[*] Binary protection state of lldpd
Full RELRO Canary found NX disabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function sprintf tear down of lldpd
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/sbin/lldpd @ 0x13b00 */
| #include <stdint.h>
|
; (fcn) fcn.00013b00 () | void fcn_00013b00 () {
0x00013b00 lui gp, 4 |
0x00013b04 addiu gp, gp, 0x2e10 |
0x00013b08 addu gp, gp, t9 | gp += t9;
0x00013b0c addiu sp, sp, -0x60 |
0x00013b10 lw v1, -0x7fd4(gp) | v1 = *((gp - 8181));
0x00013b14 sw s1, 0x3c(sp) | *(var_3ch) = s1;
0x00013b18 lw s1, -0x794c(gp) | s1 = *((gp - 7763));
0x00013b1c sw fp, 0x58(sp) | *(var_58h_2) = fp;
0x00013b20 sw s4, 0x48(sp) | *(var_48h_2) = s4;
0x00013b24 move fp, sp | fp = sp;
0x00013b28 lw v0, (s1) | v0 = *(s1);
0x00013b2c lw s4, -0x6cc(v1) | s4 = *((v1 - 435));
0x00013b30 sw s0, 0x38(sp) | *(var_38h) = s0;
0x00013b34 sw ra, 0x5c(sp) | *(var_5ch_3) = ra;
0x00013b38 sw s7, 0x54(sp) | *(var_54h_2) = s7;
0x00013b3c sw s6, 0x50(sp) | *(var_50h_2) = s6;
0x00013b40 sw s5, 0x4c(sp) | *(var_4ch_2) = s5;
0x00013b44 sw s3, 0x44(sp) | *(var_44h_2) = s3;
0x00013b48 sw s2, 0x40(sp) | *(var_40h) = s2;
0x00013b4c sw gp, 0x28(sp) | *(var_28h_2) = gp;
0x00013b50 move s0, a0 | s0 = a0;
0x00013b54 sw v0, 0x34(fp) | *(arg_34h) = v0;
0x00013b58 lw t9, -0x7a4c(gp) | t9 = sym.imp.__vasprintf_chk
| if (s4 != 0) {
0x00013b5c beqz s4, 0x13bdc |
0x00013b60 addiu a1, zero, 1 | a1 = 1;
0x00013b64 addiu a0, fp, 0x30 | a0 = fp + 0x30;
0x00013b68 jalr t9 | t9 ();
0x00013b6c addiu v1, zero, -1 | v1 = -1;
0x00013b70 lw gp, 0x28(fp) | gp = *(var_28h_2);
| if (v0 != v1) {
0x00013b74 beq v0, v1, 0x13b9c |
0x00013b78 lw a1, 0x30(fp) | a1 = *(arg_30h);
0x00013b7c move t9, s4 | t9 = s4;
0x00013b80 move a0, s0 | a0 = s0;
0x00013b84 jalr t9 | t9 ();
0x00013b88 lw gp, 0x28(fp) | gp = *(var_28h_2);
0x00013b8c lw t9, -0x793c(gp) | t9 = sym.imp.free;
0x00013b90 lw a0, 0x30(fp) | a0 = *(arg_30h);
0x00013b94 jalr t9 | t9 ();
0x00013b98 lw gp, 0x28(fp) | gp = *(var_28h_2);
| }
| label_0:
0x00013b9c lw v1, 0x34(fp) | v1 = *(arg_34h);
0x00013ba0 lw v0, (s1) | v0 = *(s1);
0x00013ba4 lw ra, 0x5c(fp) | ra = *(var_5ch_3);
| if (v1 != v0) {
0x00013ba8 bne v1, v0, 0x13e24 | goto label_4;
| }
0x00013bac move sp, fp |
0x00013bb0 lw fp, 0x58(sp) | fp = *(var_58h_2);
0x00013bb4 lw s7, 0x54(sp) | s7 = *(var_54h_2);
0x00013bb8 lw s6, 0x50(sp) | s6 = *(var_50h_2);
0x00013bbc lw s5, 0x4c(sp) | s5 = *(var_4ch_2);
0x00013bc0 lw s4, 0x48(sp) | s4 = *(var_48h_2);
0x00013bc4 lw s3, 0x44(sp) | s3 = *(var_44h_2);
0x00013bc8 lw s2, 0x40(sp) | s2 = *(var_40h);
0x00013bcc lw s1, 0x3c(sp) | s1 = *(var_3ch);
0x00013bd0 lw s0, 0x38(sp) | s0 = *(var_38h);
0x00013bd4 addiu sp, sp, 0x60 |
0x00013bd8 jr ra | return v0;
| }
0x00013bdc lw v0, -0x7fd4(gp) | v0 = *((gp - 8181));
0x00013be0 move s6, a1 | s6 = a1;
0x00013be4 move s2, a2 | s2 = a2;
0x00013be8 lw v0, -0x6c4(v0) | v0 = *((v0 - 433));
