[*] Binary protection state of lsattr
Full RELRO Canary found NX disabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function sprintf tear down of lsattr
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/lsattr @ 0xeb0 */
| #include <stdint.h>
|
; (fcn) fcn.00000eb0 () | void fcn_00000eb0 () {
| label_3:
0x00000eb0 lui gp, 2 |
0x00000eb4 addiu gp, gp, -0x6e90 |
0x00000eb8 addu gp, gp, t9 | gp += t9;
0x00000ebc addiu sp, sp, -0x40 |
0x00000ec0 lw t9, -0x7f60(gp) | t9 = sym.imp.fgetflags;
0x00000ec4 sw s1, 0x30(sp) | *(var_30h) = s1;
0x00000ec8 lw s1, -0x7f5c(gp) | s1 = *((gp - 8151));
0x00000ecc sw gp, 0x10(sp) | *(var_10h) = gp;
0x00000ed0 sw s3, 0x38(sp) | *(var_38h) = s3;
0x00000ed4 lw v0, (s1) | v0 = *(s1);
0x00000ed8 sw s2, 0x34(sp) | *(var_34h) = s2;
0x00000edc sw ra, 0x3c(sp) | *(var_3ch) = ra;
0x00000ee0 sw s0, 0x2c(sp) | *(var_2ch) = s0;
0x00000ee4 addiu a1, sp, 0x18 | a1 = sp + 0x18;
0x00000ee8 sw v0, 0x24(sp) | *(var_24h) = v0;
0x00000eec move s2, a0 | s2 = a0;
0x00000ef0 addiu s3, zero, -1 | s3 = -1;
0x00000ef4 jalr t9 | t9 ();
0x00000ef8 lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 == s3) {
0x00000efc beq v0, s3, 0x106c | goto label_7;
| }
0x00000f00 lw v0, -0x7fdc(gp) | v0 = *((gp - 8183));
0x00000f04 lw v0, 0x2100(v0) | v0 = *((v0 + 2112));
0x00000f08 lw v0, -0x7fdc(gp) | v0 = *((gp - 8183));
| if (v0 != 0) {
0x00000f0c bnez v0, 0xfe4 | goto label_8;
| }
0x00000f10 lw v0, 0x2104(v0) | v0 = *((v0 + 2113));
0x00000f14 lw t9, -0x7f54(gp) | t9 = sym.imp.fgetversion;
| if (v0 != 0) {
0x00000f18 bnez v0, 0x1030 | goto label_9;
| }
| label_1:
0x00000f1c lw s0, -0x7fdc(gp) | s0 = *((gp - 8183));
| label_0:
0x00000f20 lw a2, 0x2110(s0) | a2 = *((s0 + 2116));
0x00000f24 andi v0, a2, 1 | v0 = a2 & 1;
0x00000f28 lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
| if (v0 == 0) {
0x00000f2c bnel v0, zero, 0xf94 | goto label_10;
| }
0x00000f30 lw v0, -0x7f98(gp) | v0 = *((gp - 8166));
0x00000f34 lw t9, -0x7f7c(gp) | t9 = sym.imp.print_flags;
0x00000f38 lw a1, 0x18(sp) | a1 = *(var_18h);
0x00000f3c lw a0, (v0) | a0 = *(v0);
0x00000f40 move s0, zero | s0 = 0;
0x00000f44 jalr t9 | t9 ();
0x00000f48 lw gp, 0x10(sp) | gp = *(var_10h);
0x00000f4c move a2, s2 | a2 = s2;
0x00000f50 addiu a0, zero, 1 | a0 = 1;
0x00000f54 lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
0x00000f58 lw t9, -0x7f9c(gp) | t9 = sym.imp.__printf_chk;
0x00000f5c addiu a1, a1, 0x1740 | a1 += str.__s_n;
0x00000f60 jalr t9 | t9 ();
0x00000f64 lw gp, 0x10(sp) | gp = *(var_10h);
| do {
| label_2:
0x00000f68 lw a0, 0x24(sp) | a0 = *(var_24h);
0x00000f6c lw v1, (s1) | v1 = *(s1);
0x00000f70 move v0, s0 | v0 = s0;
| if (a0 != v1) {
0x00000f74 bne a0, v1, 0x1118 | goto label_11;
| }
0x00000f78 lw ra, 0x3c(sp) | ra = *(var_3ch);
0x00000f7c lw s3, 0x38(sp) | s3 = *(var_38h);
