[*] Binary protection state of vftpd
Full RELRO Canary found NX disabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function strcpy tear down of vftpd
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/vftpd @ 0x63ec */
| #include <stdint.h>
|
; (fcn) fcn.000063ec () | void fcn_000063ec () {
0x000063ec lui gp, 2 |
0x000063f0 addiu gp, gp, -0x52dc |
0x000063f4 addu gp, gp, t9 | gp += t9;
0x000063f8 addiu sp, sp, -0x2c8 |
0x000063fc sw s3, 0x2ac(sp) | *(var_2ach) = s3;
0x00006400 lw s3, -0x7d3c(gp) | s3 = *((gp - 8015));
0x00006404 sw s6, 0x2b8(sp) | *(var_2b8h) = s6;
0x00006408 lw s6, (a1) | s6 = *(a1);
0x0000640c lw v0, (s3) | v0 = *(s3);
0x00006410 sw s5, 0x2b4(sp) | *(var_2b4h) = s5;
0x00006414 sw s4, 0x2b0(sp) | *(var_2b0h) = s4;
0x00006418 sw s2, 0x2a8(sp) | *(var_2a8h) = s2;
0x0000641c sw s1, 0x2a4(sp) | *(var_2a4h) = s1;
0x00006420 sw s0, 0x2a0(sp) | *(var_2a0h) = s0;
0x00006424 sw gp, 0x18(sp) | *(var_18h_2) = gp;
0x00006428 sw ra, 0x2c4(sp) | *(var_2c4h) = ra;
0x0000642c sw fp, 0x2c0(sp) | *(var_2c0h) = fp;
0x00006430 sw s7, 0x2bc(sp) | *(var_2bch) = s7;
0x00006434 sw zero, 0x40(sp) | *(var_40h) = 0;
0x00006438 sw zero, 0x44(sp) | *(var_44h) = 0;
0x0000643c sw zero, 0x48(sp) | *(var_48h) = 0;
0x00006440 sw v0, 0x29c(sp) | *(var_29ch) = v0;
0x00006444 lb v0, (s6) | v0 = *(s6);
0x00006448 addiu s2, sp, 0x4c | s2 = sp + 0x4c;
0x0000644c move s5, a1 | s5 = a1;
0x00006450 sw s2, 0x2c(sp) | *(var_2ch) = s2;
0x00006454 sw a0, 0x28(sp) | *(var_28h) = a0;
0x00006458 move s1, a2 | s1 = a2;
0x0000645c sw a3, 0x24(sp) | *(var_24h) = a3;
0x00006460 lw s4, 0x2d8(sp) | s4 = *(var_2d8h);
0x00006464 move s0, zero | s0 = 0;
| if (v0 == 0) {
0x00006468 beqz v0, 0x6500 | goto label_9;
| }
| label_0:
0x0000646c lw t9, -0x7dc4(gp) | t9 = sym.imp.strchr;
0x00006470 addiu a1, zero, 0x20 | a1 = 0x20;
0x00006474 move a0, s6 | a0 = s6;
0x00006478 jalr t9 | t9 ();
0x0000647c move fp, v0 | fp = v0;
0x00006480 lw gp, 0x18(sp) | gp = *(var_18h_2);
| if (v0 == 0) {
0x00006484 beqz v0, 0x6668 | goto label_10;
| }
0x00006488 subu s7, fp, s6 | __asm ("subu s7, fp, s6");
0x0000648c addiu a0, s7, 1 | a0 = s7 + 1;
0x00006490 slti v0, a0, 0x401 | v0 = (a0 < 0x401) ? 1 : 0;
0x00006494 lw a2, -0x7fb8(gp) | a2 = *((gp - 8174));
| if (v0 == 0) {
0x00006498 beqz v0, 0x6690 | goto label_11;
| }
| label_1:
0x0000649c lw t9, -0x7d9c(gp) | t9 = sym.imp.malloc;
0x000064a0 jalr t9 | t9 ();
0x000064a4 nop |
0x000064a8 lw gp, 0x18(sp) | gp = *(var_18h_2);
| if (v0 == 0) {
0x000064ac beqz v0, 0x6750 | goto label_12;
| }
0x000064b0 lw t9, -0x7e04(gp) | t9 = sym.imp.strncpy;
0x000064b4 move a0, v0 | a0 = v0;
0x000064b8 move a2, s7 | a2 = s7;
0x000064bc move a1, s6 | a1 = s6;
0x000064c0 jalr t9 | t9 ();
0x000064c4 addu a3, v0, s7 | a3 = v0 + s7;
0x000064c8 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x000064cc sw v0, (s2) | *(s2) = v0;
0x000064d0 sb zero, (a3) | *(a3) = 0;
0x000064d4 lb v0, (fp) | v0 = *(fp);
0x000064d8 addiu a0, zero, 0x20 | a0 = 0x20;
0x000064dc addiu s0, s0, 1 | s0++;
| if (v0 != a0) {
0x000064e0 bne v0, a0, 0x64f4 | goto label_13;
| }
0x000064e4 addiu fp, fp, 1 | fp++;
| do {
0x000064e8 lb v0, (fp) | v0 = *(fp);
0x000064ec beql v0, a0, 0x64e8 |
| } while (v0 == a0);
0x000064f0 addiu fp, fp, 1 | fp++;
| label_13:
0x000064f4 addiu s2, s2, 4 | s2 += 4;
0x000064f8 move s6, fp | s6 = fp;
| if (v0 != 0) {
0x000064fc bnez v0, 0x646c | goto label_0;
| }
| label_9:
0x00006500 addiu v0, sp, 0x2a0 | v0 = sp + 0x2a0;
0x00006504 sll s0, s0, 2 | s0 <<= 2;
0x00006508 addu s0, v0, s0 | s0 = v0 + s0;
0x0000650c lw t9, -0x7d70(gp) | t9 = sym.imp.geteuid;
0x00006510 sw zero, -0x254(s0) | *((s0 - 149)) = 0;
0x00006514 lw s0, 0x4c(sp) | s0 = *(var_4ch);
0x00006518 jalr t9 | t9 ();
0x0000651c lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00006520 lw t9, -0x7d7c(gp) | t9 = sym.imp.getegid;
0x00006524 move s2, v0 | s2 = v0;
0x00006528 jalr t9 | t9 ();
0x0000652c lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00006530 move a1, s2 | a1 = s2;
0x00006534 move a0, s2 | a0 = s2;
0x00006538 lw t9, -0x7dcc(gp) | t9 = sym.imp.setreuid;
0x0000653c move s2, v0 | s2 = v0;
0x00006540 jalr t9 | t9 ();
0x00006544 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00006548 move a1, s2 | a1 = s2;
0x0000654c move a0, s2 | a0 = s2;
0x00006550 lw t9, -0x7e40(gp) | t9 = sym.imp.setregid;
0x00006554 move s2, v0 | s2 = v0;
0x00006558 jalr t9 | t9 ();
0x0000655c lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00006560 addiu a1, zero, 5 | a1 = 5;
0x00006564 move a0, s0 | a0 = s0;
0x00006568 lw t9, -0x7e10(gp) | t9 = sym.imp.access;
| if (v0 < 0) {
0x0000656c bltz v0, 0x66b0 | goto label_14;
| }
0x00006570 jalr t9 | t9 ();
0x00006574 nop |
0x00006578 lw gp, 0x18(sp) | gp = *(var_18h_2);
| if (v0 < 0) {
0x0000657c bltz v0, 0x68f4 | goto label_15;
| }
0x00006580 lw t9, -0x7e0c(gp) | t9 = sym.imp.pipe;
| if (s2 < 0) {
0x00006584 bltz s2, 0x68f4 | goto label_15;
| }
0x00006588 addiu a0, sp, 0x30 | a0 = sp + 0x30;
0x0000658c jalr t9 | t9 ();
0x00006590 lw gp, 0x18(sp) | gp = *(var_18h_2);
| if (v0 < 0) {
0x00006594 bltz v0, 0x6760 | goto label_16;
| }
| label_4:
0x00006598 lw t9, -0x7e0c(gp) | t9 = sym.imp.pipe;
| if (s4 != 0) {
0x0000659c beqz s4, 0x65b0 |
0x000065a0 addiu a0, sp, 0x38 | a0 = sp + 0x38;
0x000065a4 jalr t9 | t9 ();
0x000065a8 lw gp, 0x18(sp) | gp = *(var_18h_2);
| if (v0 != 0) {
0x000065ac bnez v0, 0x6794 | goto label_17;
