[*] Binary protection state of cifsiostat
Full RELRO Canary found NX disabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function sprintf tear down of cifsiostat
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/cifsiostat @ 0x24fc */
| #include <stdint.h>
|
; (fcn) sym.read_cifs_stat () | void read_cifs_stat () {
0x000024fc lui gp, 2 |
0x00002500 addiu gp, gp, -0x44c |
0x00002504 addu gp, gp, t9 | gp += t9;
0x00002508 addiu sp, sp, -0x2d0 |
0x0000250c lw v1, -0x7fd4(gp) | v1 = *(gp);
0x00002510 sw fp, 0x2c8(sp) | *(var_2c8h) = fp;
0x00002514 lw fp, -0x7ddc(gp) | fp = *((gp - 8055));
0x00002518 lw a2, -0x7fd0(gp) | a2 = *(gp);
0x0000251c lw a1, (v1) | a1 = *(v1);
0x00002520 lw v0, (fp) | v0 = *(fp);
0x00002524 sw gp, 0x18(sp) | *(var_18h) = gp;
0x00002528 sw v1, 0x34(sp) | *(var_34h_2) = v1;
0x0000252c sw v0, 0x2a4(sp) | *(var_2a4h) = v0;
0x00002530 move v1, zero | v1 = 0;
0x00002534 move v0, zero | v0 = 0;
0x00002538 sw v0, 0x48(sp) | *(var_48h) = v0;
0x0000253c sw v0, 0x50(sp) | *(var_50h) = v0;
0x00002540 sw v0, 0x58(sp) | *(var_58h) = v0;
0x00002544 sw v0, 0x60(sp) | *(var_60h) = v0;
0x00002548 sw v0, 0x68(sp) | *(var_68h) = v0;
0x0000254c sw v0, 0x70(sp) | *(var_70h) = v0;
0x00002550 sw v0, 0x78(sp) | *(var_78h) = v0;
0x00002554 sw ra, 0x2cc(sp) | *(var_2cch) = ra;
0x00002558 sw s7, 0x2c4(sp) | *(var_2c4h) = s7;
0x0000255c sw s6, 0x2c0(sp) | *(var_2c0h) = s6;
0x00002560 sw s5, 0x2bc(sp) | *(var_2bch) = s5;
0x00002564 sw s4, 0x2b8(sp) | *(var_2b8h) = s4;
0x00002568 sw s3, 0x2b4(sp) | *(var_2b4h) = s3;
0x0000256c sw s2, 0x2b0(sp) | *(var_2b0h) = s2;
0x00002570 sw s1, 0x2ac(sp) | *(var_2ach) = s1;
0x00002574 sw s0, 0x2a8(sp) | *(var_2a8h) = s0;
0x00002578 sw a2, 0x38(sp) | *(var_38h_2) = a2;
0x0000257c sw a0, 0x2d0(sp) | *(var_2d0h) = a0;
0x00002580 sw v1, 0x4c(sp) | *(var_4ch) = v1;
0x00002584 sw v1, 0x54(sp) | *(var_54h) = v1;
0x00002588 sw v1, 0x5c(sp) | *(var_5ch) = v1;
0x0000258c sw v1, 0x64(sp) | *(var_64h) = v1;
0x00002590 sw v1, 0x6c(sp) | *(var_6ch) = v1;
0x00002594 sw v1, 0x74(sp) | *(var_74h) = v1;
0x00002598 sw v1, 0x7c(sp) | *(var_7ch) = v1;
0x0000259c lw v0, (a2) | v0 = *(a2);
| if (a1 <= 0) {
0x000025a0 blez a1, 0x25b8 | goto label_7;
| }
0x000025a4 move v1, zero | v1 = 0;
| do {
0x000025a8 addiu v1, v1, 1 | v1++;
0x000025ac sw zero, (v0) | *(v0) = 0;
0x000025b0 addiu v0, v0, 0x88 | v0 += 0x88;
0x000025b4 bne v1, a1, 0x25a8 |
| } while (v1 != a1);
| label_7:
0x000025b8 lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
0x000025bc lw a0, -0x7fd8(gp) | a0 = *((gp - 8182));
0x000025c0 lw t9, -0x7dd0(gp) | t9 = sym.imp.fopen;
0x000025c4 addiu a1, a1, -0x6d98 | a1 += -0x6d98;
