[*] Binary protection state of statuscacheclient
Full RELRO Canary found NX disabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function strcpy tear down of statuscacheclient
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/statuscacheclient @ 0x16b8 */
| #include <stdint.h>
|
; (fcn) fcn.000016b8 () | void fcn_000016b8 () {
0x000016b8 lui gp, 2 |
0x000016bc addiu gp, gp, -0x66a8 |
0x000016c0 addu gp, gp, t9 | gp += t9;
0x000016c4 lw v0, -0x7f64(gp) | v0 = *((gp - 8153));
0x000016c8 addiu sp, sp, -0x220 |
0x000016cc lw t9, -0x7f84(gp) | t9 = sym.imp.strcasecmp;
0x000016d0 sw s4, 0x208(sp) | *(var_208h) = s4;
0x000016d4 sw s1, 0x1fc(sp) | *(var_1fch) = s1;
0x000016d8 sw v0, 0x2c(sp) | *(var_2ch) = v0;
0x000016dc lw s1, (a1) | s1 = *(a1);
0x000016e0 lw v0, (v0) | v0 = *(v0);
0x000016e4 move s4, a0 | s4 = a0;
0x000016e8 lw a0, -0x7fdc(gp) | a0 = *((gp - 8183));
0x000016ec sw gp, 0x10(sp) | *(var_10h) = gp;
0x000016f0 sw s0, 0x1f8(sp) | *(var_1f8h) = s0;
0x000016f4 sw ra, 0x21c(sp) | *(var_21ch) = ra;
0x000016f8 sw fp, 0x218(sp) | *(var_218h) = fp;
0x000016fc sw s7, 0x214(sp) | *(var_214h) = s7;
0x00001700 sw s6, 0x210(sp) | *(var_210h) = s6;
0x00001704 sw s5, 0x20c(sp) | *(var_20ch) = s5;
0x00001708 sw s3, 0x204(sp) | *(var_204h) = s3;
0x0000170c sw s2, 0x200(sp) | *(var_200h) = s2;
0x00001710 move s0, a1 | s0 = a1;
0x00001714 addiu a0, a0, 0x1e7c | a0 += 0x1e7c;
0x00001718 move a1, s1 | a1 = s1;
0x0000171c sw v0, 0x1f4(sp) | *(var_1f4h) = v0;
0x00001720 jalr t9 | t9 ();
0x00001724 nop |
0x00001728 lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 != 0) {
0x0000172c beqz v0, 0x1758 |
0x00001730 lw a0, -0x7fdc(gp) | a0 = *((gp - 8183));
0x00001734 lw t9, -0x7f84(gp) | t9 = sym.imp.strcasecmp;
0x00001738 move a1, s1 | a1 = s1;
0x0000173c addiu a0, a0, 0x1e80 | a0 += str.namevalue;
0x00001740 jalr t9 | t9 ();
0x00001744 lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 != 0) {
0x00001748 bnez v0, 0x1978 | goto label_4;
| }
0x0000174c addiu v0, zero, 1 | v0 = 1;
0x00001750 sw v0, 0x24(sp) | *(var_24h) = v0;
0x00001754 b 0x175c |
| } else {
0x00001758 sw zero, 0x24(sp) | *(var_24h) = 0;
| }
| label_2:
0x0000175c lw v0, -0x7fdc(gp) | v0 = *((gp - 8183));
0x00001760 lw s3, -0x7fdc(gp) | s3 = *((gp - 8183));
0x00001764 addiu v0, v0, 0x14f0 | v0 += fcn.000014f0;
0x00001768 sw v0, 0x28(sp) | *(var_28h) = v0;
0x0000176c lw v0, -0x7fdc(gp) | v0 = *((gp - 8183));
0x00001770 addiu s0, s0, 4 | s0 += 4;