| }
| }
| label_5:
0x000065b0 addiu v0, zero, 1 | v0 = 1;
| if (s1 == 0) {
0x000065b4 beqz s1, 0x6748 | goto label_18;
| }
0x000065b8 lw s0, -0x7ec8(gp) | s0 = *(gp);
| if (s1 != v0) {
0x000065bc bne s1, v0, 0x68fc | goto label_19;
| }
| label_3:
0x000065c0 lw t9, -0x7e28(gp) | t9 = sym.imp.fork;
0x000065c4 jalr t9 | t9 ();
0x000065c8 nop |
0x000065cc lw v1, 0x24(sp) | v1 = *(var_24h);
0x000065d0 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x000065d4 sw v0, (v1) | *(v1) = v0;
| if (v0 < 0) {
0x000065d8 bltz v0, 0x6910 | goto label_20;
| }
0x000065dc lw t9, -0x7e00(gp) | t9 = *(gp);
| if (v0 == 0) {
0x000065e0 beqz v0, 0x66c0 | goto label_21;
| }
0x000065e4 lw t9, -0x7e90(gp) | t9 = sym.imp.close;
| if (s1 == 0) {
0x000065e8 beqz s1, 0x6780 | goto label_22;
| }
0x000065ec addiu v0, zero, 1 | v0 = 1;
0x000065f0 addiu s0, zero, -1 | s0 = -1;
| if (s1 != v0) {
0x000065f4 bnel s1, v0, 0x6628 |
0x000065f8 lw v0, 0x38(sp) | v0 = *(var_38h);
| if (s4 != 0) {
0x000065fc beqz s4, 0x6618 |
0x00006600 lw t9, -0x7e90(gp) | t9 = sym.imp.close;
0x00006604 lw a0, 0x3c(sp) | a0 = *(var_3ch_2);
0x00006608 sw v0, (s4) | *(s4) = v0;
0x0000660c jalr t9 | t9 ();
0x00006610 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00006614 lw t9, -0x7e90(gp) | t9 = sym.imp.close;
| }
0x00006618 lw a0, 0x30(sp) | a0 = *(var_30h);
0x0000661c lw s0, 0x34(sp) | s0 = *(var_34h);
0x00006620 jalr t9 | t9 ();
0x00006624 lw gp, 0x18(sp) | gp = *(var_18h_2);
| }
| label_2:
0x00006628 lw a0, 0x29c(sp) | a0 = *(var_29ch);
0x0000662c lw v1, (s3) | v1 = *(s3);
0x00006630 move v0, s0 | v0 = s0;
| if (a0 != v1) {
0x00006634 bne a0, v1, 0x6944 | goto label_23;
| }
0x00006638 lw ra, 0x2c4(sp) | ra = *(var_2c4h);
0x0000663c lw fp, 0x2c0(sp) | fp = *(var_2c0h);
0x00006640 lw s7, 0x2bc(sp) | s7 = *(var_2bch);
0x00006644 lw s6, 0x2b8(sp) | s6 = *(var_2b8h);
0x00006648 lw s5, 0x2b4(sp) | s5 = *(var_2b4h);
0x0000664c lw s4, 0x2b0(sp) | s4 = *(var_2b0h);
0x00006650 lw s3, 0x2ac(sp) | s3 = *(var_2ach);
0x00006654 lw s2, 0x2a8(sp) | s2 = *(var_2a8h);
0x00006658 lw s1, 0x2a4(sp) | s1 = *(var_2a4h);
0x0000665c lw s0, 0x2a0(sp) | s0 = *(var_2a0h);
0x00006660 addiu sp, sp, 0x2c8 |
0x00006664 jr ra | return v0;
| label_10:
0x00006668 lw t9, -0x7dd0(gp) | t9 = *(gp);
0x0000666c move a0, s6 | a0 = s6;
0x00006670 jalr t9 | t9 ();
0x00006674 addu fp, s6, v0 | fp = s6 + v0;
0x00006678 subu s7, fp, s6 | __asm ("subu s7, fp, s6");
0x0000667c addiu a0, s7, 1 | a0 = s7 + 1;
0x00006680 slti v0, a0, 0x401 | v0 = (a0 < 0x401) ? 1 : 0;
0x00006684 lw gp, 0x18(sp) | gp = *(var_18h_2);
| if (v0 != 0) {
0x00006688 bnez v0, 0x649c | goto label_1;
| }
0x0000668c lw a2, -0x7fb8(gp) | a2 = *((gp - 8174));
| label_11:
0x00006690 lw t9, -0x7e20(gp) | t9 = sym.imp.__syslog_chk;
0x00006694 addiu a2, a2, -0x75e0 | a2 += -0x75e0;
| do {
0x00006698 addiu a1, zero, 1 | a1 = 1;
0x0000669c addiu a0, zero, 3 | a0 = 3;
0x000066a0 jalr t9 | t9 ();
0x000066a4 addiu s0, zero, -1 | s0 = -1;
0x000066a8 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x000066ac b 0x6628 | goto label_2;
| label_14:
0x000066b0 addiu s0, zero, -1 | s0 = -1;
0x000066b4 jalr t9 | t9 ();
0x000066b8 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x000066bc b 0x6628 | goto label_2;
| label_21:
0x000066c0 jalr t9 | t9 ();
0x000066c4 nop |
0x000066c8 move s2, v0 | s2 = v0;
0x000066cc lw gp, 0x18(sp) | gp = *(var_18h_2);
| if (s1 == 0) {
0x000066d0 beqz s1, 0x6874 | goto label_24;
| }
0x000066d4 addiu v0, zero, 1 | v0 = 1;
0x000066d8 lw t9, -0x7d00(gp) | t9 = sym.imp.dup2;
| if (s1 == v0) {
0x000066dc beq s1, v0, 0x68a4 | goto label_25;
| }
| label_7:
0x000066e0 lw t9, -0x7e90(gp) | t9 = sym.imp.close;
0x000066e4 lw a0, 0x30(sp) | a0 = *(var_30h);
0x000066e8 jalr t9 | t9 ();
0x000066ec lw gp, 0x18(sp) | gp = *(var_18h_2);
0x000066f0 lw t9, -0x7e90(gp) | t9 = sym.imp.close;
0x000066f4 lw a0, 0x34(sp) | a0 = *(var_34h);
0x000066f8 jalr t9 | t9 ();
0x000066fc lw gp, 0x18(sp) | gp = *(var_18h_2);
| if (s4 == 0) {
0x00006700 beqz s4, 0x67d4 | goto label_26;
| }
0x00006704 lw t9, -0x7d00(gp) | t9 = sym.imp.dup2;
0x00006708 lw a0, 0x3c(sp) | a0 = *(var_3ch_2);
0x0000670c addiu a1, zero, 3 | a1 = 3;
0x00006710 jalr t9 | t9 ();
0x00006714 addiu v1, zero, 3 | v1 = 3;
0x00006718 lw gp, 0x18(sp) | gp = *(var_18h_2);
| if (v0 == v1) {
0x0000671c beq v0, v1, 0x67b4 | goto label_27;
| }
| label_6:
0x00006720 lw a2, -0x7fb8(gp) | a2 = *((gp - 8174));
0x00006724 lw t9, -0x7e20(gp) | t9 = sym.imp.__syslog_chk;
0x00006728 lw a3, (s2) | a3 = *(s2);
0x0000672c addiu a2, a2, -0x7530 | a2 += -0x7530;
| label_8:
0x00006730 addiu a1, zero, 1 | a1 = 1;
0x00006734 addiu a0, zero, 3 | a0 = 3;
0x00006738 jalr t9 | t9 ();
0x0000673c addiu s0, zero, -1 | s0 = -1;
0x00006740 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00006744 b 0x6628 | goto label_2;
| label_18:
0x00006748 lw s0, -0x7ec4(gp) | s0 = *(gp);
0x0000674c b 0x65c0 | goto label_3;
| label_12:
0x00006750 lw a2, -0x7fb8(gp) | a2 = *((gp - 8174));
0x00006754 lw t9, -0x7e20(gp) | t9 = sym.imp.__syslog_chk;
0x00006758 addiu a2, a2, -0x75c8 | a2 += -0x75c8;
0x0000675c b 0x6698 |
| } while (1);
| label_16:
0x00006760 lw a2, -0x7fb8(gp) | a2 = *((gp - 8174));
0x00006764 lw t9, -0x7e20(gp) | t9 = sym.imp.__syslog_chk;
0x00006768 addiu a2, a2, -0x75a0 | a2 += -0x75a0;
0x0000676c addiu a1, zero, 1 | a1 = 1;
0x00006770 addiu a0, zero, 3 | a0 = 3;
0x00006774 jalr t9 | t9 ();