0x000025c8 addiu a0, a0, -0x72f4 | a0 += -0x72f4;
0x000025cc jalr t9 | t9 ();
0x000025d0 move s1, v0 | s1 = v0;
0x000025d4 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 == 0) {
0x000025d8 beqz v0, 0x2794 | goto label_8;
| }
0x000025dc lw a3, -0x7fd8(gp) | a3 = *((gp - 8182));
0x000025e0 lw t9, -0x7eb8(gp) | t9 = sym.imp.__sprintf_chk
0x000025e4 addiu a0, sp, 0x84 | a0 = sp + 0x84;
0x000025e8 addiu v0, zero, 0x7f | v0 = 0x7f;
0x000025ec sw a0, 0x28(sp) | *(var_28h_2) = a0;
0x000025f0 sw v0, 0x10(sp) | *(var_10h_3) = v0;
0x000025f4 addiu a3, a3, -0x72b4 | a3 += -0x72b4;
0x000025f8 addiu a2, zero, 0x20 | a2 = 0x20;
0x000025fc addiu a1, zero, 1 | a1 = 1;
0x00002600 jalr t9 | t9 ();
0x00002604 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002608 move s0, zero | s0 = 0;
0x0000260c move s2, zero | s2 = 0;
0x00002610 lw s5, -0x7fd8(gp) | s5 = *((gp - 8182));
0x00002614 lw s4, -0x7fd8(gp) | s4 = *((gp - 8182));
0x00002618 lw s3, -0x7fd8(gp) | s3 = *((gp - 8182));
0x0000261c lw v0, -0x7fd8(gp) | v0 = *((gp - 8182));
0x00002620 lw s6, -0x7fd8(gp) | s6 = *((gp - 8182));
0x00002624 sw zero, 0x24(sp) | *(var_24h_3) = 0;
0x00002628 addiu s7, sp, 0x1a4 | s7 = sp + 0x1a4;
0x0000262c addiu s5, s5, -0x72a8 | s5 += -0x72a8;
0x00002630 addiu s4, s4, -0x7288 | s4 += -0x7288;
0x00002634 addiu s3, s3, -0x7234 | s3 += -0x7234;
0x00002638 sw v0, 0x30(sp) | *(var_30h_2) = v0;
| do {
| label_2:
0x0000263c lw t9, -0x7de0(gp) | t9 = sym.imp.fgets;
0x00002640 move a2, s1 | a2 = s1;
0x00002644 addiu a1, zero, 0x100 | a1 = aav.0x00000100;
0x00002648 move a0, s7 | a0 = s7;
0x0000264c jalr t9 | t9 ();
0x00002650 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 == 0) {
0x00002654 beqz v0, 0x2748 | goto label_9;
| }
| label_0:
0x00002658 lw t9, -0x7eb0(gp) | t9 = sym.imp.__ctype_b_loc;
0x0000265c jalr t9 | t9 ();
0x00002660 nop |
0x00002664 lbu a0, 0x1a4(sp) | a0 = *(var_1a4h);
0x00002668 lw v0, (v0) | v0 = *(v0);
0x0000266c sll a0, a0, 1 | a0 <<= 1;
0x00002670 addu v0, v0, a0 | v0 += a0;
0x00002674 lhu v0, (v0) | v0 = *(v0);
0x00002678 andi v0, v0, 0x800 | v0 &= 0x800;
0x0000267c lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 != 0) {
0x00002680 bnez v0, 0x27d0 | goto label_10;
| }
| label_1:
0x00002684 lw t9, -0x7e94(gp) | t9 = sym.imp.strncmp;
0x00002688 addiu a2, zero, 6 | a2 = 6;
0x0000268c move a1, s5 | a1 = s5;
0x00002690 move a0, s7 | a0 = s7;
0x00002694 jalr t9 | t9 ();
0x00002698 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 == 0) {
0x0000269c beqz v0, 0x282c | goto label_11;
| }
0x000026a0 lw t9, -0x7e94(gp) | t9 = sym.imp.strncmp;
0x000026a4 addiu a2, zero, 7 | a2 = 7;
0x000026a8 move a1, s4 | a1 = s4;
