[*] Binary protection state of triggerd
Full RELRO Canary found NX disabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function fprintf tear down of triggerd
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/sbin/triggerd @ 0x2930 */
| #include <stdint.h>
|
; (fcn) main () | int32_t main () {
| /* [13] -r-x section size 34704 named .text */
0x00002930 lui gp, 2 |
0x00002934 addiu gp, gp, 0x26e0 |
0x00002938 addu gp, gp, t9 | gp += t9;
0x0000293c addiu sp, sp, -0x58 |
0x00002940 lw t9, -0x7f60(gp) | t9 = sym.imp.command_source_register_mainloop_thread;
0x00002944 sw s5, 0x4c(sp) | *(var_4ch) = s5;
0x00002948 lw s5, -0x7e50(gp) | s5 = *((gp - 8084));
0x0000294c sw ra, 0x54(sp) | *(var_54h) = ra;
0x00002950 sw gp, 0x18(sp) | *(var_18h) = gp;
0x00002954 lw v0, (s5) | v0 = *(s5);
0x00002958 sw s6, 0x50(sp) | *(var_50h) = s6;
0x0000295c sw s4, 0x48(sp) | *(var_48h) = s4;
0x00002960 sw s3, 0x44(sp) | *(var_44h) = s3;
0x00002964 sw s2, 0x40(sp) | *(var_40h) = s2;
0x00002968 sw s1, 0x3c(sp) | *(var_3ch) = s1;
0x0000296c sw s0, 0x38(sp) | *(var_38h) = s0;
0x00002970 sw v0, 0x34(sp) | *(var_34h) = v0;
0x00002974 move s4, a0 | s4 = a0;
0x00002978 move s6, a1 | s6 = a1;
0x0000297c jalr t9 | t9 ();
0x00002980 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002984 move a1, zero | a1 = 0;
0x00002988 move a0, zero | a0 = 0;
0x0000298c lw t9, -0x7da0(gp) | t9 = sym.imp.g_main_loop_new;
0x00002990 sw zero, 0x24(sp) | *(var_24h) = 0;
0x00002994 jalr t9 | t9 ();
0x00002998 lw gp, 0x18(sp) | gp = *(var_18h);
0x0000299c addiu s3, sp, 0x20 | s3 = sp + 0x20;
0x000029a0 move a2, s3 | a2 = s3;
0x000029a4 lw a1, -0x7fd0(gp) | a1 = *((gp - 8180));
0x000029a8 lw t9, -0x7db8(gp) | t9 = sym.imp.signal_source_attach;
0x000029ac addiu a1, a1, 0x3000 | a1 += 0x3000;
0x000029b0 move a0, v0 | a0 = v0;
0x000029b4 sw v0, 0x20(sp) | *(var_20h) = v0;
0x000029b8 jalr t9 | t9 ();
0x000029bc lw gp, 0x18(sp) | gp = *(var_18h);
0x000029c0 lw t9, -0x7dec(gp) | t9 = sym.imp.signal_source_register;
0x000029c4 addiu a0, zero, 1 | a0 = 1;
0x000029c8 jalr t9 | t9 ();
0x000029cc lw gp, 0x18(sp) | gp = *(var_18h);
0x000029d0 lw t9, -0x7dec(gp) | t9 = sym.imp.signal_source_register;
0x000029d4 addiu a0, zero, 0x11 | a0 = 0x11;
0x000029d8 jalr t9 | t9 ();
0x000029dc lw gp, 0x18(sp) | gp = *(var_18h);
0x000029e0 lw t9, -0x7dec(gp) | t9 = sym.imp.signal_source_register;
0x000029e4 addiu a0, zero, 0xf | a0 = 0xf;
0x000029e8 jalr t9 | t9 ();
0x000029ec lw gp, 0x18(sp) | gp = *(var_18h);
0x000029f0 lw a0, -0x7fd8(gp) | a0 = *((gp - 8182));
0x000029f4 lw t9, -0x7d88(gp) | t9 = sym.imp.event_consumer_new;
