[*] Binary protection state of lldpcli
Full RELRO Canary found NX disabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function sprintf tear down of lldpcli
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/sbin/lldpcli @ 0x14920 */
| #include <stdint.h>
|
; (fcn) fcn.00014920 () | void fcn_00014920 () {
0x00014920 lui gp, 2 |
0x00014924 addiu gp, gp, -0x1890 |
0x00014928 addu gp, gp, t9 | gp += t9;
0x0001492c addiu sp, sp, -0x60 |
0x00014930 lw v1, -0x7fd4(gp) | v1 = *((gp - 8181));
0x00014934 sw s1, 0x3c(sp) | *(var_3ch) = s1;
0x00014938 lw s1, -0x7d88(gp) | s1 = *((gp - 8034));
0x0001493c sw fp, 0x58(sp) | *(var_58h) = fp;
0x00014940 sw s4, 0x48(sp) | *(var_48h) = s4;
0x00014944 move fp, sp | fp = sp;
0x00014948 lw v0, (s1) | v0 = *(s1);
0x0001494c lw s4, -0x439c(v1) | s4 = *((v1 - 4327));
0x00014950 sw s0, 0x38(sp) | *(var_38h) = s0;
0x00014954 sw ra, 0x5c(sp) | *(var_5ch) = ra;
0x00014958 sw s7, 0x54(sp) | *(var_54h) = s7;
0x0001495c sw s6, 0x50(sp) | *(var_50h) = s6;
0x00014960 sw s5, 0x4c(sp) | *(var_4ch) = s5;
0x00014964 sw s3, 0x44(sp) | *(var_44h) = s3;
0x00014968 sw s2, 0x40(sp) | *(var_40h) = s2;
0x0001496c sw gp, 0x28(sp) | *(var_28h_2) = gp;
0x00014970 move s0, a0 | s0 = a0;
0x00014974 sw v0, 0x34(fp) | *(arg_34h) = v0;
0x00014978 lw t9, -0x7e1c(gp) | t9 = sym.imp.__vasprintf_chk
| if (s4 == 0) {
0x0001497c beqz s4, 0x149fc | goto label_1;
| }
0x00014980 addiu a1, zero, 1 | a1 = 1;
0x00014984 addiu a0, fp, 0x30 | a0 = fp + 0x30;
0x00014988 jalr t9 | t9 ();
0x0001498c addiu v1, zero, -1 | v1 = -1;
0x00014990 lw gp, 0x28(fp) | gp = *(var_28h_2);
| if (v0 != v1) {
0x00014994 beq v0, v1, 0x149bc |
0x00014998 lw a1, 0x30(fp) | a1 = *(arg_30h);
0x0001499c move t9, s4 | t9 = s4;
0x000149a0 move a0, s0 | a0 = s0;
0x000149a4 jalr t9 | t9 ();
0x000149a8 lw gp, 0x28(fp) | gp = *(var_28h_2);
0x000149ac lw t9, -0x7d7c(gp) | t9 = sym.imp.free;
0x000149b0 lw a0, 0x30(fp) | a0 = *(arg_30h);
0x000149b4 jalr t9 | t9 ();
0x000149b8 lw gp, 0x28(fp) | gp = *(var_28h_2);
| }
0x000149bc lw v1, 0x34(fp) | v1 = *(arg_34h);
0x000149c0 lw v0, (s1) | v0 = *(s1);
0x000149c4 lw ra, 0x5c(fp) | ra = *(var_5ch);
| if (v1 != v0) {
0x000149c8 bne v1, v0, 0x14c44 | void (*0x14c44)() ();
| }
0x000149cc move sp, fp |
0x000149d0 lw fp, 0x58(sp) | fp = *(var_58h);
0x000149d4 lw s7, 0x54(sp) | s7 = *(var_54h);
0x000149d8 lw s6, 0x50(sp) | s6 = *(var_50h);
0x000149dc lw s5, 0x4c(sp) | s5 = *(var_4ch);
0x000149e0 lw s4, 0x48(sp) | s4 = *(var_48h);
0x000149e4 lw s3, 0x44(sp) | s3 = *(var_44h);
0x000149e8 lw s2, 0x40(sp) | s2 = *(var_40h);
0x000149ec lw s1, 0x3c(sp) | s1 = *(var_3ch);
0x000149f0 lw s0, 0x38(sp) | s0 = *(var_38h);
