[*] Binary protection state of overlaymodifiers.cgi
Full RELRO No Canary found NX disabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function printf tear down of overlaymodifiers.cgi
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/html/axis-cgi/overlaymodifiers.cgi @ 0x8c0 */
| #include <stdint.h>
|
; (fcn) main () | int32_t main () {
| /* [13] -r-x section size 1120 named .text */
0x000008c0 lui gp, 2 |
0x000008c4 addiu gp, gp, -0x78b0 |
0x000008c8 addu gp, gp, t9 | gp += t9;
0x000008cc addiu sp, sp, -0x40 |
0x000008d0 lw t9, -0x7fa8(gp) | t9 = sym.imp.CGI_plain_setup_RFC;
0x000008d4 sw s0, 0x18(sp) | *(var_18h) = s0;
0x000008d8 move s0, a0 | s0 = a0;
0x000008dc lw a0, -0x7fdc(gp) | a0 = *((gp - 8183));
0x000008e0 sw gp, 0x10(sp) | *(var_10h) = gp;
0x000008e4 sw s1, 0x1c(sp) | *(var_1ch) = s1;
0x000008e8 sw ra, 0x3c(sp) | *(var_3ch) = ra;
0x000008ec sw fp, 0x38(sp) | *(var_38h) = fp;
0x000008f0 sw s7, 0x34(sp) | *(var_34h) = s7;
0x000008f4 sw s6, 0x30(sp) | *(var_30h) = s6;
0x000008f8 sw s5, 0x2c(sp) | *(var_2ch) = s5;
0x000008fc sw s4, 0x28(sp) | *(var_28h) = s4;
0x00000900 sw s3, 0x24(sp) | *(var_24h) = s3;
0x00000904 sw s2, 0x20(sp) | *(var_20h) = s2;
0x00000908 addiu a0, a0, 0xed0 | a0 += 0xed0;
0x0000090c move s1, a1 | s1 = a1;
0x00000910 jalr t9 | t9 ();
0x00000914 addiu v0, zero, 2 | v0 = 2;
0x00000918 lw gp, 0x10(sp) | gp = *(var_10h);
| if (s0 == v0) {
0x0000091c beq s0, v0, 0xab8 | goto label_6;
| }
0x00000920 slti s0, s0, 3 | s0 = (s0 < 3) ? 1 : 0;
0x00000924 move s2, zero | s2 = 0;
| if (s0 == 0) {
0x00000928 beqz s0, 0xad8 | goto label_7;
| }
| label_5:
0x0000092c lw t9, -0x7fac(gp) | t9 = sym.imp.formatname_get_modifiers;
0x00000930 addiu s1, zero, -1 | s1 = -1;
0x00000934 jalr t9 | t9 ();
0x00000938 lw gp, 0x10(sp) | gp = *(var_10h);
0x0000093c move a2, s2 | a2 = s2;
0x00000940 addiu a0, zero, 1 | a0 = 1;
0x00000944 lw a1, -0x7fdc(gp) | a1 = *((gp - 8183));
0x00000948 lw t9, -0x7fa4(gp) | t9 = sym.imp.__printf_chk
0x0000094c addiu a1, a1, 0xe28 | a1 += str._apiVersion_:__0.2____context_:__i___method_:__overlayModifiers____data_:___groups_:_;
0x00000950 move s6, v0 | s6 = v0;
0x00000954 jalr t9 | t9 ();
0x00000958 lw gp, 0x10(sp) | gp = *(var_10h);
0x0000095c move fp, s6 | fp = s6;
0x00000960 addiu s2, zero, 1 | s2 = 1;
0x00000964 lw s4, -0x7fdc(gp) | s4 = *((gp - 8183));