0x00000f80 lw s2, 0x34(sp) | s2 = *(var_34h);
0x00000f84 lw s1, 0x30(sp) | s1 = *(var_30h);
0x00000f88 lw s0, 0x2c(sp) | s0 = *(var_2ch);
0x00000f8c addiu sp, sp, 0x40 |
0x00000f90 jr ra | return v0;
| label_10:
0x00000f94 lw t9, -0x7f9c(gp) | t9 = sym.imp.__printf_chk;
0x00000f98 move a2, s2 | a2 = s2;
0x00000f9c addiu a1, a1, 0x1738 | a1 += str.__28s_;
0x00000fa0 lw s3, -0x7f98(gp) | s3 = *((gp - 8166));
0x00000fa4 addiu a0, zero, 1 | a0 = 1;
0x00000fa8 jalr t9 | t9 ();
0x00000fac lw gp, 0x10(sp) | gp = *(var_10h);
0x00000fb0 lw a2, 0x2110(s0) | a2 = *((s0 + 2116));
0x00000fb4 lw a1, 0x18(sp) | a1 = *(var_18h);
0x00000fb8 lw t9, -0x7f7c(gp) | t9 = sym.imp.print_flags;
0x00000fbc lw a0, (s3) | a0 = *(s3);
0x00000fc0 move s0, zero | s0 = 0;
0x00000fc4 jalr t9 | t9 ();
0x00000fc8 lw gp, 0x10(sp) | gp = *(var_10h);
0x00000fcc lw a1, (s3) | a1 = *(s3);
0x00000fd0 lw t9, -0x7fa4(gp) | t9 = sym.imp.fputc;
0x00000fd4 addiu a0, zero, 0xa | a0 = 0xa;
0x00000fd8 jalr t9 | t9 ();
0x00000fdc lw gp, 0x10(sp) | gp = *(var_10h);
0x00000fe0 b 0xf68 |
| } while (1);
| label_8:
0x00000fe4 lw t9, -0x7f58(gp) | t9 = sym.imp.fgetproject;
0x00000fe8 addiu a1, sp, 0x20 | a1 = sp + 0x20;
0x00000fec move a0, s2 | a0 = s2;
0x00000ff0 jalr t9 | t9 ();
0x00000ff4 move s0, v0 | s0 = v0;
0x00000ff8 lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 == s3) {
0x00000ffc beq v0, s3, 0x10a8 | goto label_12;
| }
0x00001000 lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
0x00001004 lw t9, -0x7f9c(gp) | t9 = sym.imp.__printf_chk;
0x00001008 lw a2, 0x20(sp) | a2 = *(var_20h_2);
0x0000100c addiu a1, a1, 0x170c | a1 += str._5lu_;
0x00001010 addiu a0, zero, 1 | a0 = 1;
0x00001014 jalr t9 | t9 ();
0x00001018 lw gp, 0x10(sp) | gp = *(var_10h);
0x0000101c lw v0, -0x7fdc(gp) | v0 = *((gp - 8183));
0x00001020 lw v0, 0x2104(v0) | v0 = *((v0 + 2113));
0x00001024 lw s0, -0x7fdc(gp) | s0 = *((gp - 8183));
| if (v0 == 0) {
0x00001028 beqz v0, 0xf20 | goto label_0;
| }
0x0000102c lw t9, -0x7f54(gp) | t9 = sym.imp.fgetversion;
| label_9:
0x00001030 addiu a1, sp, 0x1c | a1 = sp + 0x1c;
0x00001034 move a0, s2 | a0 = s2;
0x00001038 jalr t9 | t9 ();
0x0000103c move s0, v0 | s0 = v0;
0x00001040 addiu v0, zero, -1 | v0 = -1;
0x00001044 lw gp, 0x10(sp) | gp = *(var_10h);
| if (s0 != v0) {
0x00001048 beq s0, v0, 0x10e0 |
0x0000104c lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
0x00001050 lw t9, -0x7f9c(gp) | t9 = sym.imp.__printf_chk;
0x00001054 lw a2, 0x1c(sp) | a2 = *(var_1ch);
0x00001058 addiu a1, a1, 0x1730 | a1 += str.__10lu_;
0x0000105c addiu a0, zero, 1 | a0 = 1;
0x00001060 jalr t9 | t9 ();
0x00001064 lw gp, 0x10(sp) | gp = *(var_10h);
0x00001068 b 0xf1c | goto label_1;
| label_7:
0x0000106c move s0, v0 | s0 = v0;
0x00001070 lw v0, -0x7fdc(gp) | v0 = *((gp - 8183));