0x00006778 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x0000677c b 0x6598 | goto label_4;
| label_22:
0x00006780 lw a0, 0x34(sp) | a0 = *(var_34h);
0x00006784 lw s0, 0x30(sp) | s0 = *(var_30h);
0x00006788 jalr t9 | t9 ();
0x0000678c lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00006790 b 0x6628 | goto label_2;
| label_17:
0x00006794 lw a2, -0x7fb8(gp) | a2 = *((gp - 8174));
0x00006798 lw t9, -0x7e20(gp) | t9 = sym.imp.__syslog_chk;
0x0000679c addiu a2, a2, -0x75a0 | a2 += -0x75a0;
0x000067a0 addiu a1, zero, 1 | a1 = 1;
0x000067a4 addiu a0, zero, 3 | a0 = 3;
0x000067a8 jalr t9 | t9 ();
0x000067ac lw gp, 0x18(sp) | gp = *(var_18h_2);
0x000067b0 b 0x65b0 | goto label_5;
| label_27:
0x000067b4 lw t9, -0x7e90(gp) | t9 = sym.imp.close;
0x000067b8 lw a0, 0x3c(sp) | a0 = *(var_3ch_2);
0x000067bc jalr t9 | t9 ();
0x000067c0 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x000067c4 lw t9, -0x7e90(gp) | t9 = sym.imp.close;
0x000067c8 lw a0, 0x38(sp) | a0 = *(var_38h);
0x000067cc jalr t9 | t9 ();
0x000067d0 lw gp, 0x18(sp) | gp = *(var_18h_2);
| label_26:
0x000067d4 lw v1, -0x7fb8(gp) | v1 = *((gp - 8174));
0x000067d8 lw a0, 0x28(sp) | a0 = *(var_28h);
0x000067dc addiu v0, v1, -0x748c | v0 = v1 + -0x748c;
0x000067e0 lw a3, -0x748c(v1) | a3 = *((v1 - 7459));
0x000067e4 addiu s1, sp, 0x24c | s1 = sp + 0x24c;
0x000067e8 lw v1, 4(v0) | v1 = *((v0 + 1));
0x000067ec lbu v0, 8(v0) | v0 = *((v0 + 8));
0x000067f0 lw t9, -0x7e14(gp) | t9 = sym.imp.__strcpy_chk
0x000067f4 lw a1, (a0) | a1 = *(a0);
0x000067f8 sw a3, 0x24c(sp) | *(var_24ch) = a3;
0x000067fc addiu a2, zero, 0x50 | a2 = 0x50;
0x00006800 sw v1, 4(s1) | *((s1 + 1)) = v1;
0x00006804 addiu a0, sp, 0x254 | a0 = sp + 0x254;
0x00006808 sb v0, 8(s1) | *((s1 + 8)) = v0;
0x0000680c jalr t9 | t9 ();
0x00006810 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00006814 lw a1, 0x2c(sp) | a1 = *(var_2ch);
0x00006818 lw a0, 0x4c(sp) | a0 = *(var_4ch);
0x0000681c lw t9, -0x7dd8(gp) | t9 = sym.imp.execve;
0x00006820 addiu a2, sp, 0x40 | a2 = sp + 0x40;
0x00006824 sw s0, 0x44(sp) | *(var_44h) = s0;
0x00006828 sw s1, 0x40(sp) | *(var_40h) = s1;
0x0000682c jalr t9 | t9 ();
0x00006830 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00006834 lw a0, (s2) | a0 = *(s2);
0x00006838 lw t9, -0x7da4(gp) | t9 = sym.imp.strerror;
0x0000683c lw s0, (s5) | s0 = *(s5);
0x00006840 jalr t9 | t9 ();
0x00006844 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00006848 move a3, s0 | a3 = s0;
0x0000684c sw v0, 0x10(sp) | *(var_10h_2) = v0;
0x00006850 lw a2, -0x7fb8(gp) | a2 = *((gp - 8174));
0x00006854 lw t9, -0x7e20(gp) | t9 = sym.imp.__syslog_chk;
0x00006858 addiu a2, a2, -0x7480 | a2 += -0x7480;
0x0000685c addiu a1, zero, 1 | a1 = 1;
0x00006860 addiu a0, zero, 3 | a0 = 3;
0x00006864 jalr t9 | t9 ();
0x00006868 addiu s0, zero, -1 | s0 = -1;
0x0000686c lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00006870 b 0x6628 | goto label_2;
| label_24:
0x00006874 lw t9, -0x7d00(gp) | t9 = sym.imp.dup2;
0x00006878 lw a0, 0x34(sp) | a0 = *(var_34h);
0x0000687c addiu a1, zero, 1 | a1 = 1;
0x00006880 jalr t9 | t9 ();
0x00006884 addiu v1, zero, 1 | v1 = 1;
0x00006888 lw gp, 0x18(sp) | gp = *(var_18h_2);
| if (v0 != v1) {
0x0000688c bne v0, v1, 0x6720 | goto label_6;
| }
0x00006890 lw t9, -0x7e90(gp) | t9 = sym.imp.close;
0x00006894 move a0, zero | a0 = 0;
0x00006898 jalr t9 | t9 ();
0x0000689c lw gp, 0x18(sp) | gp = *(var_18h_2);
0x000068a0 b 0x66e0 | goto label_7;
| label_25:
0x000068a4 lw a0, 0x2dc(sp) | a0 = *(var_2dch);
0x000068a8 addiu a1, zero, 1 | a1 = 1;
0x000068ac jalr t9 | t9 ();
0x000068b0 lw gp, 0x18(sp) | gp = *(var_18h_2);
| if (v0 != s1) {
0x000068b4 bne v0, s1, 0x6720 | goto label_6;
| }
0x000068b8 lw t9, -0x7e90(gp) | t9 = sym.imp.close;
0x000068bc lw a0, 0x2dc(sp) | a0 = *(var_2dch);
0x000068c0 jalr t9 | t9 ();
0x000068c4 lw gp, 0x18(sp) | gp = *(var_18h_2);
0x000068c8 lw a0, 0x30(sp) | a0 = *(var_30h);
0x000068cc lw t9, -0x7d00(gp) | t9 = sym.imp.dup2;
0x000068d0 move a1, zero | a1 = 0;
0x000068d4 jalr t9 | t9 ();
0x000068d8 lw gp, 0x18(sp) | gp = *(var_18h_2);
| if (v0 == 0) {
0x000068dc beqz v0, 0x66e0 | goto label_7;
| }
0x000068e0 lw a2, -0x7fb8(gp) | a2 = *((gp - 8174));
0x000068e4 lw t9, -0x7e20(gp) | t9 = sym.imp.__syslog_chk;
0x000068e8 lw a3, (s2) | a3 = *(s2);
0x000068ec addiu a2, a2, -0x74dc | a2 += -0x74dc;
0x000068f0 b 0x6730 | goto label_8;
| label_15:
0x000068f4 addiu s0, zero, -1 | s0 = -1;
0x000068f8 b 0x6628 | goto label_2;
| label_19:
0x000068fc lw a2, -0x7fb8(gp) | a2 = *((gp - 8174));
0x00006900 lw t9, -0x7e20(gp) | t9 = sym.imp.__syslog_chk;
0x00006904 move a3, s1 | a3 = s1;
0x00006908 addiu a2, a2, -0x7578 | a2 += -0x7578;
0x0000690c b 0x6730 | goto label_8;
| label_20:
0x00006910 lw t9, -0x7e00(gp) | t9 = *(gp);
0x00006914 addiu s0, zero, -1 | s0 = -1;
0x00006918 jalr t9 | t9 ();
0x0000691c lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00006920 lw a3, (v0) | a3 = *(v0);
0x00006924 addiu a1, zero, 1 | a1 = 1;
0x00006928 lw a2, -0x7fb8(gp) | a2 = *((gp - 8174));
0x0000692c lw t9, -0x7e20(gp) | t9 = sym.imp.__syslog_chk;
0x00006930 addiu a2, a2, -0x755c | a2 += -0x755c;
0x00006934 addiu a0, zero, 3 | a0 = 3;
0x00006938 jalr t9 | t9 ();
0x0000693c lw gp, 0x18(sp) | gp = *(var_18h_2);
0x00006940 b 0x6628 | goto label_2;
| label_23:
0x00006944 lw t9, -0x7d64(gp) | t9 = sym.imp.__stack_chk_fail;
0x00006948 jalr t9 | t9 ();