0x00000968 lw s0, -0x7fd8(gp) | s0 = *((gp - 8182));
0x0000096c lw s3, -0x7fdc(gp) | s3 = *((gp - 8183));
0x00000970 lw s5, -0x7fdc(gp) | s5 = *((gp - 8183));
0x00000974 lw s7, -0x7fdc(gp) | s7 = *((gp - 8183));
0x00000978 addiu v1, zero, 1 | v1 = 1;
0x0000097c addiu s4, s4, 0xeac | s4 += str._mod_:__s_;
| /* section..data.rel.ro */
0x00000980 addiu s0, s0, 0xfc4 | s0 += 0xfc4;
0x00000984 addiu s3, s3, 0xe88 | s3 += str.__s_:__;
| do {
0x00000988 lbu v0, (fp) | v0 = *(fp);
0x0000098c lw a0, -0x7fdc(gp) | a0 = *((gp - 8183));
| if (v0 == 0) {
0x00000990 beqz v0, 0xa18 | goto label_8;
| }
0x00000994 lw a3, 0xc(fp) | a3 = *(arg_ch);
| label_0:
0x00000998 addiu v0, zero, 0xc | v0 = 0xc;
0x0000099c addiu fp, fp, 0x10 | fp += 0x10;
0x000009a0 beq a3, v0, 0x988 |
| } while (a3 == v0);
| if (a3 == s1) {
0x000009a4 beq a3, s1, 0xa80 | goto label_9;
| }
0x000009a8 nop |
| if (s2 == 0) {
0x000009ac beql s2, zero, 0xaa0 | goto label_10;
| }
0x000009b0 lw t9, -0x7fa4(gp) | t9 = sym.imp.__printf_chk
| label_4:
0x000009b4 sll a2, a3, 2 | a2 = a3 << 2;
0x000009b8 lw t9, -0x7fa4(gp) | t9 = sym.imp.__printf_chk
0x000009bc lwx a2, a2(s0) | __asm ("lwx a2, a2(s0)");
0x000009c0 move a1, s3 | a1 = s3;
0x000009c4 addiu a0, zero, 1 | a0 = 1;
0x000009c8 move s1, a3 | s1 = a3;
0x000009cc jalr t9 | t9 ();
0x000009d0 lw gp, 0x10(sp) | gp = *(var_10h);
0x000009d4 lw a3, -4(fp) | a3 = *(var_3ch);
0x000009d8 move s2, zero | s2 = 0;
| label_3:
0x000009dc sll a3, a3, 2 | a3 <<= 2;
| label_2:
0x000009e0 lbu v0, -8(fp) | v0 = *(var_38h);
0x000009e4 lw a2, -0xc(fp) | a2 = *(var_34h);
0x000009e8 lwx a3, a3(s0) | __asm ("lwx a3, a3(s0)");
0x000009ec lw t9, -0x7fa4(gp) | t9 = sym.imp.__printf_chk
| if (v0 == 0) {
0x000009f0 beqz v0, 0xa68 | goto label_11;
| }
0x000009f4 addiu a1, s5, 0xe90 | a1 = s5 + str._mod_:__s___index_:true;
0x000009f8 addiu a0, zero, 1 | a0 = 1;
0x000009fc jalr t9 | t9 ();
0x00000a00 lw gp, 0x10(sp) | gp = *(var_10h);
0x00000a04 move v1, zero | v1 = 0;
| label_1:
0x00000a08 lbu v0, (fp) | v0 = *(fp);
0x00000a0c lw a3, 0xc(fp) | a3 = *(arg_ch);
| if (v0 == 0) {
0x00000a10 bnel v0, zero, 0x998 | goto label_0;
| }
0x00000a14 lw a0, -0x7fdc(gp) | a0 = *((gp - 8183));
| label_8:
0x00000a18 lw t9, -0x7f90(gp) | t9 = sym.imp.puts;
0x00000a1c addiu a0, a0, 0xebc | a0 += str._;
0x00000a20 jalr t9 | t9 ();
0x00000a24 lw gp, 0x10(sp) | gp = *(var_10h);
