[*] Binary protection state of dosfsck
Full RELRO Canary found NX disabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function strcpy tear down of dosfsck
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/sbin/dosfsck @ 0x32dc */
| #include <stdint.h>
|
; (fcn) fcn.000032dc () | void fcn_000032dc () {
| do {
0x000032dc lui gp, 2 |
0x000032e0 addiu gp, gp, 0x2d44 |
0x000032e4 addu gp, gp, t9 | gp += t9;
0x000032e8 addiu sp, sp, -0x28 |
0x000032ec sw gp, 0x10(sp) | *(var_10h) = gp;
0x000032f0 sw ra, 0x24(sp) | *(var_24h) = ra;
0x000032f4 sw s2, 0x20(sp) | *(var_20h) = s2;
0x000032f8 sw s1, 0x1c(sp) | *(var_1ch) = s1;
0x000032fc sw s0, 0x18(sp) | *(var_18h) = s0;
0x00003300 lw t9, -0x7f80(gp) | t9 = *((gp - 8160));
| if (a0 == 0) {
0x00003304 beqz a0, 0x339c | goto label_1;
| }
0x00003308 move s1, a0 | s1 = a0;
0x0000330c addiu t9, t9, 0x32dc | t9 += fcn.000032dc;
0x00003310 lw a0, 0x30(a0) | a0 = *((a0 + 12));
0x00003314 bal 0x32dc | fcn_000032dc ();
| } while (1);
0x00003318 lw gp, 0x10(sp) | gp = *(var_10h);
0x0000331c lw t9, -0x7e88(gp) | t9 = sym.imp.strlen;
0x00003320 move a0, v0 | a0 = v0;
0x00003324 jalr t9 | t9 ();
0x00003328 sltiu v0, v0, 0x1001 | v0 = (v0 < 0x1001) ? 1 : 0;
0x0000332c lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 == 0) {
0x00003330 beqz v0, 0x33f8 | goto label_2;
| }
0x00003334 lw s2, -0x7fdc(gp) | s2 = *((gp - 8183));
0x00003338 lw s0, -0x7f78(gp) | s0 = *((gp - 8158));
0x0000333c lw t9, -0x7e18(gp) | t9 = sym.imp.strcmp;
0x00003340 addiu a1, s2, -0x44dc | a1 = s2 + -0x44dc;
0x00003344 addiu a0, s0, -0x1d6c | a0 = s0 + -0x1d6c;
0x00003348 jalr t9 | t9 ();
0x0000334c lw gp, 0x10(sp) | gp = *(var_10h);
0x00003350 bnez v0, 0x33c4 |
| while (1) {
0x00003354 lw t9, -0x7e88(gp) | t9 = sym.imp.strlen;
0x00003358 addiu a0, s0, -0x1d6c | a0 = s0 + -0x1d6c;
0x0000335c jalr t9 | t9 ();
0x00003360 lw a1, 0x20(s1) | a1 = *((s1 + 8));
0x00003364 addiu s2, s0, -0x1d6c | s2 = s0 + -0x1d6c;
0x00003368 lw gp, 0x10(sp) | gp = *(var_10h);
0x0000336c addu s0, s2, v0 | s0 = s2 + v0;
| if (a1 == 0) {
0x00003370 beqz a1, 0x33e0 | goto label_3;
| }
| label_0:
0x00003374 lw t9, -0x7e60(gp) | t9 = sym.imp.strcpy
0x00003378 move a0, s0 | a0 = s0;
0x0000337c jalr t9 | t9 ();
0x00003380 lw ra, 0x24(sp) | ra = *(var_24h);
0x00003384 move v0, s2 | v0 = s2;
0x00003388 lw s1, 0x1c(sp) | s1 = *(var_1ch);
0x0000338c lw s2, 0x20(sp) | s2 = *(var_20h);
0x00003390 lw s0, 0x18(sp) | s0 = *(var_18h);
0x00003394 addiu sp, sp, 0x28 |
0x00003398 jr ra | return v0;
| label_1:
0x0000339c lw s0, -0x7f78(gp) | s0 = *((gp - 8158));
0x000033a0 lw ra, 0x24(sp) | ra = *(var_24h);
0x000033a4 addiu s2, s0, -0x1d6c | s2 = s0 + -0x1d6c;
0x000033a8 move v0, s2 | v0 = s2;
0x000033ac lw s1, 0x1c(sp) | s1 = *(var_1ch);
0x000033b0 lw s2, 0x20(sp) | s2 = *(var_20h);
0x000033b4 sb zero, -0x1d6c(s0) | *((s0 - 7532)) = 0;
0x000033b8 lw s0, 0x18(sp) | s0 = *(var_18h);
0x000033bc addiu sp, sp, 0x28 |
0x000033c0 jr ra | return v0;
0x000033c4 lw t9, -0x7e14(gp) | t9 = sym.imp.__strcat_chk;
0x000033c8 addiu a2, zero, 0x2000 | a2 = 0x2000;
0x000033cc addiu a1, s2, -0x44dc | a1 = s2 + -0x44dc;
0x000033d0 addiu a0, s0, -0x1d6c | a0 = s0 + -0x1d6c;
0x000033d4 jalr t9 | t9 ();
0x000033d8 lw gp, 0x10(sp) | gp = *(var_10h);
0x000033dc b 0x3354 |
| }
| label_3:
0x000033e0 lw t9, -0x7f48(gp) | t9 = sym.file_name;
0x000033e4 move a0, s1 | a0 = s1;
0x000033e8 bal 0x7edc | sym_file_name ();
0x000033ec move a1, v0 | a1 = v0;
0x000033f0 lw gp, 0x10(sp) | gp = *(var_10h);
0x000033f4 b 0x3374 | goto label_0;
| label_2:
0x000033f8 lw a0, -0x7fdc(gp) | a0 = *((gp - 8183));
0x000033fc lw t9, -0x7f5c(gp) | t9 = sym.die;
0x00003400 addiu a0, a0, -0x44f0 | a0 += -0x44f0;
0x00003404 bal 0x62a0 | return sym_die ();
| }
[*] Function strcpy used 2 times dosfsck