0x00013bec move s3, a3 | s3 = a3;
0x00013bf0 bnez v0, 0x13ca4 |
| while (1) {
0x00013bf4 lw t9, -0x7958(gp) | t9 = sym.imp.time;
0x00013bf8 move a0, zero | a0 = 0;
0x00013bfc jalr t9 | t9 ();
0x00013c00 lw gp, 0x28(fp) | gp = *(var_28h_2);
0x00013c04 addiu s4, fp, 0x30 | s4 = fp + 0x30;
0x00013c08 move a0, s4 | a0 = s4;
0x00013c0c lw t9, -0x7a1c(gp) | t9 = sym.imp.localtime;
0x00013c10 lw s5, -0x7fd4(gp) | s5 = *((gp - 8181));
0x00013c14 sw v0, 0x30(fp) | *(arg_30h) = v0;
0x00013c18 jalr t9 | t9 ();
0x00013c1c lw gp, 0x28(fp) | gp = *(var_28h_2);
0x00013c20 move a3, v0 | a3 = v0;
0x00013c24 addiu a1, zero, 0x14 | a1 = 0x14;
0x00013c28 lw a2, -0x7fbc(gp) | a2 = *((gp - 8175));
0x00013c2c lw t9, -0x7a18(gp) | t9 = sym.imp.strftime;
| /* str._Y__m__dT_H:_M:_S */
0x00013c30 addiu a2, a2, -0x71f8 | a2 += -sym.lldpd_recv;
| /* str.2012_12_12T16:13:30 */
0x00013c34 addiu a0, s5, -0x1e30 | a0 = s5 + -0x1e30;
0x00013c38 jalr t9 | t9 ();
0x00013c3c lw gp, 0x28(fp) | gp = *(var_28h_2);
0x00013c40 addiu a0, zero, 2 | a0 = 2;
0x00013c44 lw t9, -0x7af8(gp) | t9 = sym.imp.isatty;
0x00013c48 addiu s0, s0, -3 | s0 += -3;
0x00013c4c jalr t9 | t9 ();
0x00013c50 addiu v1, zero, 1 | v1 = 1;
0x00013c54 lw gp, 0x28(fp) | gp = *(var_28h_2);
| if (v0 != v1) {
0x00013c58 beq v0, v1, 0x13c80 |
0x00013c5c sltiu v0, s0, 5 | v0 = (s0 < 5) ? 1 : 0;
0x00013c60 lw v0, -0x7fbc(gp) | v0 = *((gp - 8175));
| if (v0 == 0) {
0x00013c64 beqz v0, 0x13e3c | goto label_5;
| }
0x00013c68 sll s0, s0, 2 | s0 <<= 2;
0x00013c6c addiu v0, v0, -0x71c0 | v0 += -0x71c0;
0x00013c70 lwx s0, s0(v0) | __asm ("lwx s0, s0(v0)");
0x00013c74 addu s0, s0, gp | s0 += gp;
0x00013c78 jr s0 | s0 ();
0x00013c7c nop |
| }
0x00013c80 sltiu v0, s0, 5 | v0 = (s0 < 5) ? 1 : 0;
0x00013c84 lw v0, -0x7fbc(gp) | v0 = *((gp - 8175));
| if (v0 == 0) {
0x00013c88 beqz v0, 0x13e30 | goto label_6;
| }
0x00013c8c sll s0, s0, 2 | s0 <<= 2;
0x00013c90 addiu v0, v0, -0x71ac | v0 += -0x71ac;
0x00013c94 lwx v0, s0(v0) | __asm ("lwx v0, s0(v0)");
0x00013c98 addu v0, v0, gp | v0 += gp;
0x00013c9c jr v0 | v0 ();
0x00013ca0 nop |
0x00013ca4 lw t9, -0x79d0(gp) | t9 = sym.imp.__vsyslog_chk;
0x00013ca8 addiu a1, zero, 1 | a1 = 1;
0x00013cac jalr t9 | t9 ();
0x00013cb0 lw gp, 0x28(fp) | gp = *(var_28h_2);
0x00013cb4 b 0x13bf4 |
| }
| if (s6 == 0) {
| label_3:
0x00013cc0 beql s6, zero, 0x13e18 | goto label_7;
| }
0x00013cc4 lw s6, -0x7fbc(gp) | s6 = *((gp - 8175));
0x00013cc8 lw s0, -0x7fbc(gp) | s0 = *((gp - 8175));
0x00013ccc addiu s0, s0, -0x7204 | s0 += -0x7204;
| label_2:
0x00013cd0 lw t9, -0x7af8(gp) | t9 = sym.imp.isatty;
0x00013cd4 addiu a0, zero, 2 | a0 = 2;
0x00013cd8 jalr t9 | t9 ();
0x00013cdc lw gp, 0x28(fp) | gp = *(var_28h_2);
| if (v0 != 0) {
0x00013ce0 bnez v0, 0x13dd8 | goto label_8;
| }
0x00013ce4 lw v0, -0x7fbc(gp) | v0 = *((gp - 8175));
0x00013ce8 addiu v0, v0, -0x7068 | v0 += -0x7068;