0x0000694c nop |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/vftpd @ 0x6d80 */
| #include <stdint.h>
|
; (fcn) sym.ls () | void ls () {
0x00006d80 lui gp, 2 |
0x00006d84 addiu gp, gp, -0x5c70 |
0x00006d88 addu gp, gp, t9 | gp += t9;
0x00006d8c addiu sp, sp, -0x5c8 |
0x00006d90 lw v0, -0x7d3c(gp) | v0 = *((gp - 8015));
0x00006d94 sw s5, 0x5b4(sp) | *(var_5b4h) = s5;
0x00006d98 sw gp, 0x30(sp) | *(var_30h) = gp;
0x00006d9c sw ra, 0x5c4(sp) | *(var_5c4h) = ra;
0x00006da0 sw fp, 0x5c0(sp) | *(var_5c0h) = fp;
0x00006da4 sw s7, 0x5bc(sp) | *(var_5bch) = s7;
0x00006da8 sw s6, 0x5b8(sp) | *(var_5b8h) = s6;
0x00006dac sw s4, 0x5b0(sp) | *(var_5b0h) = s4;
0x00006db0 sw s3, 0x5ac(sp) | *(var_5ach) = s3;
0x00006db4 sw s2, 0x5a8(sp) | *(var_5a8h) = s2;
0x00006db8 sw s1, 0x5a4(sp) | *(var_5a4h) = s1;
0x00006dbc sw s0, 0x5a0(sp) | *(var_5a0h) = s0;
0x00006dc0 lw v1, (v0) | v1 = *(v0);
0x00006dc4 sw v0, 0x64(sp) | *(var_64h) = v0;
0x00006dc8 lb v0, (a0) | v0 = *(a0);
0x00006dcc sw a0, 0x44(sp) | *(var_44h) = a0;
0x00006dd0 sw a1, 0x4c(sp) | *(var_4ch) = a1;
0x00006dd4 move s5, a2 | s5 = a2;
0x00006dd8 sw v1, 0x59c(sp) | *(var_59ch) = v1;
| if (v0 != 0) {
0x00006ddc beql v0, zero, 0x6e08 |
0x00006de0 sw zero, 0x5c(sp) | *(var_5ch) = 0;
0x00006de4 lw t9, -0x7dd0(gp) | t9 = *(gp);
0x00006de8 move s0, a0 | s0 = a0;
0x00006dec jalr t9 | t9 ();
0x00006df0 addu v0, s0, v0 | v0 = s0 + v0;
0x00006df4 lw gp, 0x30(sp) | gp = *(var_30h);
0x00006df8 lb v0, -1(v0) | v0 = *((v0 - 1));
0x00006dfc xori v0, v0, 0x2f | v0 ^= 0x2f;
0x00006e00 sltiu v0, v0, 1 | v0 = (v0 < 1) ? 1 : 0;
0x00006e04 sw v0, 0x5c(sp) | *(var_5ch) = v0;
| }
0x00006e08 lw v0, -0x7fb8(gp) | v0 = *((gp - 8174));
0x00006e0c lw v1, -0x7fb8(gp) | v1 = *((gp - 8174));
0x00006e10 sw v0, 0x60(sp) | *(var_60h) = v0;
0x00006e14 lw v0, -0x7fc0(gp) | v0 = *((gp - 8176));
0x00006e18 sw v1, 0x50(sp) | *(var_50h) = v1;
0x00006e1c sw v0, 0x48(sp) | *(var_48h) = v0;
0x00006e20 lw v0, -0x7fb8(gp) | v0 = *((gp - 8174));
0x00006e24 lw s4, -0x7fc0(gp) | s4 = *((gp - 8176));
0x00006e28 addiu v0, v0, -0x7398 | v0 += -0x7398;
0x00006e2c sw v0, 0x58(sp) | *(var_58h) = v0;
0x00006e30 lw v0, -0x7394(v1) | v0 = *((v1 - 7397));
0x00006e34 sw v0, 0x54(sp) | *(var_54h) = v0;
0x00006e38 b 0x7164 |
| while (v0 != v1) {
0x00006e3c lw v0, 0xa0(sp) | v0 = *(var_a0h);
0x00006e40 lw t9, -0x7d04(gp) | t9 = sym.imp.__snprintf_chk;
0x00006e44 sw v0, 0x14(sp) | *(var_14h) = v0;
0x00006e48 lw v0, 0x58(sp) | v0 = *(var_58h);
0x00006e4c addiu a0, sp, 0x190 | a0 = sp + 0x190;
0x00006e50 sw a0, 0x40(sp) | *(var_40h) = a0;
0x00006e54 sw v0, 0x10(sp) | *(var_10h_2) = v0;
0x00006e58 addiu a3, zero, 0xb | a3 = 0xb;
0x00006e5c addiu a2, zero, 1 | a2 = 1;
0x00006e60 addiu a1, zero, 0xb | a1 = 0xb;
0x00006e64 jalr t9 | t9 ();
0x00006e68 lw gp, 0x30(sp) | gp = *(var_30h);
| label_0:
0x00006e6c lw v0, 0x50(sp) | v0 = *(var_50h);
0x00006e70 addiu fp, s4, -0x6a24 | fp = s4 + -0x6a24;
0x00006e74 addiu a0, v0, -0x7394 | a0 = v0 + -0x7394;
0x00006e78 lw v0, 0x84(sp) | v0 = *(var_84h);
0x00006e7c lw t0, 4(a0) | t0 = *((a0 + 1));
0x00006e80 lhu a3, 8(a0) | a3 = *((a0 + 4));
0x00006e84 lbu a2, 0xa(a0) | a2 = *((a0 + 10));
0x00006e88 lw v1, 0x54(sp) | v1 = *(var_54h);
0x00006e8c andi a0, v0, 0xf000 | a0 = v0 & 0xf000;
0x00006e90 addiu a1, zero, 0x4000 | a1 = 0x4000;
0x00006e94 sw v1, -0x6a24(s4) | *((s4 - 6793)) = v1;
0x00006e98 sw t0, 4(fp) | *(arg_4h) = t0;
0x00006e9c sh a3, 8(fp) | *(arg_8h) = a3;
0x00006ea0 sb a2, 0xa(fp) | *(arg_ah) = a2;
| if (a0 == a1) {
0x00006ea4 beq a0, a1, 0x735c | goto label_10;
| }
0x00006ea8 addiu a1, zero, 0x2000 | a1 = 0x2000;
0x00006eac addiu a1, zero, 0x63 | a1 = 0x63;
| if (a0 != a1) {
0x00006eb0 bne a0, a1, 0x7344 | goto label_11;
| }
0x00006eb4 sb a1, -0x6a24(s4) | *((s4 - 27172)) = a1;
| label_3:
0x00006eb8 ori a1, zero, 0xc000 | a1 = 0xc000;
| label_4:
0x00006ebc addiu a0, zero, 0x73 | a0 = 0x73;
| if (a0 == a1) {
0x00006ec0 bne a0, a1, 0x6ec8 |
0x00006ec4 sb a0, -0x6a24(s4) | *((s4 - 27172)) = a0;
| }
| label_2:
0x00006ec8 andi a0, v0, 0x100 | a0 = v0 & 0x100;
0x00006ecc andi a0, v0, 0x80 | a0 = v0 & 0x80;
| if (a0 != 0) {
0x00006ed0 beqz a0, 0x6ee0 |
0x00006ed4 addiu a0, zero, 0x72 | a0 = 0x72;
0x00006ed8 sb a0, 1(fp) | *(arg_1h) = a0;
0x00006edc andi a0, v0, 0x80 | a0 = v0 & 0x80;
| }
0x00006ee0 andi a2, v0, 0x40 | a2 = v0 & 0x40;
| if (a0 != 0) {
0x00006ee4 beqz a0, 0x6ef0 |
0x00006ee8 addiu a0, zero, 0x77 | a0 = 0x77;
0x00006eec sb a0, 2(fp) | *(arg_2h) = a0;
| }
0x00006ef0 andi a0, v0, 0x20 | a0 = v0 & 0x20;
| if (a2 != 0) {
0x00006ef4 beqz a2, 0x6f04 |
0x00006ef8 addiu a0, zero, 0x78 | a0 = 0x78;
0x00006efc sb a0, 3(fp) | *(arg_3h) = a0;
0x00006f00 andi a0, v0, 0x20 | a0 = v0 & 0x20;
| }
0x00006f04 andi a0, v0, 0x10 | a0 = v0 & 0x10;
| if (a0 != 0) {
0x00006f08 beqz a0, 0x6f18 |
0x00006f0c addiu a0, zero, 0x72 | a0 = 0x72;
0x00006f10 sb a0, 4(fp) | *(arg_4h) = a0;
0x00006f14 andi a0, v0, 0x10 | a0 = v0 & 0x10;
| }
0x00006f18 andi a1, v0, 8 | a1 = v0 & 8;
| if (a0 != 0) {
0x00006f1c beqz a0, 0x6f28 |
0x00006f20 addiu a0, zero, 0x77 | a0 = 0x77;
0x00006f24 sb a0, 5(fp) | *(arg_5h) = a0;
| }
0x00006f28 andi a0, v0, 4 | a0 = v0 & 4;
| if (a1 != 0) {
0x00006f2c beqz a1, 0x6f3c |
0x00006f30 addiu a0, zero, 0x78 | a0 = 0x78;
0x00006f34 sb a0, 6(fp) | *(arg_6h) = a0;
0x00006f38 andi a0, v0, 4 | a0 = v0 & 4;
| }
0x00006f3c andi a0, v0, 2 | a0 = v0 & 2;
