[*] Binary protection state of groups.shadow
Full RELRO No Canary found NX disabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function fprintf tear down of groups.shadow
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/groups.shadow @ 0xa60 */
| #include <stdint.h>
|
; (fcn) main () | int32_t main () {
| /* [13] -r-x section size 3520 named .text */
0x00000a60 lui gp, 2 |
0x00000a64 addiu gp, gp, -0x6a50 |
0x00000a68 addu gp, gp, t9 | gp += t9;
0x00000a6c addiu sp, sp, -0x48 |
0x00000a70 lw t9, -0x7f44(gp) | t9 = sym.imp.sysconf;
0x00000a74 sw ra, 0x44(sp) | *(var_44h) = ra;
0x00000a78 sw gp, 0x18(sp) | *(var_18h) = gp;
0x00000a7c sw s4, 0x34(sp) | *(var_34h) = s4;
0x00000a80 sw s3, 0x30(sp) | *(var_30h) = s3;
0x00000a84 sw s2, 0x2c(sp) | *(var_2ch) = s2;
0x00000a88 sw s1, 0x28(sp) | *(var_28h) = s1;
0x00000a8c sw s0, 0x24(sp) | *(var_24h) = s0;
0x00000a90 sw s7, 0x40(sp) | *(var_40h) = s7;
0x00000a94 sw s6, 0x3c(sp) | *(var_3ch) = s6;
0x00000a98 sw s5, 0x38(sp) | *(var_38h) = s5;
0x00000a9c move s4, a0 | s4 = a0;
0x00000aa0 addiu a0, zero, 3 | a0 = 3;
0x00000aa4 move s2, a1 | s2 = a1;
0x00000aa8 jalr t9 | t9 ();
0x00000aac lw gp, 0x18(sp) | gp = *(var_18h);
0x00000ab0 sll a0, v0, 2 | a0 = v0 << 2;
0x00000ab4 lw t9, -0x7f58(gp) | t9 = sym.imp.malloc;
0x00000ab8 move s1, v0 | s1 = v0;
0x00000abc jalr t9 | t9 ();
0x00000ac0 lw gp, 0x18(sp) | gp = *(var_18h);
0x00000ac4 addiu a0, zero, 6 | a0 = 6;
0x00000ac8 move s0, v0 | s0 = v0;
0x00000acc lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
0x00000ad0 lw t9, -0x7f88(gp) | t9 = sym.imp.setlocale;
0x00000ad4 lw s3, -0x7fdc(gp) | s3 = *(gp);
0x00000ad8 addiu a1, a1, 0x1a10 | a1 += 0x1a10;
0x00000adc jalr t9 | t9 ();
0x00000ae0 lw gp, 0x18(sp) | gp = *(var_18h);
0x00000ae4 lw t9, -0x7fd4(gp) | t9 = sym.Basename;
0x00000ae8 lw a0, (s2) | a0 = *(s2);
0x00000aec bal 0xfc0 | sym_Basename ();
0x00000af0 addiu v1, zero, 1 | v1 = 1;
0x00000af4 lw gp, 0x18(sp) | gp = *(var_18h);
0x00000af8 sw v0, (s3) | *(s3) = v0;
| if (s4 != v1) {
0x00000afc bne s4, v1, 0xbe4 | goto label_8;
| }
0x00000b00 lw t9, -0x7f90(gp) | t9 = sym.imp.getgroups;
0x00000b04 move a1, s0 | a1 = s0;
0x00000b08 move a0, s1 | a0 = s1;
0x00000b0c jalr t9 | t9 ();
0x00000b10 move s2, v0 | s2 = v0;
0x00000b14 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 < 0) {
0x00000b18 bltz v0, 0xe28 | goto label_9;
| }
0x00000b1c lw t9, -0x7f4c(gp) | t9 = sym.imp.getegid;
0x00000b20 jalr t9 | t9 ();
0x00000b24 nop |
0x00000b28 lw gp, 0x18(sp) | gp = *(var_18h);
| if (s2 == 0) {
0x00000b2c beqz s2, 0xb5c | goto label_10;
| }
0x00000b30 lw v1, (s0) | v1 = *(s0);
0x00000b34 move v1, zero | v1 = 0;
| if (v0 == v1) {
0x00000b38 beq v0, v1, 0xcd8 | goto label_11;