0x000026ac move a0, s7 | a0 = s7;
0x000026b0 jalr t9 | t9 ();
0x000026b4 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 == 0) {
0x000026b8 beqz v0, 0x2868 | goto label_12;
| }
| label_3:
0x000026bc lw t9, -0x7e94(gp) | t9 = sym.imp.strncmp;
0x000026c0 addiu a2, zero, 6 | a2 = 6;
0x000026c4 addiu a1, s6, -0x7264 | a1 = s6 + -0x7264;
0x000026c8 move a0, s7 | a0 = s7;
0x000026cc jalr t9 | t9 ();
0x000026d0 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 == 0) {
0x000026d4 beqz v0, 0x28a4 | goto label_13;
| }
| label_4:
0x000026d8 lw t9, -0x7e94(gp) | t9 = sym.imp.strncmp;
0x000026dc addiu a2, zero, 0xc | a2 = 0xc;
0x000026e0 move a1, s3 | a1 = s3;
0x000026e4 move a0, s7 | a0 = s7;
0x000026e8 jalr t9 | t9 ();
0x000026ec lw gp, 0x18(sp) | gp = *(var_18h);
0x000026f0 bnez v0, 0x263c |
| } while (v0 != 0);
0x000026f4 lw v0, 0x30(sp) | v0 = *(var_30h_2);
0x000026f8 lw t9, -0x7e48(gp) | t9 = sym.imp.__isoc99_sscanf;
0x000026fc addiu a2, sp, 0x40 | a2 = sp + 0x40;
0x00002700 addiu a1, v0, -0x7224 | a1 = v0 + -0x7224;
0x00002704 move a0, s7 | a0 = s7;
0x00002708 jalr t9 | t9 ();
0x0000270c lw gp, 0x18(sp) | gp = *(var_18h);
0x00002710 lw v0, 0x40(sp) | v0 = *(var_40h_2);
0x00002714 lw a0, 0x44(sp) | a0 = *(var_44h_2);
0x00002718 addu v0, s0, v0 | v0 = s0 + v0;
0x0000271c sltu a1, v0, s0 | a1 = (v0 < s0) ? 1 : 0;
0x00002720 addu s2, s2, a0 | s2 += a0;
0x00002724 lw t9, -0x7de0(gp) | t9 = sym.imp.fgets;
0x00002728 addu s2, a1, s2 | s2 = a1 + s2;
0x0000272c move a2, s1 | a2 = s1;
0x00002730 addiu a1, zero, 0x100 | a1 = aav.0x00000100;
0x00002734 move a0, s7 | a0 = s7;
0x00002738 move s0, v0 | s0 = v0;
0x0000273c jalr t9 | t9 ();
0x00002740 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 != 0) {
0x00002744 bnez v0, 0x2658 | goto label_0;
| }
| label_9:
0x00002748 lw v0, 0x24(sp) | v0 = *(var_24h_3);
0x0000274c lw t9, -0x7fbc(gp) | t9 = sym.save_stats;
| if (v0 != 0) {
0x00002750 bnez v0, 0x28ec | goto label_14;
| }
| label_5:
0x00002754 lw t9, -0x7e80(gp) | t9 = sym.imp.fclose;
0x00002758 move a0, s1 | a0 = s1;
0x0000275c jalr t9 | t9 ();
0x00002760 lw v0, 0x34(sp) | v0 = *(var_34h_2);
0x00002764 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002768 lw a1, (v0) | a1 = *(v0);
0x0000276c lw v0, 0x38(sp) | v0 = *(var_38h_2);
0x00002770 lw v0, (v0) | v0 = *(v0);
| if (a1 <= 0) {
0x00002774 blez a1, 0x2794 | goto label_8;
| }
0x00002778 move v1, zero | v1 = 0;
| do {
0x0000277c lw a0, (v0) | a0 = *(v0);
| if (a0 != 0) {
0x00002780 beql a0, zero, 0x2788 |
0x00002784 sw zero, 4(v0) | *((v0 + 1)) = 0;
| }
0x00002788 addiu v1, v1, 1 | v1++;
0x0000278c addiu v0, v0, 0x88 | v0 += 0x88;
0x00002790 bne v1, a1, 0x277c |