0x00001074 lw t9, -0x7f94(gp) | t9 = sym.imp.__errno_location;
0x00001078 lw s3, 0x2010(v0) | s3 = *((v0 + 2052));
0x0000107c jalr t9 | t9 ();
0x00001080 lw gp, 0x10(sp) | gp = *(var_10h);
0x00001084 lw a1, (v0) | a1 = *(v0);
0x00001088 move a3, s2 | a3 = s2;
0x0000108c lw a2, -0x7fd8(gp) | a2 = *((gp - 8182));
0x00001090 lw t9, -0x7f6c(gp) | t9 = sym.imp.com_err;
0x00001094 addiu a2, a2, 0x16d4 | a2 += str.While_reading_flags_on__s;
0x00001098 move a0, s3 | a0 = s3;
0x0000109c jalr t9 | t9 ();
0x000010a0 lw gp, 0x10(sp) | gp = *(var_10h);
0x000010a4 b 0xf68 | goto label_2;
| label_12:
0x000010a8 lw v0, -0x7fdc(gp) | v0 = *((gp - 8183));
0x000010ac lw t9, -0x7f94(gp) | t9 = sym.imp.__errno_location;
0x000010b0 lw s3, 0x2010(v0) | s3 = *((v0 + 2052));
0x000010b4 jalr t9 | t9 ();
0x000010b8 lw gp, 0x10(sp) | gp = *(var_10h);
0x000010bc lw a1, (v0) | a1 = *(v0);
0x000010c0 move a3, s2 | a3 = s2;
0x000010c4 lw a2, -0x7fd8(gp) | a2 = *((gp - 8182));
0x000010c8 lw t9, -0x7f6c(gp) | t9 = sym.imp.com_err;
0x000010cc addiu a2, a2, 0x16f0 | a2 += str.While_reading_project_on__s;
0x000010d0 move a0, s3 | a0 = s3;
0x000010d4 jalr t9 | t9 ();
0x000010d8 lw gp, 0x10(sp) | gp = *(var_10h);
0x000010dc b 0xf68 | goto label_2;
| }
0x000010e0 lw v0, -0x7fdc(gp) | v0 = *((gp - 8183));
0x000010e4 lw t9, -0x7f94(gp) | t9 = sym.imp.__errno_location;
0x000010e8 lw s3, 0x2010(v0) | s3 = *((v0 + 2052));
0x000010ec jalr t9 | t9 ();
0x000010f0 lw gp, 0x10(sp) | gp = *(var_10h);
0x000010f4 lw a1, (v0) | a1 = *(v0);
0x000010f8 move a3, s2 | a3 = s2;
0x000010fc lw a2, -0x7fd8(gp) | a2 = *((gp - 8182));
0x00001100 lw t9, -0x7f6c(gp) | t9 = sym.imp.com_err;
0x00001104 addiu a2, a2, 0x1714 | a2 += str.While_reading_version_on__s;
0x00001108 move a0, s3 | a0 = s3;
0x0000110c jalr t9 | t9 ();
0x00001110 lw gp, 0x10(sp) | gp = *(var_10h);
0x00001114 b 0xf68 | goto label_2;
| label_11:
0x00001118 lw t9, -0x7f68(gp) | t9 = sym.imp.__stack_chk_fail;
0x0000111c jalr t9 | t9 ();
0x00001120 nop |
0x00001124 lui gp, 2 |
0x00001128 addiu gp, gp, -0x7104 |
0x0000112c addu gp, gp, t9 | gp += t9;
0x00001130 addiu sp, sp, -0xe8 |
0x00001134 lw t9, -0x7f84(gp) | t9 = sym.imp.strlen;
0x00001138 sw s3, 0xd8(sp) | *(var_d8h) = s3;
0x0000113c lw s3, -0x7f5c(gp) | s3 = *((gp - 8151));
0x00001140 sw ra, 0xe4(sp) | *(var_e4h) = ra;
0x00001144 sw gp, 0x18(sp) | *(var_18h_2) = gp;
0x00001148 lw v0, (s3) | v0 = *(s3);
0x0000114c sw s5, 0xe0(sp) | *(var_e0h) = s5;
0x00001150 sw s4, 0xdc(sp) | *(var_dch) = s4;
0x00001154 sw s2, 0xd4(sp) | *(var_d4h) = s2;
0x00001158 sw s1, 0xd0(sp) | *(var_d0h) = s1;
0x0000115c sw s0, 0xcc(sp) | *(var_cch) = s0;
0x00001160 sw v0, 0xc4(sp) | *(var_c4h) = v0;
0x00001164 addiu s2, a1, 0xb | s2 = a1 + 0xb;
0x00001168 move s4, a1 | s4 = a1;
0x0000116c move s5, a0 | s5 = a0;
0x00001170 jalr t9 | t9 ();