| }
0x00000b3c addiu a0, s0, 4 | a0 = s0 + 4;
0x00000b40 b 0xb50 |
| while (v1 == s2) {
0x00000b44 lw a1, -4(a0) | a1 = *((a0 - 1));
0x00000b48 addiu s3, zero, -1 | s3 = -1;
| if (v0 == a1) {
0x00000b4c beq v0, a1, 0xcdc | goto label_12;
| }
0x00000b50 addiu v1, v1, 1 | v1++;
0x00000b54 addiu a0, a0, 4 | a0 += 4;
0x00000b58 bnel v1, s2, 0xb44 |
| }
| label_10:
0x00000b5c move s3, v0 | s3 = v0;
0x00000b60 addiu v0, zero, -1 | v0 = -1;
0x00000b64 lw t9, -0x7f9c(gp) | t9 = sym.imp.getgrgid;
| if (s3 != v0) {
0x00000b68 beq s3, v0, 0xb98 |
0x00000b6c move a0, s3 | a0 = s3;
0x00000b70 jalr t9 | t9 ();
0x00000b74 lw gp, 0x18(sp) | gp = *(var_18h);
0x00000b78 lw t9, -0x7f84(gp) | t9 = sym.imp.__printf_chk;
| if (v0 == 0) {
0x00000b7c beqz v0, 0xdd8 | goto label_13;
| }
0x00000b80 lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
0x00000b84 lw a2, (v0) | a2 = *(v0);
0x00000b88 addiu a1, a1, 0x19f0 | a1 += 0x19f0;
0x00000b8c addiu a0, zero, 1 | a0 = 1;
0x00000b90 jalr t9 | t9 ();
0x00000b94 lw gp, 0x18(sp) | gp = *(var_18h);
| }
| label_7:
0x00000b98 lw s7, -0x7fd8(gp) | s7 = *((gp - 8182));
| if (s2 != 0) {
0x00000b9c bnez s2, 0xce0 | goto label_14;
| }
| label_0:
0x00000ba0 lw s4, -0x7f7c(gp) | s4 = *((gp - 8159));
| label_2:
0x00000ba4 lw t9, -0x7f48(gp) | t9 = sym.imp._IO_putc;
0x00000ba8 lw a1, (s4) | a1 = *(s4);
0x00000bac addiu a0, zero, 0xa | a0 = 0xa;
0x00000bb0 jalr t9 | t9 ();
0x00000bb4 lw ra, 0x44(sp) | ra = *(var_44h);
0x00000bb8 lw s7, 0x40(sp) | s7 = *(var_40h);
0x00000bbc lw s6, 0x3c(sp) | s6 = *(var_3ch);
0x00000bc0 lw s5, 0x38(sp) | s5 = *(var_38h);
0x00000bc4 lw s4, 0x34(sp) | s4 = *(var_34h);
0x00000bc8 lw s3, 0x30(sp) | s3 = *(var_30h);
0x00000bcc lw s2, 0x2c(sp) | s2 = *(var_2ch);
0x00000bd0 lw s1, 0x28(sp) | s1 = *(var_28h);
0x00000bd4 lw s0, 0x24(sp) | s0 = *(var_24h);
0x00000bd8 move v0, zero | v0 = 0;
0x00000bdc addiu sp, sp, 0x48 |
0x00000be0 jr ra | return v0;
| label_8:
0x00000be4 lw s2, 4(s2) | s2 = *((s2 + 1));
0x00000be8 lw t9, -0x7f2c(gp) | t9 = sym.imp.getpwnam;
0x00000bec move a0, s2 | a0 = s2;
0x00000bf0 jalr t9 | t9 ();
0x00000bf4 move s6, v0 | s6 = v0;
0x00000bf8 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 == 0) {
0x00000bfc beqz v0, 0xdf4 | goto label_15;
| }
0x00000c00 lw t9, -0x7f80(gp) | t9 = sym.imp.setgrent;
0x00000c04 move s5, zero | s5 = 0;
0x00000c08 jalr t9 | t9 ();
0x00000c0c lw gp, 0x18(sp) | gp = *(var_18h);
0x00000c10 move s3, zero | s3 = 0;
0x00000c14 lw s4, -0x7fd8(gp) | s4 = *((gp - 8182));
0x00000c18 lw s7, -0x7f7c(gp) | s7 = *((gp - 8159));
0x00000c1c addiu s4, s4, 0x19f0 | s4 += 0x19f0;
0x00000c20 b 0xc40 |
| while (v0 != 0) {
0x00000c24 lw t9, -0x7fd0(gp) | t9 = sym.is_on_list;