| if (a0 != 0) {
0x00006f40 beqz a0, 0x6f50 |
0x00006f44 addiu a0, zero, 0x72 | a0 = 0x72;
0x00006f48 sb a0, 7(fp) | *(arg_7h) = a0;
0x00006f4c andi a0, v0, 2 | a0 = v0 & 2;
| }
0x00006f50 andi a0, v0, 1 | a0 = v0 & 1;
| if (a0 != 0) {
0x00006f54 beqz a0, 0x6f64 |
0x00006f58 addiu a0, zero, 0x77 | a0 = 0x77;
0x00006f5c sb a0, 8(fp) | *(arg_8h) = a0;
0x00006f60 andi a0, v0, 1 | a0 = v0 & 1;
| }
0x00006f64 andi a3, v0, 0x800 | a3 = v0 & 0x800;
| if (a0 != 0) {
0x00006f68 beqz a0, 0x6f78 |
0x00006f6c addiu a3, zero, 0x78 | a3 = 0x78;
0x00006f70 sb a3, 9(fp) | *(arg_9h) = a3;
0x00006f74 andi a3, v0, 0x800 | a3 = v0 & 0x800;
| }
| if (a3 != 0) {
0x00006f78 beql a3, zero, 0x6f94 |
0x00006f7c andi a2, v0, 0x400 | a2 = v0 & 0x400;
0x00006f80 addiu t0, zero, 0x73 | t0 = 0x73;
0x00006f84 addiu a3, zero, 0x53 | a3 = 0x53;
| if (a2 == 0) {
0x00006f88 movn a3, t0, a2 | a3 = t0;
| }
0x00006f8c sb a3, 3(fp) | *(arg_3h) = a3;
0x00006f90 andi a2, v0, 0x400 | a2 = v0 & 0x400;
| }
0x00006f94 andi v0, v0, 0x200 | v0 &= 0x200;
| if (a2 != 0) {
0x00006f98 beqz a2, 0x6fac |
0x00006f9c addiu a3, zero, 0x73 | a3 = 0x73;
0x00006fa0 addiu a2, zero, 0x53 | a2 = 0x53;
| if (a1 == 0) {
0x00006fa4 movn a2, a3, a1 | a2 = a3;
| }
0x00006fa8 sb a2, 6(fp) | *(arg_6h) = a2;
| }
0x00006fac lw v0, 0x88(sp) | v0 = *(var_88h);
| if (v0 != 0) {
0x00006fb0 beqz v0, 0x6fc8 |
0x00006fb4 addiu a1, zero, 0x74 | a1 = 0x74;
0x00006fb8 addiu v0, zero, 0x54 | v0 = 0x54;
| if (a0 == 0) {
0x00006fbc movn v0, a1, a0 | v0 = a1;
| }
0x00006fc0 sb v0, 9(fp) | *(arg_9h) = v0;
0x00006fc4 lw v0, 0x88(sp) | v0 = *(var_88h);
| }
0x00006fc8 lw t9, -0x7d4c(gp) | t9 = sym.imp.time;
0x00006fcc sw v0, 0x38(sp) | *(var_38h) = v0;
0x00006fd0 lw v0, 0xb0(sp) | v0 = *(var_b0h);
0x00006fd4 addiu a0, sp, 0x6c | a0 = sp + 0x6c;
0x00006fd8 sw v0, 0x68(sp) | *(var_68h) = v0;
0x00006fdc jalr t9 | t9 ();
0x00006fe0 lw gp, 0x30(sp) | gp = *(var_30h);
0x00006fe4 addiu a0, sp, 0x68 | a0 = sp + 0x68;
0x00006fe8 lw a3, -0x7fc0(gp) | a3 = *((gp - 8176));
0x00006fec lw t9, -0x7d5c(gp) | t9 = sym.imp.ctime;
0x00006ff0 sw a3, 0x3c(sp) | *(var_3ch) = a3;
0x00006ff4 jalr t9 | t9 ();
0x00006ff8 lw gp, 0x30(sp) | gp = *(var_30h);
0x00006ffc lw a3, 0x3c(sp) | a3 = *(var_3ch);
0x00007000 addiu a2, zero, 0x1a | a2 = 0x1a;
0x00007004 addiu s7, a3, -0x6a40 | s7 = a3 + -0x6a40;
0x00007008 lw t9, -0x7e14(gp) | t9 = sym.imp.__strcpy_chk
0x0000700c move a0, s7 | a0 = s7;
0x00007010 addiu a1, v0, 4 | a1 = v0 + 4;
0x00007014 move s6, v0 | s6 = v0;
0x00007018 jalr t9 | t9 ();
0x0000701c lb a0, 4(s7) | a0 = *((s7 + 4));
0x00007020 addiu v0, zero, 0x30 | v0 = 0x30;
0x00007024 lw gp, 0x30(sp) | gp = *(var_30h);
0x00007028 sb zero, 0xc(s7) | *((s7 + 12)) = 0;
| if (a0 == v0) {
0x0000702c bne a0, v0, 0x7038 |
0x00007030 addiu v0, zero, 0x20 | v0 = 0x20;
0x00007034 sb v0, 4(s7) | *((s7 + 4)) = v0;
| }
0x00007038 lw v0, 0x68(sp) | v0 = *(var_68h);
0x0000703c lw a0, 0x6c(sp) | a0 = *(var_6ch);
0x00007040 slt a1, a0, v0 | a1 = (a0 < v0) ? 1 : 0;
0x00007044 lui a1, 0xfe1e | a1 = 0xfe1e0000;
| if (a1 == 0) {
0x00007048 bnez a1, 0x7060 |
0x0000704c ori a1, a1, 0xcc80 | a1 |= 0xcc80;
0x00007050 addu a0, a0, a1 | a0 += a1;
0x00007054 slt v0, v0, a0 | v0 = (v0 < a0) ? 1 : 0;
0x00007058 lw v0, 0x40(sp) | v0 = *(var_40h);
| if (v0 == 0) {
0x0000705c beqz v0, 0x7088 | goto label_12;
| }
| }
0x00007060 lw a0, -0x7fc0(gp) | a0 = *((gp - 8176));
0x00007064 lw t9, -0x7e04(gp) | t9 = sym.imp.strncpy;
0x00007068 addiu v0, zero, 0x20 | v0 = 0x20;
0x0000706c addiu a2, zero, 4 | a2 = 4;
0x00007070 addiu a1, s6, 0x14 | a1 = s6 + 0x14;
0x00007074 addiu a0, a0, -0x6a38 | a0 += -0x6a38;
0x00007078 sb v0, 7(s7) | *((s7 + 7)) = v0;
0x0000707c jalr t9 | t9 ();
0x00007080 lw gp, 0x30(sp) | gp = *(var_30h);
0x00007084 lw v0, 0x40(sp) | v0 = *(var_40h);
| label_12:
0x00007088 lw s6, -0x7fc0(gp) | s6 = *((gp - 8176));
0x0000708c sw v0, 0x24(sp) | *(var_24h_2) = v0;
0x00007090 lw v0, 0x38(sp) | v0 = *(var_38h);
0x00007094 lw t9, -0x7d04(gp) | t9 = sym.imp.__snprintf_chk;
0x00007098 sw v0, 0x18(sp) | *(var_18h) = v0;
0x0000709c lw v0, -0x7fb8(gp) | v0 = *((gp - 8174));
0x000070a0 addiu s2, s2, -0x6818 | s2 += -0x6818;
0x000070a4 addiu v0, v0, -0x7388 | v0 += -0x7388;
0x000070a8 addiu s1, s1, -0x67ec | s1 += -0x67ec;
0x000070ac addiu a3, zero, 0x200 | a3 = 0x200;
0x000070b0 addiu a2, zero, 1 | a2 = 1;
0x000070b4 addiu a1, zero, 0x200 | a1 = 0x200;
0x000070b8 addiu a0, s6, -0x6a18 | a0 = s6 + -0x6a18;
0x000070bc sw s7, 0x28(sp) | *(var_28h_2) = s7;
0x000070c0 sw s2, 0x20(sp) | *(var_20h_2) = s2;
0x000070c4 sw s1, 0x1c(sp) | *(var_1ch_2) = s1;
0x000070c8 sw fp, 0x14(sp) | *(var_14h) = fp;
0x000070cc sw v0, 0x10(sp) | *(var_10h_2) = v0;
0x000070d0 jalr t9 | t9 ();
0x000070d4 lw gp, 0x30(sp) | gp = *(var_30h);
0x000070d8 lw t9, -0x7dd0(gp) | t9 = *(gp);
0x000070dc addiu a0, s6, -0x6a18 | a0 = s6 + -0x6a18;
0x000070e0 jalr t9 | t9 ();
0x000070e4 lw gp, 0x30(sp) | gp = *(var_30h);
0x000070e8 move a2, v0 | a2 = v0;
0x000070ec addiu a1, s6, -0x6a18 | a1 = s6 + -0x6a18;
0x000070f0 lw t9, -0x7f04(gp) | t9 = sym.write_to_fd;
0x000070f4 move a0, s5 | a0 = s5;
0x000070f8 bal 0x6000 | sym_write_to_fd ();
0x000070fc lw gp, 0x30(sp) | gp = *(var_30h);
| if (v0 < 0) {
0x00007100 bltz v0, 0x7468 | goto label_13;
| }
0x00007104 lw t9, -0x7dd0(gp) | t9 = *(gp);
0x00007108 move a0, s0 | a0 = s0;
0x0000710c jalr t9 | t9 ();
0x00007110 lw gp, 0x30(sp) | gp = *(var_30h);
