[*] Binary protection state of dptzd
Full RELRO Canary found NX disabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function printf tear down of dptzd
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/bin/dptzd @ 0x58b0 */
| #include <stdint.h>
|
; (fcn) sym.ptz_driver_digital_sensor_query_attributes () | void ptz_driver_digital_sensor_query_attributes () {
0x000058b0 lui gp, 2 |
0x000058b4 addiu gp, gp, 0x48a0 |
0x000058b8 addu gp, gp, t9 | gp += t9;
0x000058bc addiu sp, sp, -0x40 |
0x000058c0 lw t9, -0x7fbc(gp) | t9 = sym.ptz_driver_digital_get_type;
0x000058c4 sw ra, 0x3c(sp) | *(var_3ch) = ra;
0x000058c8 sw gp, 0x18(sp) | *(var_18h) = gp;
0x000058cc sw s5, 0x34(sp) | *(var_34h) = s5;
0x000058d0 sw s2, 0x28(sp) | *(var_28h) = s2;
0x000058d4 sw s1, 0x24(sp) | *(var_24h) = s1;
0x000058d8 sw s0, 0x20(sp) | *(var_20h) = s0;
0x000058dc sw a0, 0x40(sp) | *(arg_40h) = a0;
0x000058e0 sw s6, 0x38(sp) | *(var_38h) = s6;
0x000058e4 sw s4, 0x30(sp) | *(var_30h) = s4;
0x000058e8 sw s3, 0x2c(sp) | *(var_2ch) = s3;
0x000058ec move s5, a2 | s5 = a2;
0x000058f0 move s0, a1 | s0 = a1;
0x000058f4 bal 0x3050 | sym_ptz_driver_digital_get_type ();
0x000058f8 lw gp, 0x18(sp) | gp = *(var_18h);
0x000058fc lw a0, 0x40(sp) | a0 = *(arg_40h);
0x00005900 lw t9, -0x7e30(gp) | t9 = sym.imp.g_type_check_instance_cast;
0x00005904 move a1, v0 | a1 = v0;
0x00005908 jalr t9 | t9 ();
0x0000590c lw gp, 0x18(sp) | gp = *(var_18h);
0x00005910 addiu a0, zero, 0x2c | a0 = 0x2c;
0x00005914 lw t9, -0x7e50(gp) | t9 = sym.imp.g_malloc0;
0x00005918 move s1, v0 | s1 = v0;
0x0000591c jalr t9 | t9 ();
0x00005920 move s2, v0 | s2 = v0;
0x00005924 lw gp, 0x18(sp) | gp = *(var_18h);
0x00005928 sw v0, (s5) | *(s5) = v0;
| if (s0 != 0) {
0x0000592c beqz s0, 0x593c |
0x00005930 lb v0, (s0) | v0 = *(s0);
0x00005934 lw a1, -0x7fd0(gp) | a1 = *(gp);
| if (v0 != 0) {
0x00005938 bnez v0, 0x5b00 | goto label_2;
| }
| }
| label_0:
0x0000593c lw a0, -0x7fd0(gp) | a0 = *(gp);
0x00005940 lw t9, -0x7da4(gp) | t9 = sym.imp.g_strdup_printf
0x00005944 lw a2, 0x1bc(s1) | a2 = *((s1 + 111));
0x00005948 lw a1, 0x1b8(s1) | a1 = *((s1 + 110));
| /* str.maxWindowwidth_dheight_d */
0x0000594c addiu a0, a0, 0x9ac | a0 += 0x9ac;
0x00005950 jalr t9 | t9 ();
0x00005954 lw gp, 0x18(sp) | gp = *(var_18h);
0x00005958 lw a2, 0x1c4(s1) | a2 = *((s1 + 113));
0x0000595c lw a1, 0x1c0(s1) | a1 = *((s1 + 112));
0x00005960 lw a0, -0x7fd0(gp) | a0 = *(gp);
0x00005964 lw t9, -0x7da4(gp) | t9 = sym.imp.g_strdup_printf
| /* str.minWindowwidth_dheight_d */
0x00005968 addiu a0, a0, 0x9cc | a0 += 0x9cc;
0x0000596c sw v0, (s2) | *(s2) = v0;
0x00005970 lw s0, (s5) | s0 = *(s5);
0x00005974 jalr t9 | t9 ();
0x00005978 lw v1, 0x1b8(s1) | v1 = *((s1 + 110));
0x0000597c lw a0, 0x1c0(s1) | a0 = *((s1 + 112));
