0x3e8;
0x0000e99c move a0, s1 | a0 = s1;
0x0000e9a0 jalr t9 | t9 ();
0x0000e9a4 lw gp, 0x18(sp) | gp = *(var_18h);
0x0000e9a8 bnez v0, 0xe990 |
| } while (v0 != 0);
| do {
| label_2:
0x0000e9ac lw t9, -0x7b9c(gp) | t9 = sym.imp.pclose;
0x0000e9b0 move a0, s0 | a0 = s0;
0x0000e9b4 jalr t9 | t9 ();
0x0000e9b8 lw gp, 0x18(sp) | gp = *(var_18h);
| label_0:
0x0000e9bc lw v0, -0x7f90(gp) | v0 = *(gp);
0x0000e9c0 lw s0, 0x20(sp) | s0 = *(var_20h);
0x0000e9c4 lw t9, -0x7ed8(gp) | t9 = *(gp);
0x0000e9c8 lw a1, 0x5d70(v0) | a1 = *((v0 + 5980));
0x0000e9cc move a0, s0 | a0 = s0;
0x0000e9d0 bal 0x2d770 | fcn_0002d770 ();
0x0000e9d4 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 < 0) {
0x0000e9d8 bgez v0, 0xe9ec |
0x0000e9dc lw v0, -0x7ed4(gp) | v0 = *(gp);
0x0000e9e0 lw v0, (v0) | v0 = *(v0);
0x0000e9e4 lw t9, -0x7ed0(gp) | t9 = *(gp);
| if (v0 != 0) {
0x0000e9e8 bnez v0, 0xea50 | goto label_6;
| }
| }
0x0000e9ec addiu v0, zero, 1 | v0 = 1;
| label_1:
0x0000e9f0 lw a0, 0x13b4(sp) | a0 = *(var_13b4h);
0x0000e9f4 lw v1, (s2) | v1 = *(s2);
0x0000e9f8 lw ra, 0x13cc(sp) | ra = *(var_13cch);
| if (a0 != v1) {
0x0000e9fc bne a0, v1, 0xeae0 | goto label_7;
| }
0x0000ea00 lw s3, 0x13c8(sp) | s3 = *(var_13c8h);
0x0000ea04 lw s2, 0x13c4(sp) | s2 = *(var_13c4h);
0x0000ea08 lw s1, 0x13c0(sp) | s1 = *(var_13c0h);
0x0000ea0c lw s0, 0x13bc(sp) | s0 = *(var_13bch);
0x0000ea10 addiu sp, sp, 0x13d0 |
0x0000ea14 jr ra | return v0;
| label_4:
0x0000ea18 lw a1, -0x7f90(gp) | a1 = *(gp);
0x0000ea1c lw a0, -0x7f90(gp) | a0 = *(gp);
0x0000ea20 lw t9, -0x7edc(gp) | t9 = sym.zipwarn;
0x0000ea24 addiu a1, a1, 0x66d4 | a1 += 0x66d4;
| /* str.failed_to_get_information_from_UnZip */
0x0000ea28 addiu a0, a0, -0x1bec | a0 += -0x1bec;
0x0000ea2c bal 0xe4c4 | sym_zipwarn ();
0x0000ea30 lw gp, 0x18(sp) | gp = *(var_18h);
0x0000ea34 b 0xe9ac |
| } while (1);
| label_3:
0x0000ea38 lw a0, -0x7f90(gp) | a0 = *(gp);
0x0000ea3c lw t9, -0x7a80(gp) | t9 = sym.imp.perror;
| /* str.unzip_pipe_error */
0x0000ea40 addiu a0, a0, -0x1c00 | a0 += -0x1c00;
0x0000ea44 jalr t9 | t9 ();
0x0000ea48 lw gp, 0x18(sp) | gp = *(var_18h);
0x0000ea4c b 0xe9bc | goto label_0;
| label_6:
0x0000ea50 move a0, s0 | a0 = s0;
0x0000ea54 bal 0x2d8a0 | fcn_0002d8a0 ();
0x0000ea58 lw gp, 0x18(sp) | gp = *(var_18h);
0x0000ea5c addiu s0, sp, 0x24 | s0 = sp + 0x24;
0x0000ea60 sw v1, 0x14(sp) | *(var_14h) = v1;
0x0000ea64 lw a3, -0x7f90(gp) | a3 = *(gp);
0x0000ea68 lw t9, -0x7ba0(gp) | t9 = sym.imp.__sprintf_chk;
0x0000ea6c lw s3, -0x7f90(gp) | s3 = *(gp);
0x0000ea70 lw s1, -0x7edc(gp) | s1 = sym.zipwarn;
| /* str.Found_UnZip_version__4.2f */
0x0000ea74 addiu a3, a3, -0x1b98 | a3 += -0x1b98;
0x0000ea78 addiu a2, zero, 0x3e9 | a2 = 0x3e9;
0x0000ea7c addiu a1, zero, 1 | a1 = 1;
0x0000ea80 move a0, s0 | a0 = s0;
0x0000ea84 sw v0, 0x10(sp) | *(var_10h_5) = v0;
0x0000ea88 jalr t9 | t9 ();
0x0000ea8c addiu a1, s3, 0x66d4 | a1 = s3 + 0x66d4;
0x0000ea90 move t9, s1 | t9 = s1;
0x0000ea94 move a0, s0 | a0 = s0;
0x0000ea98 bal 0xe4c4 | sym_zipwarn ();
0x0000ea9c lw gp, 0x18(sp) | gp = *(var_18h);
0x0000eaa0 addiu a1, s3, 0x66d4 | a1 = s3 + 0x66d4;
0x0000eaa4 move t9, s1 | t9 = s1;
0x0000eaa8 lw a0, -0x7f90(gp) | a0 = *(gp);
| /* str.Need_UnZip_6.00_or_later_to_test_this_Zip64_archive */
0x0000eaac addiu a0, a0, -0x1b7c | a0 += -0x1b7c;
0x0000eab0 bal 0xe4c4 | sym_zipwarn ();
0x0000eab4 lw gp, 0x18(sp) | gp = *(var_18h);
0x0000eab8 move v0, zero | v0 = 0;
0x0000eabc b 0xe9f0 | goto label_1;
| label_5:
0x0000eac0 lw a1, -0x7f90(gp) | a1 = *(gp);
0x0000eac4 lw a0, -0x7f90(gp) | a0 = *(gp);
0x0000eac8 lw t9, -0x7edc(gp) | t9 = sym.zipwarn;
0x0000eacc addiu a1, a1, 0x66d4 | a1 += 0x66d4;
| /* str.unexpected_output_of_UnZip__v */
0x0000ead0 addiu a0, a0, -0x1bb8 | a0 += -0x1bb8;
0x0000ead4 bal 0xe4c4 | sym_zipwarn ();
0x0000ead8 lw gp, 0x18(sp) | gp = *(var_18h);
0x0000eadc b 0xe9ac | goto label_2;
| label_7:
0x0000eae0 lw t9, -0x7a64(gp) | t9 = sym.imp.__stack_chk_fail;
0x0000eae4 jalr t9 | t9 ();
0x0000eae8 nop |
| }
[*] Function popen used 2 times zip