0x00007114 move a2, v0 | a2 = v0;
0x00007118 move a1, s0 | a1 = s0;
0x0000711c lw t9, -0x7f04(gp) | t9 = sym.write_to_fd;
0x00007120 move a0, s5 | a0 = s5;
0x00007124 bal 0x6000 | sym_write_to_fd ();
0x00007128 lw gp, 0x30(sp) | gp = *(var_30h);
| if (v0 < 0) {
0x0000712c bltz v0, 0x7468 | goto label_13;
| }
0x00007130 lw v0, 0x84(sp) | v0 = *(var_84h);
0x00007134 ori v1, zero, 0xa000 | v1 = 0xa000;
0x00007138 andi v0, v0, 0xf000 | v0 &= 0xf000;
0x0000713c lw t9, -0x7df0(gp) | t9 = sym.imp.memset;
| if (v0 == v1) {
0x00007140 beq v0, v1, 0x7390 | goto label_14;
| }
| label_5:
0x00007144 lw a1, -0x7fb8(gp) | a1 = *((gp - 8174));
| label_6:
0x00007148 lw t9, -0x7f04(gp) | t9 = sym.write_to_fd;
| label_7:
0x0000714c addiu a2, zero, 2 | a2 = 2;
0x00007150 addiu a1, a1, -0x7bec | a1 += -0x7bec;
0x00007154 move a0, s5 | a0 = s5;
0x00007158 bal 0x6000 | sym_write_to_fd ();
0x0000715c lw gp, 0x30(sp) | gp = *(var_30h);
| if (v0 < 0) {
0x00007160 bltz v0, 0x7468 | goto label_13;
| }
0x00007164 lw t9, -0x7e30(gp) | t9 = *(gp);
0x00007168 lw a0, 0x4c(sp) | a0 = *(var_4ch);
0x0000716c jalr t9 | t9 ();
0x00007170 move s0, v0 | s0 = v0;
0x00007174 lw gp, 0x30(sp) | gp = *(var_30h);
| if (v0 == 0) {
0x00007178 beqz v0, 0x74d0 | goto label_15;
| }
0x0000717c lw a0, 0x44(sp) | a0 = *(var_44h);
0x00007180 addiu v0, zero, 0x2e | v0 = 0x2e;
0x00007184 sb zero, 0x19c(sp) | *(var_19ch) = 0;
0x00007188 lb v1, (a0) | v1 = *(a0);
0x0000718c lw t9, -0x7e04(gp) | t9 = sym.imp.strncpy;
| if (v1 != v0) {
0x00007190 bne v1, v0, 0x7300 | goto label_16;
| }
0x00007194 lb v0, 1(a0) | v0 = *((a0 + 1));
0x00007198 addiu s3, sp, 0x19c | s3 = sp + 0x19c;
| if (v0 != 0) {
0x0000719c bnez v0, 0x7304 | goto label_17;
| }
| label_1:
0x000071a0 lw t9, -0x7cf8(gp) | t9 = sym.imp.__strcat_chk;
0x000071a4 addiu s0, s0, 0xb | s0 += 0xb;
0x000071a8 addiu a2, zero, 0x200 | a2 = 0x200;
0x000071ac move a1, s0 | a1 = s0;
0x000071b0 move a0, s3 | a0 = s3;
0x000071b4 jalr t9 | t9 ();
0x000071b8 lw gp, 0x30(sp) | gp = *(var_30h);
0x000071bc addiu a2, sp, 0x70 | a2 = sp + 0x70;
0x000071c0 move a1, s3 | a1 = s3;
0x000071c4 lw t9, -0x7e64(gp) | t9 = *(gp);
0x000071c8 addiu a0, zero, 3 | a0 = 3;
0x000071cc jalr t9 | t9 ();
0x000071d0 lw gp, 0x30(sp) | gp = *(var_30h);
| if (v0 < 0) {
0x000071d4 bltz v0, 0x7514 | goto label_18;
| }
0x000071d8 lw v0, 0x48(sp) | v0 = *(var_48h);
0x000071dc lw a0, 0x8c(sp) | a0 = *(var_8ch);
0x000071e0 lw v0, -0x67c4(v0) | v0 = *((v0 - 6641));
0x000071e4 lw s2, -0x7fc0(gp) | s2 = *((gp - 8176));
| if (v0 != 0) {
0x000071e8 beqz v0, 0x71f8 |
0x000071ec lw v0, -0x67c8(s2) | v0 = *((s2 - 6642));
| if (v0 == a0) {
0x000071f0 beql v0, a0, 0x7244 | goto label_19;
| }
0x000071f4 lw s1, -0x7fc0(gp) | s1 = *((gp - 8176));
| }
0x000071f8 lw t9, -0x7d1c(gp) | t9 = sym.imp.getpwuid;
0x000071fc jalr t9 | t9 ();
0x00007200 nop |
0x00007204 lw gp, 0x30(sp) | gp = *(var_30h);
0x00007208 lw s1, -0x7fc0(gp) | s1 = *((gp - 8176));
| if (v0 == 0) {
0x0000720c beqz v0, 0x74a0 | goto label_20;
| }
0x00007210 lw a2, -0x7fb8(gp) | a2 = *((gp - 8174));
0x00007214 lw t9, -0x7df8(gp) | t9 = sym.imp.snprintf;
0x00007218 lw a3, (v0) | a3 = *(v0);
0x0000721c addiu a2, a2, -0x7d60 | a2 += -0x7d60;
0x00007220 addiu a1, zero, 0x21 | a1 = 0x21;
0x00007224 addiu a0, s1, -0x67ec | a0 = s1 + -0x67ec;
0x00007228 jalr t9 | t9 ();
0x0000722c lw gp, 0x30(sp) | gp = *(var_30h);
| label_9:
0x00007230 lw v0, 0x8c(sp) | v0 = *(var_8ch);
0x00007234 lw v1, 0x48(sp) | v1 = *(var_48h);
0x00007238 sw v0, -0x67c8(s2) | *((s2 - 6642)) = v0;
0x0000723c addiu v0, zero, 1 | v0 = 1;
0x00007240 sw v0, -0x67c4(v1) | *((v1 - 6641)) = v0;
| label_19:
0x00007244 lw s6, -0x7fc0(gp) | s6 = *((gp - 8176));
0x00007248 lw a0, 0x90(sp) | a0 = *(var_90h);
0x0000724c lw v0, -0x67f0(s6) | v0 = *((s6 - 6652));
0x00007250 lw fp, -0x7fc0(gp) | fp = *((gp - 8176));
| if (v0 != 0) {
0x00007254 beqz v0, 0x7264 |
0x00007258 lw v0, -0x67f4(fp) | v0 = *(var_67f4h);
| if (v0 == a0) {
0x0000725c beql v0, a0, 0x72ac | goto label_21;
| }
0x00007260 lw s2, -0x7fc0(gp) | s2 = *((gp - 8176));
| }
0x00007264 lw t9, -0x7ea4(gp) | t9 = *(gp);
0x00007268 jalr t9 | t9 ();
0x0000726c nop |
0x00007270 lw gp, 0x30(sp) | gp = *(var_30h);
0x00007274 lw s2, -0x7fc0(gp) | s2 = *((gp - 8176));
| if (v0 == 0) {
0x00007278 beqz v0, 0x7470 | goto label_22;
| }
0x0000727c lw a2, -0x7fb8(gp) | a2 = *((gp - 8174));
0x00007280 lw t9, -0x7df8(gp) | t9 = sym.imp.snprintf;
0x00007284 lw a3, (v0) | a3 = *(v0);
0x00007288 addiu a2, a2, -0x7d60 | a2 += -0x7d60;
0x0000728c addiu a1, zero, 0x21 | a1 = 0x21;
0x00007290 addiu a0, s2, -0x6818 | a0 = s2 + -0x6818;
0x00007294 jalr t9 | t9 ();
0x00007298 lw gp, 0x30(sp) | gp = *(var_30h);
| label_8:
0x0000729c lw v0, 0x90(sp) | v0 = *(var_90h);
0x000072a0 sw v0, -0x67f4(fp) | *((fp - 6653)) = v0;
0x000072a4 addiu v0, zero, 1 | v0 = 1;
0x000072a8 sw v0, -0x67f0(s6) | *((s6 - 6652)) = v0;
| label_21:
0x000072ac lw v0, 0x84(sp) | v0 = *(var_84h);
0x000072b0 addiu v1, zero, 0x2000 | v1 = 0x2000;
0x000072b4 andi v0, v0, 0xb000 | v0 &= 0xb000;
0x000072b8 lw v0, 0x94(sp) | v0 = *(var_94h);
0x000072bc bne v0, v1, 0x6e3c |
| }
0x000072c0 lw t9, -0x7d04(gp) | t9 = sym.imp.__snprintf_chk;
0x000072c4 andi v1, v0, 0xff | v1 = v0 & 0xff;
0x000072c8 srl v0, v0, 8 | v0 >>= 8;
0x000072cc sw v0, 0x14(sp) | *(var_14h) = v0;
0x000072d0 lw v0, -0x7fb8(gp) | v0 = *((gp - 8174));