0x000029f8 addiu a0, a0, -0x4600 | a0 += -0x4600;
0x000029fc jalr t9 | t9 ();
0x00002a00 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002a04 lw t9, -0x7e70(gp) | t9 = sym.imp.subscribe_expression_new;
0x00002a08 lw s1, -0x7fd8(gp) | s1 = *((gp - 8182));
0x00002a0c sw v0, 0x28(sp) | *(var_28h) = v0;
0x00002a10 jalr t9 | t9 ();
0x00002a14 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002a18 addiu a1, s1, -0x45ec | a1 = s1 + -0x45ec;
0x00002a1c move a0, v0 | a0 = v0;
0x00002a20 lw a2, -0x7fd8(gp) | a2 = *((gp - 8182));
0x00002a24 lw t9, -0x7f40(gp) | t9 = sym.imp.subscribe_expression_add_key_value;
0x00002a28 addiu a2, a2, -0x45f4 | a2 += -0x45f4;
0x00002a2c lw s0, -0x7fd8(gp) | s0 = *((gp - 8182));
0x00002a30 sw v0, 0x2c(sp) | *(var_2ch) = v0;
0x00002a34 jalr t9 | t9 ();
0x00002a38 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002a3c lw a0, 0x2c(sp) | a0 = *(var_2ch);
0x00002a40 addiu a1, s0, -0x45d4 | a1 = s0 + -0x45d4;
0x00002a44 lw a2, -0x7fd8(gp) | a2 = *((gp - 8182));
0x00002a48 lw t9, -0x7f40(gp) | t9 = sym.imp.subscribe_expression_add_key_value;
0x00002a4c addiu a2, a2, -0x45e4 | a2 += -0x45e4;
0x00002a50 jalr t9 | t9 ();
0x00002a54 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002a58 lw a0, 0x2c(sp) | a0 = *(var_2ch);
0x00002a5c lw a2, -0x7fd8(gp) | a2 = *((gp - 8182));
0x00002a60 lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
0x00002a64 lw t9, -0x7f40(gp) | t9 = sym.imp.subscribe_expression_add_key_value;
0x00002a68 addiu a2, a2, -0x45cc | a2 += -0x45cc;
0x00002a6c addiu a1, a1, -0x45b8 | a1 += -0x45b8;
0x00002a70 jalr t9 | t9 ();
0x00002a74 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002a78 lw a0, 0x2c(sp) | a0 = *(var_2ch);
0x00002a7c addiu a1, s1, -0x45ec | a1 = s1 + -0x45ec;
0x00002a80 lw a2, -0x7fd8(gp) | a2 = *((gp - 8182));
0x00002a84 lw t9, -0x7ebc(gp) | t9 = sym.imp.subscribe_expression_set_name_space;
0x00002a88 addiu a2, a2, -0x45b0 | a2 += -0x45b0;
0x00002a8c jalr t9 | t9 ();
0x00002a90 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002a94 lw a0, 0x2c(sp) | a0 = *(var_2ch);
0x00002a98 addiu a1, s0, -0x45d4 | a1 = s0 + -0x45d4;
0x00002a9c lw a2, -0x7fd8(gp) | a2 = *((gp - 8182));
0x00002aa0 lw t9, -0x7ebc(gp) | t9 = sym.imp.subscribe_expression_set_name_space;
0x00002aa4 addiu a2, a2, -0x45a8 | a2 += -0x45a8;
0x00002aa8 jalr t9 | t9 ();
0x00002aac lw gp, 0x18(sp) | gp = *(var_18h);
0x00002ab0 lw a1, 0x2c(sp) | a1 = *(var_2ch);
0x00002ab4 lw a0, 0x28(sp) | a0 = *(var_28h);
0x00002ab8 lw a2, -0x7fd0(gp) | a2 = *((gp - 8180));
0x00002abc lw t9, -0x7e1c(gp) | t9 = sym.imp.event_consumer_subscribe;