0x00001774 addiu v0, v0, 0x1ec0 | v0 += str.parse_error_for___s__n;
0x00001778 sw zero, 0x1c(sp) | *(var_1ch) = 0;
0x0000177c move s1, zero | s1 = 0;
0x00001780 addiu s2, zero, 1 | s2 = 1;
0x00001784 addiu s7, sp, 0x174 | s7 = sp + segment.INTERP;
0x00001788 addiu s6, sp, 0x1b4 | s6 = sp + 0x1b4;
0x0000178c addiu fp, sp, 0x134 | fp = sp + 0x134;
0x00001790 sw v0, 0x20(sp) | *(var_20h) = v0;
0x00001794 b 0x180c |
| while (v0 == a0) {
0x00001798 lw t9, -0x7f48(gp) | t9 = sym.imp.strcmp;
| if (s1 == 0) {
0x0000179c beqz s1, 0x190c | goto label_5;
| }
0x000017a0 move a1, s7 | a1 = s7;
0x000017a4 move a0, fp | a0 = fp;
0x000017a8 jalr t9 | t9 ();
0x000017ac lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 != 0) {
0x000017b0 bnez v0, 0x1948 | goto label_6;
| }
| label_1:
0x000017b4 lw t9, -0x7f6c(gp) | t9 = sym.imp.malloc;
0x000017b8 addiu a0, zero, 0x10 | a0 = 0x10;
0x000017bc jalr t9 | t9 ();
0x000017c0 sll a0, s1, 2 | a0 = s1 << 2;
0x000017c4 addiu v1, sp, 0x1f8 | v1 = sp + 0x1f8;
0x000017c8 addu a0, v1, a0 | a0 = v1 + a0;
0x000017cc lw gp, 0x10(sp) | gp = *(var_10h);
0x000017d0 move s5, v0 | s5 = v0;
0x000017d4 sw v0, -0x1c4(a0) | *((a0 - 113)) = v0;
| if (v0 == 0) {
0x000017d8 beqz v0, 0x19c8 | goto label_7;
| }
0x000017dc lw t9, -0x7f60(gp) | t9 = sym.imp.strdup;
0x000017e0 sw zero, 4(v0) | *((v0 + 1)) = 0;
0x000017e4 move a0, s6 | a0 = s6;
0x000017e8 sw zero, 8(v0) | *((v0 + 2)) = 0;
0x000017ec sw zero, 0xc(v0) | *((v0 + 3)) = 0;
0x000017f0 jalr t9 | t9 ();
0x000017f4 addiu s2, s2, 1 | s2++;
0x000017f8 lw gp, 0x10(sp) | gp = *(var_10h);
0x000017fc addiu s1, s1, 1 | s1++;
0x00001800 sw v0, (s5) | *(s5) = v0;
0x00001804 addiu s0, s0, 4 | s0 += 4;
| if (s4 == s2) {
0x00001808 beq s4, s2, 0x188c | goto label_8;
| }
| label_0:
0x0000180c lw t9, -0x7f8c(gp) | t9 = sym.imp.memset;
0x00001810 addiu a2, zero, 0x40 | a2 = 0x40;
0x00001814 move a1, zero | a1 = 0;
0x00001818 move a0, s7 | a0 = s7;
0x0000181c jalr t9 | t9 ();
0x00001820 lw gp, 0x10(sp) | gp = *(var_10h);
0x00001824 addiu a2, zero, 0x40 | a2 = 0x40;
0x00001828 move a1, zero | a1 = 0;
0x0000182c lw t9, -0x7f8c(gp) | t9 = sym.imp.memset;
0x00001830 move a0, s6 | a0 = s6;
0x00001834 jalr t9 | t9 ();
0x00001838 lw gp, 0x10(sp) | gp = *(var_10h);
0x0000183c lw a0, (s0) | a0 = *(s0);
0x00001840 move a3, s6 | a3 = s6;
0x00001844 lw t9, -0x7f88(gp) | t9 = sym.imp.__isoc99_sscanf;
0x00001848 move a2, s7 | a2 = s7;
0x0000184c addiu a1, s3, 0x1eac | a1 = s3 + str.____._._63___._;