0x000072d4 addiu a0, sp, 0x190 | a0 = sp + 0x190;
0x000072d8 addiu v0, v0, -0x739c | v0 += -0x739c;
0x000072dc sw a0, 0x40(sp) | *(var_40h) = a0;
0x000072e0 sw v1, 0x18(sp) | *(var_18h) = v1;
0x000072e4 sw v0, 0x10(sp) | *(var_10h_2) = v0;
0x000072e8 addiu a3, zero, 0xb | a3 = 0xb;
0x000072ec addiu a2, zero, 1 | a2 = 1;
0x000072f0 addiu a1, zero, 0xb | a1 = 0xb;
0x000072f4 jalr t9 | t9 ();
0x000072f8 lw gp, 0x30(sp) | gp = *(var_30h);
0x000072fc b 0x6e6c | goto label_0;
| label_16:
0x00007300 addiu s3, sp, 0x19c | s3 = sp + 0x19c;
| label_17:
0x00007304 lw a1, 0x44(sp) | a1 = *(var_44h);
0x00007308 addiu a2, zero, 0x1ff | a2 = 0x1ff;
0x0000730c move a0, s3 | a0 = s3;
0x00007310 jalr t9 | t9 ();
0x00007314 lw v0, 0x5c(sp) | v0 = *(var_5ch);
0x00007318 lw gp, 0x30(sp) | gp = *(var_30h);
0x0000731c sb zero, 0x39b(sp) | *(var_39bh) = 0;
| if (v0 != 0) {
0x00007320 bnez v0, 0x71a0 | goto label_1;
| }
0x00007324 lw v0, 0x60(sp) | v0 = *(var_60h);
0x00007328 lw t9, -0x7cf8(gp) | t9 = sym.imp.__strcat_chk;
0x0000732c addiu a2, zero, 0x200 | a2 = 0x200;
0x00007330 addiu a1, v0, -0x73a0 | a1 = v0 + -0x73a0;
0x00007334 move a0, s3 | a0 = s3;
0x00007338 jalr t9 | t9 ();
0x0000733c lw gp, 0x30(sp) | gp = *(var_30h);
0x00007340 b 0x71a0 | goto label_1;
| label_11:
0x00007344 addiu a1, zero, 0x6000 | a1 = sym.write_to_fd;
0x00007348 addiu a1, zero, 0x1000 | a1 = 0x1000;
| if (a0 == a1) {
0x0000734c bne a0, a1, 0x7368 |
0x00007350 addiu a0, zero, 0x62 | a0 = 0x62;
0x00007354 sb a0, -0x6a24(s4) | *((s4 - 27172)) = a0;
0x00007358 b 0x6ec8 | goto label_2;
| label_10:
0x0000735c addiu a1, zero, 0x64 | a1 = 0x64;
0x00007360 sb a1, -0x6a24(s4) | *((s4 - 27172)) = a1;
0x00007364 b 0x6eb8 | goto label_3;
| }
0x00007368 ori a1, zero, 0xa000 | a1 = 0xa000;
| if (a0 == a1) {
0x0000736c bne a0, a1, 0x737c |
0x00007370 addiu a0, zero, 0x70 | a0 = 0x70;
0x00007374 sb a0, -0x6a24(s4) | *((s4 - 27172)) = a0;
0x00007378 b 0x6ec8 | goto label_2;
| }
0x0000737c ori a1, zero, 0xc000 | a1 = 0xc000;
| if (a0 != a1) {
0x00007380 bne a0, a1, 0x6ebc | goto label_4;
| }
0x00007384 addiu a0, zero, 0x6c | a0 = 0x6c;
0x00007388 sb a0, -0x6a24(s4) | *((s4 - 27172)) = a0;
0x0000738c b 0x6ec8 | goto label_2;
| label_14:
0x00007390 addiu s0, sp, 0x39c | s0 = sp + 0x39c;
0x00007394 addiu a2, zero, 0x200 | a2 = 0x200;
0x00007398 move a1, zero | a1 = 0;
0x0000739c move a0, s0 | a0 = s0;
0x000073a0 jalr t9 | t9 ();
0x000073a4 lw gp, 0x30(sp) | gp = *(var_30h);
0x000073a8 addiu a2, zero, 4 | a2 = 4;
0x000073ac move a0, s5 | a0 = s5;
0x000073b0 lw a1, -0x7fb8(gp) | a1 = *((gp - 8174));
0x000073b4 lw t9, -0x7f04(gp) | t9 = sym.write_to_fd;
0x000073b8 addiu a1, a1, -0x7368 | a1 += -0x7368;
0x000073bc bal 0x6000 | sym_write_to_fd ();
0x000073c0 lw gp, 0x30(sp) | gp = *(var_30h);
| if (v0 < 0) {
0x000073c4 bltz v0, 0x7468 | goto label_13;
| }
0x000073c8 lw t9, -0x7d78(gp) | t9 = sym.imp.readlink;
0x000073cc addiu a2, zero, 0x200 | a2 = 0x200;
0x000073d0 move a1, s0 | a1 = s0;
0x000073d4 move a0, s3 | a0 = s3;
0x000073d8 jalr t9 | t9 ();
0x000073dc move s1, v0 | s1 = v0;
0x000073e0 lw gp, 0x30(sp) | gp = *(var_30h);
| if (v0 < 0) {
0x000073e4 bltz v0, 0x7144 | goto label_5;
| }
0x000073e8 lw t9, -0x7f04(gp) | t9 = sym.write_to_fd;
0x000073ec move a2, v0 | a2 = v0;
0x000073f0 move a1, s0 | a1 = s0;
0x000073f4 move a0, s5 | a0 = s5;
0x000073f8 bal 0x6000 | sym_write_to_fd ();
0x000073fc lw gp, 0x30(sp) | gp = *(var_30h);
| if (v0 < 0) {
0x00007400 bltz v0, 0x7468 | goto label_13;
| }
0x00007404 lw t9, -0x7e64(gp) | t9 = *(gp);
0x00007408 addiu a2, sp, 0x100 | a2 = sp + 0x100;
0x0000740c move a1, s0 | a1 = s0;
0x00007410 addiu a0, zero, 3 | a0 = 3;
0x00007414 jalr t9 | t9 ();
0x00007418 lw gp, 0x30(sp) | gp = *(var_30h);
| if (v0 < 0) {
0x0000741c bltz v0, 0x7144 | goto label_5;
| }
0x00007420 lw v0, 0x114(sp) | v0 = *(var_114h);
0x00007424 addiu v1, zero, 0x4000 | v1 = 0x4000;
0x00007428 andi v0, v0, 0xf000 | v0 &= 0xf000;
0x0000742c lw a1, -0x7fb8(gp) | a1 = *((gp - 8174));
| if (v0 != v1) {
0x00007430 bne v0, v1, 0x7148 | goto label_6;
| }
0x00007434 addiu v0, sp, 0x5a0 | v0 = sp + 0x5a0;
0x00007438 addu s1, v0, s1 | s1 = v0 + s1;
0x0000743c addiu v0, zero, 0x2f | v0 = 0x2f;
0x00007440 lb v1, -0x205(s1) | v1 = *((s1 - 517));
0x00007444 lw t9, -0x7f04(gp) | t9 = sym.write_to_fd;
| if (v1 == v0) {
0x00007448 beq v1, v0, 0x714c | goto label_7;
| }
0x0000744c lw v0, 0x60(sp) | v0 = *(var_60h);
0x00007450 addiu a2, zero, 1 | a2 = 1;
0x00007454 addiu a1, v0, -0x73a0 | a1 = v0 + -0x73a0;
0x00007458 move a0, s5 | a0 = s5;
0x0000745c bal 0x6000 | sym_write_to_fd ();
0x00007460 lw gp, 0x30(sp) | gp = *(var_30h);
| if (v0 >= 0) {
0x00007464 bgez v0, 0x7144 | goto label_5;
| }
| label_13:
0x00007468 addiu v0, zero, -1 | v0 = -1;
0x0000746c b 0x74d4 | goto label_23;
| label_22:
0x00007470 lw v0, 0x90(sp) | v0 = *(var_90h);
0x00007474 lw t9, -0x7d04(gp) | t9 = sym.imp.__snprintf_chk;
0x00007478 sw v0, 0x14(sp) | *(var_14h) = v0;
0x0000747c lw v0, 0x58(sp) | v0 = *(var_58h);
0x00007480 addiu a3, zero, 0x21 | a3 = 0x21;
0x00007484 sw v0, 0x10(sp) | *(var_10h_2) = v0;
0x00007488 addiu a2, zero, 1 | a2 = 1;
0x0000748c addiu a1, zero, 0x21 | a1 = 0x21;
0x00007490 addiu a0, s2, -0x6818 | a0 = s2 + -0x6818;
0x00007494 jalr t9 | t9 ();
0x00007498 lw gp, 0x30(sp) | gp = *(var_30h);
0x0000749c b 0x729c | goto label_8;
| label_20:
0x000074a0 lw v0, 0x8c(sp) | v0 = *(var_8ch);