0x00000a28 lw t9, -0x7f8c(gp) | t9 = sym.imp.formatname_release_modifiers;
0x00000a2c move a0, s6 | a0 = s6;
0x00000a30 jalr t9 | t9 ();
0x00000a34 lw ra, 0x3c(sp) | ra = *(var_3ch);
0x00000a38 lw fp, 0x38(sp) | fp = *(var_38h);
0x00000a3c lw s7, 0x34(sp) | s7 = *(var_34h);
0x00000a40 lw s6, 0x30(sp) | s6 = *(var_30h);
0x00000a44 lw s5, 0x2c(sp) | s5 = *(var_2ch);
0x00000a48 lw s4, 0x28(sp) | s4 = *(var_28h);
0x00000a4c lw s3, 0x24(sp) | s3 = *(var_24h);
0x00000a50 lw s2, 0x20(sp) | s2 = *(var_20h);
0x00000a54 lw s1, 0x1c(sp) | s1 = *(var_1ch);
0x00000a58 lw s0, 0x18(sp) | s0 = *(var_18h);
0x00000a5c move v0, zero | v0 = 0;
0x00000a60 addiu sp, sp, 0x40 |
0x00000a64 jr ra | return v1;
| label_11:
0x00000a68 move a1, s4 | a1 = s4;
0x00000a6c addiu a0, zero, 1 | a0 = 1;
0x00000a70 jalr t9 | t9 ();
0x00000a74 lw gp, 0x10(sp) | gp = *(var_10h);
0x00000a78 move v1, zero | v1 = 0;
0x00000a7c b 0xa08 | goto label_1;
| label_9:
0x00000a80 sll a3, a3, 2 | a3 <<= 2;
| if (v1 == 0) {
0x00000a84 bnel v1, zero, 0x9e0 | goto label_2;
| }
0x00000a88 lw t9, -0x7fa0(gp) | t9 = sym.imp.putchar;
0x00000a8c addiu a0, zero, 0x2c | a0 = 0x2c;
0x00000a90 jalr t9 | t9 ();
0x00000a94 lw gp, 0x10(sp) | gp = *(var_10h);
0x00000a98 lw a3, -4(fp) | a3 = *(var_3ch);
0x00000a9c b 0x9dc | goto label_3;
| label_10:
0x00000aa0 addiu a1, s7, 0xe84 | a1 = s7 + 0xe84;
0x00000aa4 addiu a0, zero, 1 | a0 = 1;
0x00000aa8 jalr t9 | t9 ();
0x00000aac lw gp, 0x10(sp) | gp = *(var_10h);
0x00000ab0 lw a3, -4(fp) | a3 = *(var_3ch);
0x00000ab4 b 0x9b4 | goto label_4;
| label_6:
0x00000ab8 lw t9, -0x7fb4(gp) | t9 = sym.imp.strtol;
0x00000abc lw a0, 4(s1) | a0 = *((s1 + 1));
0x00000ac0 addiu a2, zero, 0xa | a2 = 0xa;
0x00000ac4 move a1, zero | a1 = 0;
0x00000ac8 jalr t9 | t9 ();
0x00000acc move s2, v0 | s2 = v0;
0x00000ad0 lw gp, 0x10(sp) | gp = *(var_10h);
0x00000ad4 b 0x92c | goto label_5;
| label_7:
0x00000ad8 lw a0, -0x7fdc(gp) | a0 = *((gp - 8183));
0x00000adc lw t9, -0x7f90(gp) | t9 = sym.imp.puts;
0x00000ae0 addiu a0, a0, 0xde8 | a0 += str.Wrong_number_of_arguments__usage:_overlay_modifiers__context_;
0x00000ae4 jalr t9 | t9 ();
0x00000ae8 lw gp, 0x10(sp) | gp = *(var_10h);
0x00000aec lw t9, -0x7f98(gp) | t9 = sym.imp.exit;
0x00000af0 addiu a0, zero, 1 | a0 = 1;
0x00000af4 jalr t9 | t9 ();
0x00000af8 nop |
0x00000afc nop |
| }
[*] Function printf used 5 times overlaymodifiers.cgi