0x00001850 jalr t9 | t9 ();
0x00001854 addiu a0, zero, 2 | a0 = 2;
0x00001858 lw gp, 0x10(sp) | gp = *(var_10h);
0x0000185c beq v0, a0, 0x1798 |
| }
0x00001860 lw v0, -0x7f58(gp) | v0 = *((gp - 8150));
0x00001864 lw t9, -0x7fa8(gp) | t9 = sym.imp.__fprintf_chk;
0x00001868 lw a3, (s0) | a3 = *(s0);
0x0000186c lw a0, (v0) | a0 = *(v0);
0x00001870 lw a2, 0x20(sp) | a2 = *(var_20h);
0x00001874 addiu a1, zero, 1 | a1 = 1;
0x00001878 addiu s2, s2, 1 | s2++;
0x0000187c jalr t9 | t9 ();
0x00001880 addiu s0, s0, 4 | s0 += 4;
0x00001884 lw gp, 0x10(sp) | gp = *(var_10h);
| if (s4 != s2) {
0x00001888 bne s4, s2, 0x180c | goto label_0;
| }
| label_8:
0x0000188c lw v0, 0x1c(sp) | v0 = *(var_1ch);
| if (s1 != 0) {
0x00001890 beqz s1, 0x18c4 |
0x00001894 lw t9, -0x7fdc(gp) | t9 = *((gp - 8183));
0x00001898 lw a3, 0x24(sp) | a3 = *(var_24h);
0x0000189c move a2, s1 | a2 = s1;
0x000018a0 addiu a1, sp, 0x34 | a1 = sp + 0x34;
0x000018a4 addiu t9, t9, 0x14f0 | t9 += fcn.000014f0;
0x000018a8 addiu a0, sp, 0x134 | a0 = sp + 0x134;
0x000018ac bal 0x14f0 | fcn_000014f0 ();
0x000018b0 lw v1, 0x1c(sp) | v1 = *(var_1ch);
0x000018b4 lw gp, 0x10(sp) | gp = *(var_10h);
0x000018b8 addu v0, v1, v0 | v0 = v1 + v0;
0x000018bc sw v0, 0x1c(sp) | *(var_1ch) = v0;
0x000018c0 lw v0, 0x1c(sp) | v0 = *(var_1ch);
| }
0x000018c4 slti v0, v0, 1 | v0 = (v0 < 1) ? 1 : 0;
0x000018c8 negu v0, v0 | __asm ("negu v0, v0");
| label_3:
0x000018cc lw v1, 0x2c(sp) | v1 = *(var_2ch);
0x000018d0 lw a0, 0x1f4(sp) | a0 = *(var_1f4h);
0x000018d4 lw v1, (v1) | v1 = *(v1);
0x000018d8 lw ra, 0x21c(sp) | ra = *(var_21ch);
| if (a0 != v1) {
0x000018dc bne a0, v1, 0x19ec | goto label_9;
| }
0x000018e0 lw fp, 0x218(sp) | fp = *(var_218h);
0x000018e4 lw s7, 0x214(sp) | s7 = *(var_214h);
0x000018e8 lw s6, 0x210(sp) | s6 = *(var_210h);
0x000018ec lw s5, 0x20c(sp) | s5 = *(var_20ch);
0x000018f0 lw s4, 0x208(sp) | s4 = *(var_208h);
0x000018f4 lw s3, 0x204(sp) | s3 = *(var_204h);
0x000018f8 lw s2, 0x200(sp) | s2 = *(var_200h);
0x000018fc lw s1, 0x1fc(sp) | s1 = *(var_1fch);
0x00001900 lw s0, 0x1f8(sp) | s0 = *(var_1f8h);
0x00001904 addiu sp, sp, 0x220 |
0x00001908 jr ra | return v0;
| label_5:
0x0000190c addiu s5, sp, 0x34 | s5 = sp + 0x34;
| do {
0x00001910 lw t9, -0x7f9c(gp) | t9 = sym.imp.__strcpy_chk
0x00001914 addiu a2, zero, 0x40 | a2 = 0x40;
0x00001918 move a1, s7 | a1 = s7;
0x0000191c move a0, fp | a0 = fp;
0x00001920 jalr t9 | t9 ();