0x00000c28 lw a0, 0xc(s0) | a0 = *((s0 + 3));
0x00000c2c move a1, s2 | a1 = s2;
0x00000c30 bal 0x145c | sym_is_on_list ();
0x00000c34 move s1, v0 | s1 = v0;
0x00000c38 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 != 0) {
0x00000c3c bnez v0, 0xca0 | goto label_16;
| }
| label_1:
0x00000c40 lw t9, -0x7f78(gp) | t9 = sym.imp.getgrent;
0x00000c44 jalr t9 | t9 ();
0x00000c48 nop |
0x00000c4c move s0, v0 | s0 = v0;
0x00000c50 lw gp, 0x18(sp) | gp = *(var_18h);
0x00000c54 bnez v0, 0xc24 |
| }
0x00000c58 lw t9, -0x7f30(gp) | t9 = sym.imp.endgrent;
0x00000c5c jalr t9 | t9 ();
0x00000c60 nop |
0x00000c64 lw gp, 0x18(sp) | gp = *(var_18h);
| if (s5 == 0) {
0x00000c68 beqz s5, 0xd6c | goto label_17;
| }
| label_5:
0x00000c6c lw ra, 0x44(sp) | ra = *(var_44h);
| if (s3 != 0) {
0x00000c70 bnez s3, 0xba0 | goto label_0;
| }
0x00000c74 lw s7, 0x40(sp) | s7 = *(var_40h);
0x00000c78 lw s6, 0x3c(sp) | s6 = *(var_3ch);
0x00000c7c lw s5, 0x38(sp) | s5 = *(var_38h);
0x00000c80 lw s4, 0x34(sp) | s4 = *(var_34h);
0x00000c84 lw s3, 0x30(sp) | s3 = *(var_30h);
0x00000c88 lw s2, 0x2c(sp) | s2 = *(var_2ch);
0x00000c8c lw s1, 0x28(sp) | s1 = *(var_28h);
0x00000c90 lw s0, 0x24(sp) | s0 = *(var_24h);
0x00000c94 move v0, zero | v0 = 0;
0x00000c98 addiu sp, sp, 0x48 |
0x00000c9c jr ra | return v0;
| label_16:
0x00000ca0 lw t9, -0x7f48(gp) | t9 = sym.imp._IO_putc;
| if (s3 != 0) {
0x00000ca4 bnez s3, 0xdac | goto label_18;
| }
| label_6:
0x00000ca8 lw t9, -0x7f84(gp) | t9 = sym.imp.__printf_chk;
0x00000cac lw a2, (s0) | a2 = *(s0);
0x00000cb0 move a1, s4 | a1 = s4;
0x00000cb4 addiu a0, zero, 1 | a0 = 1;
0x00000cb8 jalr t9 | t9 ();
0x00000cbc lw v0, 8(s0) | v0 = *((s0 + 2));
0x00000cc0 lw v1, 0xc(s6) | v1 = *((s6 + 3));
0x00000cc4 lw gp, 0x18(sp) | gp = *(var_18h);
0x00000cc8 xor v0, v0, v1 | v0 ^= v1;
0x00000ccc addiu s3, s3, 1 | s3++;
| if (v0 != 0) {
0x00000cd0 movz s5, s1, v0 | s5 = s1;
| }
0x00000cd4 b 0xc40 | goto label_1;
| label_11:
0x00000cd8 addiu s3, zero, -1 | s3 = -1;
| label_12:
0x00000cdc lw s7, -0x7fd8(gp) | s7 = *((gp - 8182));
| label_14:
0x00000ce0 lw s5, -0x7fd8(gp) | s5 = *((gp - 8182));
0x00000ce4 lw s4, -0x7f7c(gp) | s4 = *((gp - 8159));
0x00000ce8 move s1, zero | s1 = 0;
0x00000cec addiu s6, zero, -1 | s6 = -1;
0x00000cf0 addiu s7, s7, 0x19f8 | s7 += 0x19f8;
0x00000cf4 addiu s5, s5, 0x19f0 | s5 += 0x19f0;
0x00000cf8 b 0xd1c | goto label_19;
| label_3:
0x00000cfc lw a2, (v0) | a2 = *(v0);
0x00000d00 move a1, s5 | a1 = s5;
0x00000d04 addiu a0, zero, 1 | a0 = 1;
0x00000d08 jalr t9 | t9 ();
0x00000d0c lw gp, 0x18(sp) | gp = *(var_18h);
| label_4:
0x00000d10 addiu s1, s1, 1 | s1++;
0x00000d14 addiu s0, s0, 4 | s0 += 4;
| if (s1 == s2) {