0x000074a4 lw t9, -0x7d04(gp) | t9 = sym.imp.__snprintf_chk;
0x000074a8 sw v0, 0x14(sp) | *(var_14h) = v0;
0x000074ac lw v0, 0x58(sp) | v0 = *(var_58h);
0x000074b0 addiu a3, zero, 0x21 | a3 = 0x21;
0x000074b4 sw v0, 0x10(sp) | *(var_10h_2) = v0;
0x000074b8 addiu a2, zero, 1 | a2 = 1;
0x000074bc addiu a1, zero, 0x21 | a1 = 0x21;
0x000074c0 addiu a0, s1, -0x67ec | a0 = s1 + -0x67ec;
0x000074c4 jalr t9 | t9 ();
0x000074c8 lw gp, 0x30(sp) | gp = *(var_30h);
0x000074cc b 0x7230 | goto label_9;
| label_15:
0x000074d0 move v0, zero | v0 = 0;
| do {
| label_23:
0x000074d4 lw v1, 0x64(sp) | v1 = *(var_64h);
0x000074d8 lw a0, 0x59c(sp) | a0 = *(var_59ch);
0x000074dc lw v1, (v1) | v1 = *(v1);
0x000074e0 lw ra, 0x5c4(sp) | ra = *(var_5c4h);
| if (a0 != v1) {
0x000074e4 bne a0, v1, 0x752c | goto label_24;
| }
0x000074e8 lw fp, 0x5c0(sp) | fp = *(var_5c0h);
0x000074ec lw s7, 0x5bc(sp) | s7 = *(var_5bch);
0x000074f0 lw s6, 0x5b8(sp) | s6 = *(var_5b8h);
0x000074f4 lw s5, 0x5b4(sp) | s5 = *(var_5b4h);
0x000074f8 lw s4, 0x5b0(sp) | s4 = *(var_5b0h);
0x000074fc lw s3, 0x5ac(sp) | s3 = *(var_5ach);
0x00007500 lw s2, 0x5a8(sp) | s2 = *(var_5a8h);
0x00007504 lw s1, 0x5a4(sp) | s1 = *(var_5a4h);
0x00007508 lw s0, 0x5a0(sp) | s0 = *(var_5a0h);
0x0000750c addiu sp, sp, 0x5c8 |
0x00007510 jr ra | return v0;
| label_18:
0x00007514 lw t9, -0x7d88(gp) | t9 = sym.imp.perror;
0x00007518 move a0, s3 | a0 = s3;
0x0000751c jalr t9 | t9 ();
0x00007520 lw gp, 0x30(sp) | gp = *(var_30h);
0x00007524 addiu v0, zero, -1 | v0 = -1;
0x00007528 b 0x74d4 |
| } while (1);
| label_24:
0x0000752c lw t9, -0x7d64(gp) | t9 = sym.imp.__stack_chk_fail;
0x00007530 jalr t9 | t9 ();
0x00007534 nop |
0x00007538 nop |
0x0000753c nop |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/vftpd @ 0x5eb4 */
| #include <stdint.h>
|
; (fcn) sym.set_banner () | void set_banner () {
0x00005eb4 lui gp, 2 |
0x00005eb8 addiu gp, gp, -0x4da4 |
0x00005ebc addu gp, gp, t9 | gp += t9;
0x00005ec0 addiu sp, sp, -0x28 |
0x00005ec4 lw a1, -0x7fdc(gp) | a1 = *(gp);
0x00005ec8 lw a0, -0x7fdc(gp) | a0 = *(gp);
0x00005ecc lw t9, -0x7d20(gp) | t9 = sym.imp.fopen;
0x00005ed0 addiu a1, a1, 0x7f90 | a1 += 0x7f90;
0x00005ed4 sw gp, 0x10(sp) | *(var_10h) = gp;
0x00005ed8 sw ra, 0x24(sp) | *(var_24h) = ra;
0x00005edc sw s1, 0x20(sp) | *(var_20h) = s1;
0x00005ee0 sw s0, 0x1c(sp) | *(var_1ch) = s0;
0x00005ee4 addiu a0, a0, 0x7f80 | a0 += str._etc_vftpd.banner;
0x00005ee8 jalr t9 | t9 ();
0x00005eec lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 != 0) {
0x00005ef0 beqz v0, 0x5fc8 |
0x00005ef4 move s1, v0 | s1 = v0;
0x00005ef8 lw v0, -0x7fc0(gp) | v0 = *((gp - 8176));
0x00005efc lw a0, -0x7fc0(gp) | a0 = *((gp - 8176));
0x00005f00 addiu s0, v0, -0x6bbc | s0 = v0 + -0x6bbc;
0x00005f04 lui v1, 0x2030 | v1 = 0x20300000;
0x00005f08 lw t9, -0x7d44(gp) | t9 = sym.imp.fgets;
0x00005f0c addiu v1, v1, 0x3232 | v1 += 0x3232;
0x00005f10 sw v1, -0x6bbc(v0) | *((v0 - 6895)) = v1;
0x00005f14 move a2, s1 | a2 = s1;
0x00005f18 addiu a1, zero, 0x49 | a1 = 0x49;
0x00005f1c addiu a0, a0, -0x6bb8 | a0 += -0x6bb8;
0x00005f20 sb zero, 4(s0) | *((s0 + 4)) = 0;
0x00005f24 jalr t9 | t9 ();
0x00005f28 lw gp, 0x10(sp) | gp = *(var_10h);
0x00005f2c lw t9, -0x7e48(gp) | t9 = *(gp);
0x00005f30 move a0, s1 | a0 = s1;
0x00005f34 jalr t9 | t9 ();
0x00005f38 lw gp, 0x10(sp) | gp = *(var_10h);
0x00005f3c addiu a1, zero, 0xa | a1 = 0xa;
0x00005f40 lw t9, -0x7dc4(gp) | t9 = sym.imp.strchr;
0x00005f44 move a0, s0 | a0 = s0;
0x00005f48 jalr t9 | t9 ();
0x00005f4c lw gp, 0x10(sp) | gp = *(var_10h);
| if (v0 != 0) {
0x00005f50 beqz v0, 0x5f8c |
0x00005f54 lb a0, -1(v0) | a0 = *((v0 - 1));
0x00005f58 addiu v1, zero, 0xd | v1 = 0xd;
0x00005f5c lw ra, 0x24(sp) | ra = *(var_24h);
| if (a0 != v1) {
0x00005f60 beq a0, v1, 0x5f78 |
0x00005f64 sb v1, (v0) | *(v0) = v1;
0x00005f68 addiu v1, zero, 0xa | v1 = 0xa;
0x00005f6c sb v1, 1(v0) | *((v0 + 1)) = v1;
0x00005f70 sb zero, 2(v0) | *((v0 + 2)) = 0;
0x00005f74 lw ra, 0x24(sp) | ra = *(var_24h);
| }
0x00005f78 move v0, s0 | v0 = s0;
0x00005f7c lw s1, 0x20(sp) | s1 = *(var_20h);
0x00005f80 lw s0, 0x1c(sp) | s0 = *(var_1ch);
0x00005f84 addiu sp, sp, 0x28 |
0x00005f88 jr ra | return v0;
| }
0x00005f8c lw t9, -0x7dd0(gp) | t9 = *(gp);
0x00005f90 move a0, s0 | a0 = s0;
0x00005f94 jalr t9 | t9 ();
0x00005f98 addu v0, s0, v0 | v0 = s0 + v0;
0x00005f9c addiu v1, zero, 0xd | v1 = 0xd;
0x00005fa0 sb v1, (v0) | *(v0) = v1;
0x00005fa4 addiu v1, zero, 0xa | v1 = 0xa;
0x00005fa8 sb v1, 1(v0) | *((v0 + 1)) = v1;
0x00005fac sb zero, 2(v0) | *((v0 + 2)) = 0;
0x00005fb0 lw ra, 0x24(sp) | ra = *(var_24h);
0x00005fb4 move v0, s0 | v0 = s0;
0x00005fb8 lw s1, 0x20(sp) | s1 = *(var_20h);
0x00005fbc lw s0, 0x1c(sp) | s0 = *(var_1ch);
0x00005fc0 addiu sp, sp, 0x28 |
0x00005fc4 jr ra | return v0;
| }
0x00005fc8 lw v1, -0x7fa4(gp) | v1 = *(gp);
0x00005fcc lw v0, -0x7fc0(gp) | v0 = *((gp - 8176));
0x00005fd0 lw t9, -0x7e14(gp) | t9 = sym.imp.__strcpy_chk
0x00005fd4 lw a1, (v1) | a1 = *(v1);
0x00005fd8 addiu a0, v0, -0x6bbc | a0 = v0 + -0x6bbc;
0x00005fdc addiu a2, zero, 0x50 | a2 = 0x50;
0x00005fe0 move s0, a0 | s0 = a0;
0x00005fe4 jalr t9 | t9 ();
0x00005fe8 lw ra, 0x24(sp) | ra = *(var_24h);
0x00005fec move v0, s0 | v0 = s0;
0x00005ff0 lw s1, 0x20(sp) | s1 = *(var_20h);
0x00005ff4 lw s0, 0x1c(sp) | s0 = *(var_1ch);
0x00005ff8 addiu sp, sp, 0x28 |
0x00005ffc jr ra | return v0;
| }
[*] Function strcpy used 4 times vftpd