0x000149f4 addiu sp, sp, 0x60 |
0x000149f8 jr ra | return v0;
| label_1:
0x000149fc lw v0, -0x7fd4(gp) | v0 = *((gp - 8181));
0x00014a00 move s6, a1 | s6 = a1;
0x00014a04 move s2, a2 | s2 = a2;
0x00014a08 lw v0, -0x4394(v0) | v0 = *((v0 - 4325));
0x00014a0c move s3, a3 | s3 = a3;
| if (v0 != 0) {
0x00014a10 bnez v0, 0x14ac4 | goto label_2;
| }
| label_0:
0x00014a14 lw t9, -0x7d9c(gp) | t9 = sym.imp.time;
0x00014a18 move a0, zero | a0 = 0;
0x00014a1c jalr t9 | t9 ();
0x00014a20 lw gp, 0x28(fp) | gp = *(var_28h_2);
0x00014a24 addiu s4, fp, 0x30 | s4 = fp + 0x30;
0x00014a28 move a0, s4 | a0 = s4;
0x00014a2c lw t9, -0x7dfc(gp) | t9 = sym.imp.localtime;
0x00014a30 lw s5, -0x7fd4(gp) | s5 = *((gp - 8181));
0x00014a34 sw v0, 0x30(fp) | *(arg_30h) = v0;
0x00014a38 jalr t9 | t9 ();
0x00014a3c lw gp, 0x28(fp) | gp = *(var_28h_2);
0x00014a40 move a3, v0 | a3 = v0;
0x00014a44 addiu a1, zero, 0x14 | a1 = 0x14;
0x00014a48 lw a2, -0x7f80(gp) | a2 = *((gp - 8160));
0x00014a4c lw t9, -0x7df4(gp) | t9 = sym.imp.strftime;
| /* str._Y__m__dT_H:_M:_S */
0x00014a50 addiu a2, a2, -0x65fc | a2 += -0x65fc;
| /* str.2012_12_12T16:13:30 */
0x00014a54 addiu a0, s5, -0x4f90 | a0 = s5 + -0x4f90;
0x00014a58 jalr t9 | t9 ();
0x00014a5c lw gp, 0x28(fp) | gp = *(var_28h_2);
0x00014a60 addiu a0, zero, 2 | a0 = 2;
0x00014a64 lw t9, -0x7e98(gp) | t9 = sym.imp.isatty;
0x00014a68 addiu s0, s0, -3 | s0 += -3;
0x00014a6c jalr t9 | t9 ();
0x00014a70 addiu v1, zero, 1 | v1 = 1;
0x00014a74 lw gp, 0x28(fp) | gp = *(var_28h_2);
| if (v0 == v1) {
0x00014a78 beq v0, v1, 0x14aa0 | goto label_3;
| }
0x00014a7c sltiu v0, s0, 5 | v0 = (s0 < 5) ? 1 : 0;
0x00014a80 lw v0, -0x7f80(gp) | v0 = *((gp - 8160));
| if (v0 == 0) {
0x00014a84 beqz v0, 0x14c5c | void (*0x14c5c)() ();
| }
0x00014a88 sll s0, s0, 2 | s0 <<= 2;
0x00014a8c addiu v0, v0, -0x65c0 | v0 += -0x65c0;
0x00014a90 lwx s0, s0(v0) | __asm ("lwx s0, s0(v0)");
0x00014a94 addu s0, s0, gp | s0 += gp;
0x00014a98 jr s0 | s0 ();
0x00014a9c nop |
| label_3:
0x00014aa0 sltiu v0, s0, 5 | v0 = (s0 < 5) ? 1 : 0;
0x00014aa4 lw v0, -0x7f80(gp) | v0 = *((gp - 8160));
| if (v0 == 0) {
0x00014aa8 beqz v0, 0x14c50 | void (*0x14c50)() ();
| }
0x00014aac sll s0, s0, 2 | s0 <<= 2;
0x00014ab0 addiu v0, v0, -0x65ac | v0 += -0x65ac;
0x00014ab4 lwx v0, s0(v0) | __asm ("lwx v0, s0(v0)");
0x00014ab8 addu v0, v0, gp | v0 += gp;
0x00014abc jr v0 | v0 ();
0x00014ac0 nop |
| label_2:
0x00014ac4 lw t9, -0x7dcc(gp) | t9 = sym.imp.__vsyslog_chk;
0x00014ac8 addiu a1, zero, 1 | a1 = 1;
0x00014acc jalr t9 | t9 ();
0x00014ad0 lw gp, 0x28(fp) | gp = *(var_28h_2);
0x00014ad4 b 0x14a14 | goto label_0;
| }
[*] Function sprintf used 2 times lldpcli