| } while (v1 != a1);
| label_8:
0x00002794 lw v1, 0x2a4(sp) | v1 = *(var_2a4h);
0x00002798 lw v0, (fp) | v0 = *(fp);
0x0000279c lw ra, 0x2cc(sp) | ra = *(var_2cch);
| if (v1 != v0) {
0x000027a0 bne v1, v0, 0x2948 | goto label_15;
| }
0x000027a4 lw fp, 0x2c8(sp) | fp = *(var_2c8h);
0x000027a8 lw s7, 0x2c4(sp) | s7 = *(var_2c4h);
0x000027ac lw s6, 0x2c0(sp) | s6 = *(var_2c0h);
0x000027b0 lw s5, 0x2bc(sp) | s5 = *(var_2bch);
0x000027b4 lw s4, 0x2b8(sp) | s4 = *(var_2b8h);
0x000027b8 lw s3, 0x2b4(sp) | s3 = *(var_2b4h);
0x000027bc lw s2, 0x2b0(sp) | s2 = *(var_2b0h);
0x000027c0 lw s1, 0x2ac(sp) | s1 = *(var_2ach);
0x000027c4 lw s0, 0x2a8(sp) | s0 = *(var_2a8h);
0x000027c8 addiu sp, sp, 0x2d0 |
0x000027cc jr ra | return v0;
| label_10:
0x000027d0 lw t9, -0x7e48(gp) | t9 = sym.imp.__isoc99_sscanf;
0x000027d4 addiu v0, sp, 0x124 | v0 = sp + 0x124;
0x000027d8 lw a1, 0x28(sp) | a1 = *(var_28h_2);
0x000027dc sw v0, 0x2c(sp) | *(var_2ch_2) = v0;
0x000027e0 move a2, v0 | a2 = v0;
0x000027e4 move a0, s7 | a0 = s7;
0x000027e8 jalr t9 | t9 ();
0x000027ec move a3, v0 | a3 = v0;
0x000027f0 addiu v0, zero, 1 | v0 = 1;
0x000027f4 lw gp, 0x18(sp) | gp = *(var_18h);
| if (a3 != v0) {
0x000027f8 bne a3, v0, 0x2684 | goto label_1;
| }
0x000027fc lw v0, 0x24(sp) | v0 = *(var_24h_3);
0x00002800 addiu v0, sp, 0xa4 | v0 = sp + 0xa4;
| if (v0 != 0) {
0x00002804 bnez v0, 0x290c | goto label_16;
| }
| label_6:
0x00002808 lw t9, -0x7e58(gp) | t9 = sym.imp.strncpy;
0x0000280c lw a1, 0x2c(sp) | a1 = *(var_2ch_2);
0x00002810 sw a3, 0x24(sp) | *(var_24h_3) = a3;
0x00002814 addiu a2, zero, 0x80 | a2 = 0x80;
0x00002818 move a0, v0 | a0 = v0;
0x0000281c jalr t9 | t9 ();
0x00002820 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002824 sb zero, 0x123(sp) | *(var_123h) = 0;
0x00002828 b 0x263c | goto label_2;
| label_11:
0x0000282c lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
0x00002830 lw t9, -0x7e48(gp) | t9 = sym.imp.__isoc99_sscanf;
0x00002834 addiu a3, sp, 0x48 | a3 = sp + 0x48;
0x00002838 addiu a2, sp, 0x58 | a2 = sp + 0x58;
0x0000283c addiu a1, a1, -0x72a0 | a1 += -0x72a0;
0x00002840 move a0, s7 | a0 = s7;
0x00002844 jalr t9 | t9 ();
0x00002848 lw gp, 0x18(sp) | gp = *(var_18h);
0x0000284c addiu a2, zero, 7 | a2 = 7;
0x00002850 move a1, s4 | a1 = s4;
0x00002854 lw t9, -0x7e94(gp) | t9 = sym.imp.strncmp;
0x00002858 move a0, s7 | a0 = s7;
0x0000285c jalr t9 | t9 ();
0x00002860 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 != 0) {
0x00002864 bnez v0, 0x26bc | goto label_3;
| }
| label_12:
0x00002868 lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
0x0000286c lw t9, -0x7e48(gp) | t9 = sym.imp.__isoc99_sscanf;