0x00002ac0 move a3, s3 | a3 = s3;
0x00002ac4 lw s2, -0x7fd8(gp) | s2 = *((gp - 8182));
0x00002ac8 addiu a2, a2, 0x2f20 | a2 += 0x2f20;
0x00002acc jalr t9 | t9 ();
0x00002ad0 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002ad4 addiu a0, s2, -0x37c4 | a0 = s2 + -0x37c4;
0x00002ad8 lw t9, -0x7f2c(gp) | t9 = sym.imp.getpwnam;
0x00002adc sw v0, 0x30(sp) | *(var_30h) = v0;
0x00002ae0 jalr t9 | t9 ();
0x00002ae4 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 == 0) {
0x00002ae8 beqz v0, 0x2ca4 | goto label_3;
| }
0x00002aec lw t9, -0x7d58(gp) | t9 = sym.imp.getgrnam;
0x00002af0 addiu a0, s2, -0x37c4 | a0 = s2 + -0x37c4;
0x00002af4 move s0, v0 | s0 = v0;
0x00002af8 jalr t9 | t9 ();
0x00002afc move s1, v0 | s1 = v0;
0x00002b00 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 == 0) {
0x00002b04 beqz v0, 0x2ccc | goto label_4;
| }
0x00002b08 lw t9, -0x7f14(gp) | t9 = sym.imp.setgid;
0x00002b0c lw a0, 8(v0) | a0 = *((v0 + 2));
0x00002b10 jalr t9 | t9 ();
0x00002b14 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 < 0) {
0x00002b18 bltz v0, 0x2c40 | goto label_5;
| }
0x00002b1c lw t9, -0x7e7c(gp) | t9 = sym.imp.initgroups;
0x00002b20 lw a1, 8(s1) | a1 = *((s1 + 2));
0x00002b24 lw a0, (s0) | a0 = *(s0);
0x00002b28 jalr t9 | t9 ();
0x00002b2c lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 < 0) {
0x00002b30 bltz v0, 0x2d1c | goto label_6;
| }
0x00002b34 lw t9, -0x7e14(gp) | t9 = sym.imp.setuid;
0x00002b38 lw a0, 8(s0) | a0 = *((s0 + 2));
0x00002b3c jalr t9 | t9 ();
0x00002b40 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 < 0) {
0x00002b44 bltz v0, 0x2cf4 | goto label_7;
| }
0x00002b48 slti s4, s4, 2 | s4 = (s4 < 2) ? 1 : 0;
0x00002b4c lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
| if (s4 == 0) {
0x00002b50 bnez s4, 0x2b6c |
0x00002b54 lw t9, -0x7d40(gp) | t9 = sym.imp.g_strcmp0;
0x00002b58 lw a0, 4(s6) | a0 = *((s6 + 1));
0x00002b5c addiu a1, a1, -0x44ac | a1 += -0x44ac;
0x00002b60 jalr t9 | t9 ();
0x00002b64 lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 == 0) {
0x00002b68 beqz v0, 0x2c90 | goto label_8;
| }
| }
0x00002b6c lw t9, -0x7d00(gp) | t9 = sym.imp.daemon;
0x00002b70 move a1, zero | a1 = 0;
0x00002b74 move a0, zero | a0 = 0;
0x00002b78 jalr t9 | t9 ();
0x00002b7c lw gp, 0x18(sp) | gp = *(var_18h);
| if (v0 >= 0) {
0x00002b80 bltz v0, 0x2c18 |
0x00002b84 lw t9, -0x7e60(gp) | t9 = sym.imp.ax_log_syslog;
0x00002b88 jalr t9 | t9 ();
0x00002b8c nop |
0x00002b90 lw gp, 0x18(sp) | gp = *(var_18h);
| label_1:
0x00002b94 lw a2, -0x7fd0(gp) | a2 = *((gp - 8180));
0x00002b98 lw a1, -0x7fd8(gp) | a1 = *((gp - 8182));