| do {
0x00013cec lw a2, -0x7fbc(gp) | a2 = *((gp - 8175));
0x00013cf0 lw t9, -0x79f0(gp) | t9 = sym.imp.__asprintf_chk
0x00013cf4 sw s0, 0x14(sp) | *(var_14h) = s0;
0x00013cf8 sw s2, 0x20(sp) | *(var_20h) = s2;
0x00013cfc sw v0, 0x1c(sp) | *(var_1ch) = v0;
0x00013d00 sw s6, 0x18(sp) | *(var_18h_4) = s6;
0x00013d04 sw s7, 0x10(sp) | *(var_10h_3) = s7;
| /* str.2012_12_12T16:13:30 */
0x00013d08 addiu a3, s5, -0x1e30 | a3 = s5 + -0x1e30;
| /* str._s__s_s_s__s__s_n */
0x00013d0c addiu a2, a2, -0x71e4 | a2 += -0x71e4;
0x00013d10 addiu a1, zero, 1 | a1 = 1;
0x00013d14 move a0, s4 | a0 = s4;
0x00013d18 jalr t9 | t9 ();
0x00013d1c lw gp, 0x28(fp) | gp = *(var_28h_2);
0x00013d20 addiu v1, zero, -1 | v1 = -1;
0x00013d24 lw s0, -0x792c(gp) | s0 = *((gp - 7755));
| if (v0 == v1) {
0x00013d28 beq v0, v1, 0x13de4 | goto label_9;
| }
0x00013d2c lw t9, -0x7914(gp) | t9 = sym.imp.__vfprintf_chk;
0x00013d30 lw a2, 0x30(fp) | a2 = *(arg_30h);
0x00013d34 lw a0, (s0) | a0 = *(s0);
0x00013d38 move a3, s3 | a3 = s3;
0x00013d3c addiu a1, zero, 1 | a1 = 1;
0x00013d40 jalr t9 | t9 ();
0x00013d44 lw gp, 0x28(fp) | gp = *(var_28h_2);
0x00013d48 lw t9, -0x793c(gp) | t9 = sym.imp.free;
0x00013d4c lw a0, 0x30(fp) | a0 = *(arg_30h);
0x00013d50 jalr t9 | t9 ();
0x00013d54 lw gp, 0x28(fp) | gp = *(var_28h_2);
| label_1:
0x00013d58 lw t9, -0x7924(gp) | t9 = sym.imp.fflush;
0x00013d5c lw a0, (s0) | a0 = *(s0);
0x00013d60 jalr t9 | t9 ();
0x00013d64 lw gp, 0x28(fp) | gp = *(var_28h_2);
0x00013d68 b 0x13b9c | goto label_0;
| label_8:
0x00013dd8 lw v0, -0x7fbc(gp) | v0 = *((gp - 8175));
| /* str.e_0m */
0x00013ddc addiu v0, v0, -0x7200 | v0 += -0x7200;
0x00013de0 b 0x13cec |
| } while (1);
| label_9:
0x00013de4 lw t9, -0x7914(gp) | t9 = sym.imp.__vfprintf_chk;
0x00013de8 lw a0, (s0) | a0 = *(s0);
0x00013dec move a3, s3 | a3 = s3;
0x00013df0 move a2, s2 | a2 = s2;
0x00013df4 addiu a1, zero, 1 | a1 = 1;
0x00013df8 jalr t9 | t9 ();
0x00013dfc lw gp, 0x28(fp) | gp = *(var_28h_2);
0x00013e00 lw a1, (s0) | a1 = *(s0);
0x00013e04 lw t9, -0x7aac(gp) | t9 = sym.imp.fputc;
0x00013e08 addiu a0, zero, 0xa | a0 = 0xa;
0x00013e0c jalr t9 | t9 ();
0x00013e10 lw gp, 0x28(fp) | gp = *(var_28h_2);
0x00013e14 b 0x13d58 | goto label_1;
| label_7:
0x00013e18 addiu s6, s6, -0x7068 | s6 += -0x7068;
0x00013e1c move s0, s6 | s0 = s6;
0x00013e20 b 0x13cd0 | goto label_2;
| label_4:
0x00013e24 lw t9, -0x7984(gp) | t9 = sym.imp.__stack_chk_fail;
0x00013e28 jalr t9 | t9 ();
0x00013e2c nop |
| label_6:
0x00013e30 lw s7, -0x7fbc(gp) | s7 = *((gp - 8175));
| /* str.e_1_37_41m_CRIT */
0x00013e34 addiu s7, s7, -0x721c | s7 += -0x721c;
0x00013e38 b 0x13cc0 | goto label_3;
| label_5:
0x00013e3c lw s7, -0x7fbc(gp) | s7 = *((gp - 8175));
| /* str._CRIT */
0x00013e40 addiu s7, s7, -0x7274 | s7 += -0x7274;
0x00013e44 b 0x13cc0 | goto label_3;
| }
[*] Function sprintf used 3 times lldpd