0x00000d18 beq s1, s2, 0xba4 | goto label_2;
| }
| label_19:
0x00000d1c lw t9, -0x7f48(gp) | t9 = sym.imp._IO_putc;
| if (s1 == 0) {
0x00000d20 bnez s1, 0xd2c |
| if (s3 == s6) {
0x00000d24 beql s3, s6, 0xd40 | goto label_20;
| }
0x00000d28 lw t9, -0x7f9c(gp) | t9 = sym.imp.getgrgid;
| }
0x00000d2c lw a1, (s4) | a1 = *(s4);
0x00000d30 addiu a0, zero, 0x20 | a0 = 0x20;
0x00000d34 jalr t9 | t9 ();
0x00000d38 lw gp, 0x18(sp) | gp = *(var_18h);
0x00000d3c lw t9, -0x7f9c(gp) | t9 = sym.imp.getgrgid;
| label_20:
0x00000d40 lw a0, (s0) | a0 = *(s0);
0x00000d44 jalr t9 | t9 ();
0x00000d48 lw gp, 0x18(sp) | gp = *(var_18h);
0x00000d4c lw t9, -0x7f84(gp) | t9 = sym.imp.__printf_chk;
| if (v0 != 0) {
0x00000d50 bnez v0, 0xcfc | goto label_3;
| }
0x00000d54 lw a2, (s0) | a2 = *(s0);
0x00000d58 move a1, s7 | a1 = s7;
0x00000d5c addiu a0, zero, 1 | a0 = 1;
0x00000d60 jalr t9 | t9 ();
0x00000d64 lw gp, 0x18(sp) | gp = *(var_18h);
0x00000d68 b 0xd10 | goto label_4;
| label_17:
0x00000d6c lw t9, -0x7f9c(gp) | t9 = sym.imp.getgrgid;
0x00000d70 lw a0, 0xc(s6) | a0 = *((s6 + 3));
0x00000d74 jalr t9 | t9 ();
0x00000d78 move s0, v0 | s0 = v0;
0x00000d7c lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 == 0) {
0x00000d80 beqz v0, 0xc6c | goto label_5;
| }
0x00000d84 lw s4, -0x7f7c(gp) | s4 = *((gp - 8159));
0x00000d88 bnez s3, 0xdc0 |
| while (1) {
0x00000d8c lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
0x00000d90 lw t9, -0x7f84(gp) | t9 = sym.imp.__printf_chk;
0x00000d94 lw a2, (s0) | a2 = *(s0);
0x00000d98 addiu a1, a1, 0x19f0 | a1 += 0x19f0;
0x00000d9c addiu a0, zero, 1 | a0 = 1;
0x00000da0 jalr t9 | t9 ();
0x00000da4 lw gp, 0x18(sp) | gp = *(var_18h);
0x00000da8 b 0xba4 | goto label_2;
| label_18:
0x00000dac lw a1, (s7) | a1 = *(s7);
0x00000db0 addiu a0, zero, 0x20 | a0 = 0x20;
0x00000db4 jalr t9 | t9 ();
0x00000db8 lw gp, 0x18(sp) | gp = *(var_18h);
0x00000dbc b 0xca8 | goto label_6;
0x00000dc0 lw t9, -0x7f48(gp) | t9 = sym.imp._IO_putc;
0x00000dc4 lw a1, (s4) | a1 = *(s4);
0x00000dc8 addiu a0, zero, 0x20 | a0 = 0x20;
0x00000dcc jalr t9 | t9 ();
0x00000dd0 lw gp, 0x18(sp) | gp = *(var_18h);
0x00000dd4 b 0xd8c |
| }
| label_13:
0x00000dd8 lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
0x00000ddc move a2, s3 | a2 = s3;
0x00000de0 addiu a1, a1, 0x19f4 | a1 += 0x19f4;
0x00000de4 addiu a0, zero, 1 | a0 = 1;
0x00000de8 jalr t9 | t9 ();
0x00000dec lw gp, 0x18(sp) | gp = *(var_18h);
0x00000df0 b 0xb98 | goto label_7;
| label_15:
0x00000df4 lw v0, -0x7f40(gp) | v0 = *((gp - 8144));
0x00000df8 lw a2, -0x7fd8(gp) | a2 = *((gp - 8182));
0x00000dfc lw t9, -0x7f94(gp) | t9 = sym.imp.__fprintf_chk
0x00000e00 lw a0, (v0) | a0 = *(v0);
0x00000e04 lw a3, (s3) | a3 = *(s3);