0x00001174 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00001178 move a0, s2 | a0 = s2;
0x0000117c lw t9, -0x7f84(gp) | t9 = sym.imp.strlen;
0x00001180 move s0, v0 | s0 = v0;
0x00001184 jalr t9 | t9 ();
0x00001188 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x0000118c addu v0, s0, v0 | v0 = s0 + v0;
0x00001190 lw t9, -0x7f74(gp) | t9 = sym.imp.malloc;
0x00001194 addiu a0, v0, 2 | a0 = v0 + 2;
0x00001198 jalr t9 | t9 ();
0x0000119c lw gp, 0x18(sp) | gp = *(var_18h_2);
0x000011a0 move s1, v0 | s1 = v0;
0x000011a4 lw t9, -0x7fb4(gp) | t9 = sym.imp.__sprintf_chk
| if (s0 != 0) {
0x000011a8 beqz s0, 0x11c0 |
0x000011ac addu s0, s5, s0 | s0 = s5 + s0;
0x000011b0 addiu v0, zero, 0x2f | v0 = 0x2f;
0x000011b4 lb v1, -1(s0) | v1 = *((s0 - 1));
0x000011b8 lw a3, -0x7fd8(gp) | a3 = *((gp - 8182));
| if (v1 == v0) {
0x000011bc beq v1, v0, 0x1330 | goto label_13;
| }
| }
0x000011c0 lw a3, -0x7fd8(gp) | a3 = *((gp - 8182));
0x000011c4 sw s2, 0x14(sp) | *(var_14h) = s2;
0x000011c8 sw s5, 0x10(sp) | *(var_10h_2) = s5;
0x000011cc addiu a3, a3, 0x1750 | a3 += str._s__s;
| label_6:
0x000011d0 addiu a2, zero, -1 | a2 = -1;
0x000011d4 addiu a1, zero, 1 | a1 = 1;
0x000011d8 move a0, s1 | a0 = s1;
0x000011dc jalr t9 | t9 ();
0x000011e0 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x000011e4 addiu a2, sp, 0x20 | a2 = sp + 0x20;
0x000011e8 move a1, s1 | a1 = s1;
0x000011ec lw t9, -0x7fb0(gp) | t9 = sym.imp.__lxstat64;
0x000011f0 addiu a0, zero, 3 | a0 = 3;
0x000011f4 jalr t9 | t9 ();
0x000011f8 addiu v1, zero, -1 | v1 = -1;
0x000011fc lw gp, 0x18(sp) | gp = *(var_18h_2);
| if (v0 == v1) {
0x00001200 beq v0, v1, 0x131c | goto label_14;
| }
0x00001204 lb v1, 0xb(s4) | v1 = *((s4 + 11));
0x00001208 addiu v0, zero, 0x2e | v0 = 0x2e;
0x0000120c lw v0, -0x7fdc(gp) | v0 = *((gp - 8183));
| if (v1 != v0) {
0x00001210 bne v1, v0, 0x1264 | goto label_15;
| }
0x00001214 lw v0, 0x2118(v0) | v0 = *((v0 + 2118));
0x00001218 lw t9, -0x7fd8(gp) | t9 = *((gp - 8182));
0x0000121c bnez v0, 0x1268 |
| while (v0 != v1) {
| label_5:
0x00001220 lw t9, -0x7f50(gp) | t9 = sym.imp.free;
| label_4:
0x00001224 move a0, s1 | a0 = s1;
0x00001228 jalr t9 | t9 ();
0x0000122c lw a0, 0xc4(sp) | a0 = *(var_c4h);
0x00001230 lw v1, (s3) | v1 = *(s3);
0x00001234 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00001238 move v0, zero | v0 = 0;
| if (a0 != v1) {
0x0000123c bne a0, v1, 0x1340 | goto label_16;
| }
0x00001240 lw ra, 0xe4(sp) | ra = *(var_e4h);
0x00001244 lw s5, 0xe0(sp) | s5 = *(var_e0h);
0x00001248 lw s4, 0xdc(sp) | s4 = *(var_dch);
0x0000124c lw s3, 0xd8(sp) | s3 = *(var_d8h);
0x00001250 lw s2, 0xd4(sp) | s2 = *(var_d4h);
0x00001254 lw s1, 0xd0(sp) | s1 = *(var_d0h);
0x00001258 lw s0, 0xcc(sp) | s0 = *(var_cch);
0x0000125c addiu sp, sp, 0xe8 |
0x00001260 jr ra | return v0;
| label_15:
0x00001264 lw t9, -0x7fd8(gp) | t9 = *((gp - 8182));
0x00001268 addiu t9, t9, 0xeb0 | t9 += fcn.00000eb0;
0x0000126c move a0, s1 | a0 = s1;
0x00001270 bal 0xeb0 | fcn_00000eb0 ();
| goto label_3;
0x00001274 lw v0, 0x38(sp) | v0 = *(var_38h_2);
0x00001278 addiu v1, zero, 0x4000 | v1 = 0x4000;
0x0000127c andi v0, v0, 0xf000 | v0 &= 0xf000;
0x00001280 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00001284 bne v0, v1, 0x1220 |
| }
0x00001288 lw v0, -0x7fdc(gp) | v0 = *((gp - 8183));
0x0000128c lw v0, 0x210c(v0) | v0 = *((v0 + 2115));
0x00001290 lw t9, -0x7f50(gp) | t9 = sym.imp.free;
| if (v0 == 0) {
0x00001294 beqz v0, 0x1224 | goto label_4;
| }
0x00001298 lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
0x0000129c lw t9, -0x7f40(gp) | t9 = sym.imp.strcmp;
0x000012a0 addiu a1, a1, 0x1758 | a1 += 0x1758;
0x000012a4 move a0, s2 | a0 = s2;
0x000012a8 jalr t9 | t9 ();
0x000012ac lw gp, 0x18(sp) | gp = *(var_18h_2);
| if (v0 == 0) {
0x000012b0 beqz v0, 0x1220 | goto label_5;
| }
0x000012b4 lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
0x000012b8 lw t9, -0x7f40(gp) | t9 = sym.imp.strcmp;
0x000012bc addiu a1, a1, 0x175c | a1 += 0x175c;
0x000012c0 move a0, s2 | a0 = s2;
0x000012c4 jalr t9 | t9 ();
0x000012c8 lw gp, 0x18(sp) | gp = *(var_18h_2);
| if (v0 == 0) {
0x000012cc beqz v0, 0x1220 | goto label_5;
| }
0x000012d0 lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
0x000012d4 lw t9, -0x7f9c(gp) | t9 = sym.imp.__printf_chk;
0x000012d8 move a2, s1 | a2 = s1;
0x000012dc addiu a1, a1, 0x1760 | a1 += str._n_s:_n;
0x000012e0 addiu a0, zero, 1 | a0 = 1;
0x000012e4 jalr t9 | t9 ();
0x000012e8 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x000012ec move a2, zero | a2 = 0;
0x000012f0 move a0, s1 | a0 = s1;
0x000012f4 lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
0x000012f8 lw t9, -0x7fa0(gp) | t9 = sym.imp.iterate_on_dir;
0x000012fc addiu a1, a1, 0x1124 | a1 += 0x1124;
0x00001300 jalr t9 | t9 ();
0x00001304 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00001308 lw t9, -0x7f90(gp) | t9 = sym.imp.putchar;
0x0000130c addiu a0, zero, 0xa | a0 = 0xa;
0x00001310 jalr t9 | t9 ();
0x00001314 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00001318 b 0x1220 | goto label_5;
| label_14:
0x0000131c lw t9, -0x7f70(gp) | t9 = sym.imp.perror;
0x00001320 move a0, s1 | a0 = s1;
0x00001324 jalr t9 | t9 ();
0x00001328 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x0000132c b 0x1220 | goto label_5;
| label_13:
0x00001330 sw s2, 0x14(sp) | *(var_14h) = s2;
0x00001334 sw s5, 0x10(sp) | *(var_10h_2) = s5;
0x00001338 addiu a3, a3, 0x1748 | a3 += str._s_s;
0x0000133c b 0x11d0 | goto label_6;
| label_16:
0x00001340 lw t9, -0x7f68(gp) | t9 = sym.imp.__stack_chk_fail;
0x00001344 jalr t9 | t9 ();
0x00001348 nop |
| }
[*] Function sprintf used 2 times lsattr