0x00002b9c lw a0, -0x7fd8(gp) | a0 = *((gp - 8182));
0x00002ba0 lw t9, -0x7fcc(gp) | t9 = sym.trigger_handler_new;
0x00002ba4 move a3, s3 | a3 = s3;
0x00002ba8 addiu a2, a2, 0x2ed0 | a2 += 0x2ed0;
0x00002bac addiu a1, a1, -0x447c | a1 += -0x447c;
0x00002bb0 addiu a0, a0, -0x4464 | a0 += -sym.trigger_handler_get_type;
0x00002bb4 bal 0x5148 | sym_trigger_handler_new ();
0x00002bb8 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002bbc lw a0, 0x20(sp) | a0 = *(var_20h);
0x00002bc0 lw t9, -0x7f28(gp) | t9 = sym.imp.g_main_loop_run;
0x00002bc4 sw v0, 0x24(sp) | *(var_24h) = v0;
0x00002bc8 jalr t9 | t9 ();
0x00002bcc lw gp, 0x18(sp) | gp = *(var_18h);
0x00002bd0 lw t9, -0x7d38(gp) | t9 = sym.imp.g_object_unref;
0x00002bd4 lw a0, 0x24(sp) | a0 = *(var_24h);
0x00002bd8 jalr t9 | t9 ();
0x00002bdc lw gp, 0x18(sp) | gp = *(var_18h);
0x00002be0 move v0, zero | v0 = 0;
| label_0:
0x00002be4 lw a0, 0x34(sp) | a0 = *(var_34h);
0x00002be8 lw v1, (s5) | v1 = *(s5);
0x00002bec lw ra, 0x54(sp) | ra = *(var_54h);
| if (a0 != v1) {
0x00002bf0 bne a0, v1, 0x2d4c | goto label_9;
| }
0x00002bf4 lw s6, 0x50(sp) | s6 = *(var_50h);
0x00002bf8 lw s5, 0x4c(sp) | s5 = *(var_4ch);
0x00002bfc lw s4, 0x48(sp) | s4 = *(var_48h);
0x00002c00 lw s3, 0x44(sp) | s3 = *(var_44h);
0x00002c04 lw s2, 0x40(sp) | s2 = *(var_40h);
0x00002c08 lw s1, 0x3c(sp) | s1 = *(var_3ch);
0x00002c0c lw s0, 0x38(sp) | s0 = *(var_38h);
0x00002c10 addiu sp, sp, 0x58 |
0x00002c14 jr ra | return v0;
| }
0x00002c18 lw a3, -0x7fd8(gp) | a3 = *((gp - 8182));
0x00002c1c lw a2, -0x7fd8(gp) | a2 = *((gp - 8182));
0x00002c20 lw t9, -0x7f48(gp) | t9 = sym.imp.g_log;
0x00002c24 addiu a3, a3, -0x4580 | a3 += -0x4580;
0x00002c28 addiu a2, a2, -0x44a8 | a2 += -0x44a8;
0x00002c2c addiu a1, zero, 4 | a1 = 4;
0x00002c30 move a0, zero | a0 = 0;
0x00002c34 jalr t9 | t9 ();
| while (1);
0x00002c38 b 0x2c38 |
0x00002c3c nop |
| label_5:
0x00002c40 lw v0, -0x7e24(gp) | v0 = *((gp - 8073));
0x00002c44 lw a2, -0x7fd8(gp) | a2 = *((gp - 8182));
0x00002c48 lw t9, -0x7d2c(gp) | t9 = sym.imp.__fprintf_chk
0x00002c4c lw a3, 8(s1) | a3 = *((s1 + 2));
0x00002c50 lw a0, (v0) | a0 = *(v0);
0x00002c54 addiu a2, a2, -0x4558 | a2 += -0x4558;
0x00002c58 addiu a1, zero, 1 | a1 = 1;
0x00002c5c jalr t9 | t9 ();
0x00002c60 lw gp, 0x18(sp) | gp = *(var_18h);
| do {
| label_2:
0x00002c64 lw a3, -0x7fd8(gp) | a3 = *((gp - 8182));
0x00002c68 lw a2, -0x7fd8(gp) | a2 = *((gp - 8182));
0x00002c6c lw t9, -0x7f48(gp) | t9 = sym.imp.g_log;
0x00002c70 addiu a3, a3, -0x4580 | a3 += -0x4580;
0x00002c74 addiu a2, a2, -0x44dc | a2 += -0x44dc;