0x00005980 lw gp, 0x18(sp) | gp = *(var_18h);
0x00005984 slt v1, a0, v1 | v1 = (a0 < v1) ? 1 : 0;
0x00005988 sw v0, 4(s0) | *((s0 + 1)) = v0;
| if (v1 == 0) {
0x0000598c beqz v1, 0x5a90 | goto label_3;
| }
0x00005990 lw v0, (s1) | v0 = *(s1);
0x00005994 lw t9, 0x20c(v0) | t9 = *(v0);
0x00005998 move a0, s1 | a0 = s1;
0x0000599c jalr t9 | t9 ();
0x000059a0 move s6, v0 | s6 = v0;
0x000059a4 lw gp, 0x18(sp) | gp = *(var_18h);
0x000059a8 ori v0, zero, 0xffff | v0 = 0xffff;
0x000059ac addu v0, s6, v0 | v0 = s6 + v0;
0x000059b0 sra v1, s6, 0x1f | v1 = s6 >> 0x1f;
0x000059b4 sltu s2, v0, s6 | s2 = (v0 < s6) ? 1 : 0;
0x000059b8 addu s2, s2, v1 | s2 += v1;
0x000059bc lw a0, -0x7fd0(gp) | a0 = *(gp);
0x000059c0 srl v0, v0, 0x10 | v0 >>= 0x10;
0x000059c4 lw t9, -0x7d7c(gp) | t9 = sym.imp.g_string_new;
0x000059c8 sll s2, s2, 0x10 | s2 <<= 0x10;
0x000059cc or s2, s2, v0 | s2 |= v0;
| /* str.zoomStepsvalue1zoom1 */
0x000059d0 addiu a0, a0, 0x9ec | a0 += 0x9ec;
0x000059d4 jalr t9 | t9 ();
0x000059d8 slti v1, s2, 3 | v1 = (s2 < 3) ? 1 : 0;
0x000059dc lw gp, 0x18(sp) | gp = *(var_18h);
0x000059e0 move s3, v0 | s3 = v0;
| if (v1 != 0) {
0x000059e4 bnez v1, 0x5b5c | goto label_4;
| }
0x000059e8 lw s4, -0x7fd0(gp) | s4 = *(gp);
0x000059ec addiu s0, zero, 2 | s0 = 2;
| /* str._value_dzoom_d */
0x000059f0 addiu s4, s4, 0xa08 | s4 += 0xa08;
| do {
0x000059f4 lw v0, (s1) | v0 = *(s1);
0x000059f8 sll a1, s0, 0x10 | a1 = s0 << 0x10;
0x000059fc lw t9, 0x210(v0) | t9 = *((v0 + 132));
0x00005a00 move a0, s1 | a0 = s1;
0x00005a04 jalr t9 | t9 ();
0x00005a08 lw gp, 0x18(sp) | gp = *(var_18h);
0x00005a0c move a3, s0 | a3 = s0;
0x00005a10 move a2, v0 | a2 = v0;
0x00005a14 lw t9, -0x7e98(gp) | t9 = sym.imp.g_string_append_printf
0x00005a18 move a1, s4 | a1 = s4;
0x00005a1c move a0, s3 | a0 = s3;
0x00005a20 addiu s0, s0, 1 | s0++;
0x00005a24 jalr t9 | t9 ();
0x00005a28 lw gp, 0x18(sp) | gp = *(var_18h);
0x00005a2c bne s2, s0, 0x59f4 |
| } while (s2 != s0);
0x00005a30 lw t9, -0x7f70(gp) | t9 = *(gp);
| label_1:
0x00005a34 move a0, s6 | a0 = s6;
0x00005a38 bal 0xd850 | fcn_0000d850 ();
0x00005a3c lw gp, 0x18(sp) | gp = *(var_18h);
0x00005a40 move a0, v0 | a0 = v0;
0x00005a44 lw v0, -0x7e3c(gp) | v0 = *((gp - 8079));
0x00005a48 lw t9, -0x7f6c(gp) | t9 = *(gp);
0x00005a4c lw a1, 0x40(v0) | a1 = *((v0 + 16));
0x00005a50 bal 0xcfa0 | fcn_0000cfa0 ();
0x00005a54 lw gp, 0x18(sp) | gp = *(var_18h);
0x00005a58 lw t9, -0x7f64(gp) | t9 = *(gp);
0x00005a5c move a0, v0 | a0 = v0;
0x00005a60 bal 0xfd20 | fcn_0000fd20 ();
0x00005a64 lw gp, 0x18(sp) | gp = *(var_18h);
0x00005a68 sw v0, 0x10(sp) | *(var_10h) = v0;
0x00005a6c sw v1, 0x14(sp) | *(var_14h) = v1;
0x00005a70 lw a1, -0x7fd0(gp) | a1 = *(gp);
0x00005a74 lw t9, -0x7e98(gp) | t9 = sym.imp.g_string_append_printf