0x00000e08 addiu a2, a2, 0x19fc | a2 += str._s:_unknown_user__s_n;
0x00000e0c sw s2, 0x10(sp) | *(var_10h) = s2;
0x00000e10 addiu a1, zero, 1 | a1 = 1;
0x00000e14 jalr t9 | t9 ();
0x00000e18 lw gp, 0x18(sp) | gp = *(var_18h);
0x00000e1c lw t9, -0x7f64(gp) | t9 = sym.imp.exit;
0x00000e20 addiu a0, zero, 1 | a0 = 1;
0x00000e24 jalr t9 | t9 ();
| label_9:
0x00000e28 lw a0, -0x7fd8(gp) | a0 = *((gp - 8182));
0x00000e2c lw t9, -0x7f50(gp) | t9 = sym.imp.perror;
0x00000e30 addiu a0, a0, 0x19e4 | a0 += str.getgroups;
0x00000e34 jalr t9 | t9 ();
0x00000e38 lw gp, 0x18(sp) | gp = *(var_18h);
0x00000e3c lw t9, -0x7f64(gp) | t9 = sym.imp.exit;
0x00000e40 addiu a0, zero, 1 | a0 = 1;
0x00000e44 jalr t9 | t9 ();
0x00000e48 nop |
0x00000e4c nop |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/groups.shadow @ 0x1670 */
| #include <stdint.h>
|
; (fcn) sym.xmalloc () | void xmalloc () {
0x00001670 lui gp, 2 |
0x00001674 addiu gp, gp, -0x7660 |
0x00001678 addu gp, gp, t9 | gp += t9;
0x0000167c addiu sp, sp, -0x30 |
0x00001680 lw t9, -0x7f58(gp) | t9 = sym.imp.malloc;
0x00001684 sw gp, 0x18(sp) | *(var_18h) = gp;
0x00001688 sw ra, 0x2c(sp) | *(var_2ch) = ra;
0x0000168c sw s1, 0x28(sp) | *(var_28h) = s1;
0x00001690 sw s0, 0x24(sp) | *(var_24h) = s0;
0x00001694 jalr t9 | t9 ();
0x00001698 nop |
0x0000169c lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 != 0) {
0x000016a0 beqz v0, 0x16b8 |
0x000016a4 lw ra, 0x2c(sp) | ra = *(var_2ch);
0x000016a8 lw s1, 0x28(sp) | s1 = *(var_28h);
0x000016ac lw s0, 0x24(sp) | s0 = *(var_24h);
0x000016b0 addiu sp, sp, 0x30 |
0x000016b4 jr ra | return v0;
| }
0x000016b8 lw v0, -0x7f40(gp) | v0 = *((gp - 8144));
0x000016bc lw t9, -0x7f74(gp) | t9 = sym.imp.__errno_location;
0x000016c0 lw s0, (v0) | s0 = *(v0);
0x000016c4 lw v0, -0x7fdc(gp) | v0 = *(gp);
0x000016c8 lw s1, (v0) | s1 = *(v0);
0x000016cc jalr t9 | t9 ();
0x000016d0 lw gp, 0x18(sp) | gp = *(var_18h);
0x000016d4 lw t9, -0x7f5c(gp) | t9 = sym.imp.strerror;
0x000016d8 lw a0, (v0) | a0 = *(v0);
0x000016dc jalr t9 | t9 ();
0x000016e0 lw gp, 0x18(sp) | gp = *(var_18h);
0x000016e4 move a0, s0 | a0 = s0;
0x000016e8 sw v0, 0x10(sp) | *(var_10h) = v0;
0x000016ec lw a2, -0x7fd8(gp) | a2 = *((gp - 8182));
0x000016f0 lw t9, -0x7f94(gp) | t9 = sym.imp.__fprintf_chk
0x000016f4 move a3, s1 | a3 = s1;
0x000016f8 addiu a2, a2, 0x1ab0 | a2 += str._s:_failed_to_allocate_memory:__s_n;
0x000016fc addiu a1, zero, 1 | a1 = 1;
0x00001700 jalr t9 | t9 ();
0x00001704 lw gp, 0x18(sp) | gp = *(var_18h);
0x00001708 lw t9, -0x7f64(gp) | t9 = sym.imp.exit;
0x0000170c addiu a0, zero, 0xd | a0 = 0xd;
0x00001710 jalr t9 | return t9 ();
| }
[*] Function fprintf used 3 times groups.shadow