0x00002c78 addiu a1, zero, 8 | a1 = 8;
0x00002c7c move a0, zero | a0 = 0;
0x00002c80 jalr t9 | t9 ();
0x00002c84 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002c88 addiu v0, zero, 1 | v0 = 1;
0x00002c8c b 0x2be4 | goto label_0;
| label_8:
0x00002c90 lw t9, -0x7d14(gp) | t9 = sym.imp.ax_log_stdout;
0x00002c94 jalr t9 | t9 ();
0x00002c98 nop |
0x00002c9c lw gp, 0x18(sp) | gp = *(var_18h);
0x00002ca0 b 0x2b94 | goto label_1;
| label_3:
0x00002ca4 lw v0, -0x7e24(gp) | v0 = *((gp - 8073));
0x00002ca8 lw a2, -0x7fd8(gp) | a2 = *((gp - 8182));
0x00002cac lw t9, -0x7d2c(gp) | t9 = sym.imp.__fprintf_chk
0x00002cb0 lw a0, (v0) | a0 = *(v0);
0x00002cb4 addiu a3, s2, -0x37c4 | a3 = s2 + -0x37c4;
0x00002cb8 addiu a2, a2, -0x45a0 | a2 += -0x45a0;
0x00002cbc addiu a1, zero, 1 | a1 = 1;
0x00002cc0 jalr t9 | t9 ();
0x00002cc4 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002cc8 b 0x2c64 |
| } while (1);
| label_4:
0x00002ccc lw v0, -0x7e24(gp) | v0 = *((gp - 8073));
0x00002cd0 lw a2, -0x7fd8(gp) | a2 = *((gp - 8182));
0x00002cd4 lw t9, -0x7d2c(gp) | t9 = sym.imp.__fprintf_chk
0x00002cd8 lw a0, (v0) | a0 = *(v0);
0x00002cdc addiu a3, s2, -0x37c4 | a3 = s2 + -0x37c4;
0x00002ce0 addiu a2, a2, -0x457c | a2 += -0x457c;
0x00002ce4 addiu a1, zero, 1 | a1 = 1;
0x00002ce8 jalr t9 | t9 ();
0x00002cec lw gp, 0x18(sp) | gp = *(var_18h);
0x00002cf0 b 0x2c64 | goto label_2;
| label_7:
0x00002cf4 lw v0, -0x7e24(gp) | v0 = *((gp - 8073));
0x00002cf8 lw a2, -0x7fd8(gp) | a2 = *((gp - 8182));
0x00002cfc lw t9, -0x7d2c(gp) | t9 = sym.imp.__fprintf_chk
0x00002d00 lw a3, 8(s0) | a3 = *((s0 + 2));
0x00002d04 lw a0, (v0) | a0 = *(v0);
0x00002d08 addiu a2, a2, -0x44fc | a2 += -0x44fc;
0x00002d0c addiu a1, zero, 1 | a1 = 1;
0x00002d10 jalr t9 | t9 ();
0x00002d14 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002d18 b 0x2c64 | goto label_2;
| label_6:
0x00002d1c lw v1, -0x7e24(gp) | v1 = *((gp - 8073));
0x00002d20 lw a2, -0x7fd8(gp) | a2 = *((gp - 8182));
0x00002d24 lw v0, 8(s1) | v0 = *((s1 + 2));
0x00002d28 lw t9, -0x7d2c(gp) | t9 = sym.imp.__fprintf_chk
0x00002d2c lw a3, (s0) | a3 = *(s0);
0x00002d30 lw a0, (v1) | a0 = *(v1);
0x00002d34 addiu a2, a2, -0x4538 | a2 += -0x4538;
0x00002d38 sw v0, 0x10(sp) | *(var_10h_2) = v0;
0x00002d3c addiu a1, zero, 1 | a1 = 1;
0x00002d40 jalr t9 | t9 ();
0x00002d44 lw gp, 0x18(sp) | gp = *(var_18h);
0x00002d48 b 0x2c64 | goto label_2;
| label_9:
0x00002d4c lw t9, -0x7e98(gp) | t9 = sym.imp.__stack_chk_fail;
0x00002d50 jalr t9 | t9 ();
0x00002d54 nop |
0x00002d58 nop |
0x00002d5c nop |
| }
[*] Function fprintf used 6 times triggerd