0x00005a78 addiu a2, zero, 0x270f | a2 = 0x270f;
| /* str._value_dzoom_f */
0x00005a7c addiu a1, a1, 0xa1c | a1 += 0xa1c;
0x00005a80 move a0, s3 | a0 = s3;
0x00005a84 jalr t9 | t9 ();
0x00005a88 lw gp, 0x18(sp) | gp = *(var_18h);
0x00005a8c b 0x5aa8 | goto label_5;
| label_3:
0x00005a90 lw a0, -0x7fd0(gp) | a0 = *(gp);
0x00005a94 lw t9, -0x7d7c(gp) | t9 = sym.imp.g_string_new;
| /* str.zoomStepsvalue1zoom1 */
0x00005a98 addiu a0, a0, 0x9ec | a0 += 0x9ec;
0x00005a9c jalr t9 | t9 ();
0x00005aa0 lw gp, 0x18(sp) | gp = *(var_18h);
0x00005aa4 move s3, v0 | s3 = v0;
| label_5:
0x00005aa8 lw v0, (s5) | v0 = *(s5);
| do {
0x00005aac lw v1, (s3) | v1 = *(s3);
0x00005ab0 lw t9, -0x7db0(gp) | t9 = sym.imp.g_string_free;
0x00005ab4 move a0, s3 | a0 = s3;
0x00005ab8 sw v1, 8(v0) | *((v0 + 2)) = v1;
0x00005abc move a1, zero | a1 = 0;
0x00005ac0 jalr t9 | t9 ();
0x00005ac4 lw v1, (s5) | v1 = *(s5);
0x00005ac8 addiu a0, zero, 0xc | a0 = 0xc;
0x00005acc lw ra, 0x3c(sp) | ra = *(var_3ch);
0x00005ad0 addu v1, v1, a0 | v1 += a0;
0x00005ad4 lw s6, 0x38(sp) | s6 = *(var_38h);
0x00005ad8 lw s5, 0x34(sp) | s5 = *(var_34h);
0x00005adc lw s4, 0x30(sp) | s4 = *(var_30h);
0x00005ae0 lw s3, 0x2c(sp) | s3 = *(var_2ch);
0x00005ae4 lw s2, 0x28(sp) | s2 = *(var_28h);
0x00005ae8 lw s1, 0x24(sp) | s1 = *(var_24h);
0x00005aec lw s0, 0x20(sp) | s0 = *(var_20h);
0x00005af0 addiu v0, zero, 1 | v0 = 1;
0x00005af4 sw zero, (v1) | *(v1) = 0;
0x00005af8 addiu sp, sp, 0x40 |
0x00005afc jr ra | return v0;
| label_2:
0x00005b00 lw t9, -0x7d54(gp) | t9 = sym.imp.g_strcmp0;
| /* str.zoom */
0x00005b04 addiu a1, a1, 0x9a4 | a1 += 0x9a4;
0x00005b08 move a0, s0 | a0 = s0;
0x00005b0c jalr t9 | t9 ();
0x00005b10 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 == 0) {
0x00005b14 bnez v0, 0x5b20 |
0x00005b18 lw s2, (s5) | s2 = *(s5);
0x00005b1c b 0x593c | goto label_0;
| }
0x00005b20 lw v1, (s5) | v1 = *(s5);
0x00005b24 move a0, zero | a0 = 0;
0x00005b28 lw ra, 0x3c(sp) | ra = *(var_3ch);
0x00005b2c addu v1, v1, a0 | v1 += a0;
0x00005b30 lw s6, 0x38(sp) | s6 = *(var_38h);
0x00005b34 lw s5, 0x34(sp) | s5 = *(var_34h);
0x00005b38 lw s4, 0x30(sp) | s4 = *(var_30h);
0x00005b3c lw s3, 0x2c(sp) | s3 = *(var_2ch);
0x00005b40 lw s2, 0x28(sp) | s2 = *(var_28h);
0x00005b44 lw s1, 0x24(sp) | s1 = *(var_24h);
0x00005b48 lw s0, 0x20(sp) | s0 = *(var_20h);
0x00005b4c addiu v0, zero, 1 | v0 = 1;
0x00005b50 sw zero, (v1) | *(v1) = 0;
0x00005b54 addiu sp, sp, 0x40 |
0x00005b58 jr ra | return v0;
| label_4:
0x00005b5c addiu v0, zero, 2 | v0 = 2;
0x00005b60 lw v0, (s5) | v0 = *(s5);
0x00005b64 bnel s2, v0, 0x5aac |
| } while (s2 == v0);
0x00005b68 lw t9, -0x7f70(gp) | t9 = *(gp);
0x00005b6c b 0x5a34 | goto label_1;
| }
[*] Function printf used 5 times dptzd