0x00001924 lw gp, 0x10(sp) | gp = *(var_10h);
0x00001928 addiu a2, zero, 0x100 | a2 = 0x100;
0x0000192c move a1, zero | a1 = 0;
0x00001930 lw t9, -0x7f8c(gp) | t9 = sym.imp.memset;
0x00001934 move a0, s5 | a0 = s5;
0x00001938 jalr t9 | t9 ();
0x0000193c move s1, zero | s1 = 0;
0x00001940 lw gp, 0x10(sp) | gp = *(var_10h);
0x00001944 b 0x17b4 | goto label_1;
| label_6:
0x00001948 addiu s5, sp, 0x34 | s5 = sp + 0x34;
0x0000194c lw a3, 0x24(sp) | a3 = *(var_24h);
0x00001950 lw t9, 0x28(sp) | t9 = *(var_28h);
0x00001954 move a2, s1 | a2 = s1;
0x00001958 move a1, s5 | a1 = s5;
0x0000195c move a0, fp | a0 = fp;
0x00001960 jalr t9 | t9 ();
0x00001964 lw v1, 0x1c(sp) | v1 = *(var_1ch);
0x00001968 lw gp, 0x10(sp) | gp = *(var_10h);
0x0000196c addu v0, v1, v0 | v0 = v1 + v0;
0x00001970 sw v0, 0x1c(sp) | *(var_1ch) = v0;
0x00001974 b 0x1910 |
| } while (1);
| label_4:
0x00001978 lw a0, -0x7fdc(gp) | a0 = *((gp - 8183));
0x0000197c lw t9, -0x7f84(gp) | t9 = sym.imp.strcasecmp;
0x00001980 move a1, s1 | a1 = s1;
0x00001984 addiu a0, a0, 0x1e8c | a0 += str.form;
0x00001988 jalr t9 | t9 ();
0x0000198c addiu v1, zero, 2 | v1 = 2;
0x00001990 lw gp, 0x10(sp) | gp = *(var_10h);
0x00001994 sw v1, 0x24(sp) | *(var_24h) = v1;
| if (v0 == 0) {
0x00001998 beqz v0, 0x175c | goto label_2;
| }
0x0000199c lw v0, -0x7f58(gp) | v0 = *((gp - 8150));
0x000019a0 lw a2, -0x7fdc(gp) | a2 = *((gp - 8183));
0x000019a4 lw t9, -0x7fa8(gp) | t9 = sym.imp.__fprintf_chk;
0x000019a8 lw a0, (v0) | a0 = *(v0);
0x000019ac move a3, s1 | a3 = s1;
0x000019b0 addiu a2, a2, 0x1e94 | a2 += str.Unsupported_type:__s_n;
0x000019b4 addiu a1, zero, 1 | a1 = 1;
0x000019b8 jalr t9 | t9 ();
0x000019bc lw gp, 0x10(sp) | gp = *(var_10h);
0x000019c0 addiu v0, zero, -1 | v0 = -1;
0x000019c4 b 0x18cc | goto label_3;
| label_7:
0x000019c8 lw a3, -0x7fdc(gp) | a3 = *((gp - 8183));
0x000019cc lw a1, -0x7fdc(gp) | a1 = *((gp - 8183));
0x000019d0 lw a0, -0x7fdc(gp) | a0 = *((gp - 8183));
0x000019d4 lw t9, -0x7fb0(gp) | t9 = sym.imp.__assert_fail;
0x000019d8 addiu a3, a3, 0x20a8 | a3 += str.manage_get;
0x000019dc addiu a2, zero, 0xe2 | a2 = 0xe2;
0x000019e0 addiu a1, a1, 0x1ed8 | a1 += str.statuscacheclient.c;
0x000019e4 addiu a0, a0, 0x1eec | a0 += str.list_count_;
0x000019e8 jalr t9 | t9 ();
| label_9:
0x000019ec lw t9, -0x7f68(gp) | t9 = sym.imp.__stack_chk_fail;
0x000019f0 jalr t9 | t9 ();
0x000019f4 nop |
0x000019f8 nop |
0x000019fc nop |
| }
[*] Function strcpy used 2 times statuscacheclient