0x00002870 addiu a3, sp, 0x50 | a3 = sp + 0x50;
0x00002874 addiu a2, sp, 0x60 | a2 = sp + 0x60;
0x00002878 addiu a1, a1, -0x7280 | a1 += -0x7280;
0x0000287c move a0, s7 | a0 = s7;
0x00002880 jalr t9 | t9 ();
0x00002884 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002888 addiu a2, zero, 6 | a2 = 6;
0x0000288c addiu a1, s6, -0x7264 | a1 = s6 + -0x7264;
0x00002890 lw t9, -0x7e94(gp) | t9 = sym.imp.strncmp;
0x00002894 move a0, s7 | a0 = s7;
0x00002898 jalr t9 | t9 ();
0x0000289c lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 != 0) {
0x000028a0 bnez v0, 0x26d8 | goto label_4;
| }
| label_13:
0x000028a4 lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
0x000028a8 lw t9, -0x7e48(gp) | t9 = sym.imp.__isoc99_sscanf;
0x000028ac addiu v0, sp, 0x78 | v0 = sp + 0x78;
0x000028b0 addiu a1, a1, -0x725c | a1 += -0x725c;
0x000028b4 move a0, s7 | a0 = s7;
0x000028b8 sw v0, 0x10(sp) | *(var_10h_3) = v0;
0x000028bc addiu a3, sp, 0x70 | a3 = sp + 0x70;
0x000028c0 addiu a2, sp, 0x40 | a2 = sp + 0x40;
0x000028c4 jalr t9 | t9 ();
0x000028c8 lw v0, 0x40(sp) | v0 = *(var_40h_2);
0x000028cc lw a0, 0x44(sp) | a0 = *(var_44h_2);
0x000028d0 addu v0, s0, v0 | v0 = s0 + v0;
0x000028d4 sltu a1, v0, s0 | a1 = (v0 < s0) ? 1 : 0;
0x000028d8 addu s2, s2, a0 | s2 += a0;
0x000028dc lw gp, 0x18(sp) | gp = *(var_18h);
0x000028e0 move s0, v0 | s0 = v0;
0x000028e4 addu s2, a1, s2 | s2 = a1 + s2;
0x000028e8 b 0x26d8 | goto label_4;
| label_14:
0x000028ec lw a1, 0x2d0(sp) | a1 = *(var_2d0h);
0x000028f0 addiu a2, sp, 0x48 | a2 = sp + 0x48;
0x000028f4 addiu a0, sp, 0xa4 | a0 = sp + 0xa4;
0x000028f8 sw s0, 0x68(sp) | *(var_68h) = s0;
0x000028fc sw s2, 0x6c(sp) | *(var_6ch) = s2;
0x00002900 bal 0x2158 | sym_save_stats ();
0x00002904 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002908 b 0x2754 | goto label_5;
| label_16:
0x0000290c lw t9, -0x7fbc(gp) | t9 = sym.save_stats;
0x00002910 lw a1, 0x2d0(sp) | a1 = *(var_2d0h);
0x00002914 sw a3, 0x3c(sp) | *(var_3ch_2) = a3;
0x00002918 sw s0, 0x68(sp) | *(var_68h) = s0;
0x0000291c sw s2, 0x6c(sp) | *(var_6ch) = s2;
0x00002920 move a0, v0 | a0 = v0;
0x00002924 sw v0, 0x24(sp) | *(var_24h_3) = v0;
0x00002928 addiu a2, sp, 0x48 | a2 = sp + 0x48;
0x0000292c bal 0x2158 | sym_save_stats ();
0x00002930 move s0, zero | s0 = 0;
0x00002934 move s2, zero | s2 = 0;
0x00002938 lw gp, 0x18(sp) | gp = *(var_18h);
0x0000293c lw a3, 0x3c(sp) | a3 = *(var_3ch_2);
0x00002940 lw v0, 0x24(sp) | v0 = *(var_24h_3);
0x00002944 b 0x2808 | goto label_6;
| label_15:
0x00002948 lw t9, -0x7df0(gp) | t9 = sym.imp.__stack_chk_fail;
0x0000294c jalr t9 | t9 ();
0x00002950 nop |
| }
[*] Function sprintf used 2 times cifsiostat
