[*] Binary protection state of session.cgi
Full RELRO Canary found NX disabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function sprintf tear down of session.cgi
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/html/axis-cgi/session.cgi @ 0x1ad8 */
| #include <stdint.h>
|
; (fcn) main () | int32_t main () {
0x00001ad8 lui gp, 2 |
0x00001adc addiu gp, gp, -0x4ac8 |
0x00001ae0 addu gp, gp, t9 | gp += t9;
0x00001ae4 addiu sp, sp, -0x2e0 |
0x00001ae8 sw ra, 0x2dc(sp) | *(var_2dch) = ra;
0x00001aec sw fp, 0x2d8(sp) | *(var_2d8h) = fp;
0x00001af0 sw s7, 0x2d4(sp) | *(var_2d4h) = s7;
0x00001af4 sw s6, 0x2d0(sp) | *(var_2d0h) = s6;
0x00001af8 sw s5, 0x2cc(sp) | *(var_2cch) = s5;
0x00001afc sw s4, 0x2c8(sp) | *(var_2c8h) = s4;
0x00001b00 sw s3, 0x2c4(sp) | *(var_2c4h) = s3;
0x00001b04 sw s2, 0x2c0(sp) | *(var_2c0h) = s2;
0x00001b08 sw s1, 0x2bc(sp) | *(var_2bch) = s1;
0x00001b0c sw s0, 0x2b8(sp) | *(var_2b8h) = s0;
0x00001b10 move fp, sp | fp = sp;
0x00001b14 sw gp, 0x18(sp) | *(var_18h_2) = gp;
0x00001b18 sw a0, 0x2e0(fp) | *(arg_2e0h) = a0;
0x00001b1c sw a1, 0x24(fp) | *(arg_24h) = a1;
0x00001b20 lw v0, -0x7f00(gp) | v0 = *((gp - 8128));
0x00001b24 lw v0, (v0) | v0 = *(v0);
0x00001b28 sw v0, 0x2b4(fp) | *(arg_2b4h) = v0;
0x00001b2c move v0, sp | v0 = sp;
0x00001b30 sw v0, 0x20(fp) | *(arg_20h) = v0;
0x00001b34 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00001b38 addiu v0, v0, 0x3e30 | v0 += str.ERROR:_Invalid_session_id;
0x00001b3c sw v0, 0x30(fp) | *(arg_30h) = v0;
0x00001b40 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00001b44 addiu a0, v0, 0x3e4c | a0 = v0 + str.QUERY_STRING;
0x00001b48 lw v0, -0x7f20(gp) | v0 = sym.imp.getenv;
0x00001b4c move t9, v0 | t9 = v0;
0x00001b50 jalr t9 | t9 ();
0x00001b54 nop |
0x00001b58 lw gp, 0x18(fp) | gp = *(var_18h_2);
0x00001b5c sw v0, 0x54(fp) | *(arg_54h) = v0;
0x00001b60 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00001b64 addiu a0, v0, 0x3e5c | a0 = v0 + 0x3e5c;
0x00001b68 lw v0, -0x7f20(gp) | v0 = sym.imp.getenv;
0x00001b6c move t9, v0 | t9 = v0;
0x00001b70 jalr t9 | t9 ();
0x00001b74 nop |
0x00001b78 lw gp, 0x18(fp) | gp = *(var_18h_2);
| if (v0 != 0) {
0x00001b7c beqz v0, 0x1ba8 |
0x00001b80 nop |
0x00001b84 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00001b88 addiu a0, v0, 0x3e5c | a0 = v0 + 0x3e5c;
0x00001b8c lw v0, -0x7f20(gp) | v0 = sym.imp.getenv;
0x00001b90 move t9, v0 | t9 = v0;
0x00001b94 jalr t9 | t9 ();
0x00001b98 nop |
0x00001b9c lw gp, 0x18(fp) | gp = *(var_18h_2);
0x00001ba0 b 0x1bb0 | goto label_0;
0x00001ba4 nop |
| }
0x00001ba8 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00001bac addiu v0, v0, 0x3e68 | v0 += 0x3e68;
| label_0:
0x00001bb0 move a0, v0 | a0 = v0;
0x00001bb4 lw v0, -0x7f3c(gp) | v0 = sym.imp.strlen;
0x00001bb8 move t9, v0 | t9 = v0;
0x00001bbc jalr t9 | t9 ();
0x00001bc0 nop |
0x00001bc4 lw gp, 0x18(fp) | gp = *(var_18h_2);
0x00001bc8 addiu v0, v0, 0x41 | v0 += 0x41;
0x00001bcc move v1, v0 | v1 = v0;
0x00001bd0 addiu v1, v1, -1 | v1 += -1;
0x00001bd4 sw v1, 0x58(fp) | *(arg_58h) = v1;
0x00001bd8 move s6, v0 | s6 = v0;
0x00001bdc move s7, zero | s7 = 0;
0x00001be0 srl v1, s6, 0x1d | v1 = s6 >> 0x1d;
0x00001be4 sll s3, s7, 3 | s3 = s7 << 3;
0x00001be8 or s3, v1, s3 | s3 = v1 | s3;
0x00001bec sll s2, s6, 3 | s2 = s6 << 3;
0x00001bf0 move s4, v0 | s4 = v0;
0x00001bf4 move s5, zero | s5 = 0;
0x00001bf8 srl v1, s4, 0x1d | v1 = s4 >> 0x1d;
0x00001bfc sll s1, s5, 3 | s1 = s5 << 3;
0x00001c00 or s1, v1, s1 | s1 = v1 | s1;
0x00001c04 sll s0, s4, 3 | s0 = s4 << 3;
0x00001c08 addiu v0, v0, 7 | v0 += 7;
0x00001c0c srl v0, v0, 3 | v0 >>= 3;
0x00001c10 sll v0, v0, 3 | v0 <<= 3;
0x00001c14 subu sp, sp, v0 |
0x00001c18 addiu v0, sp, 0x18 | v0 = sp + 0x18;
0x00001c1c addiu v0, v0, 0 | v0 += 0;
0x00001c20 sw v0, 0x5c(fp) | *(arg_5ch) = v0;
0x00001c24 lw v0, 0x54(fp) | v0 = *(arg_54h);
| if (v0 == 0) {
0x00001c28 beqz v0, 0x2214 | goto label_1;
| }
0x00001c2c nop |
0x00001c30 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00001c34 addiu a1, v0, 0x3e7c | a1 = v0 + str.sessionid;
0x00001c38 lw a0, 0x54(fp) | a0 = *(arg_54h);
0x00001c3c lw v0, -0x7ee0(gp) | v0 = sym.imp.strstr;
0x00001c40 move t9, v0 | t9 = v0;
0x00001c44 jalr t9 | t9 ();
0x00001c48 nop |
0x00001c4c lw gp, 0x18(fp) | gp = *(var_18h_2);
0x00001c50 sw v0, 0x60(fp) | *(arg_60h) = v0;
0x00001c54 lw v0, 0x60(fp) | v0 = *(arg_60h);
| if (v0 == 0) {
0x00001c58 beqz v0, 0x2214 | goto label_1;
| }
0x00001c5c nop |
0x00001c60 sw zero, 0x2c(fp) | *(arg_2ch) = 0;
0x00001c64 lw v0, 0x60(fp) | v0 = *(arg_60h);
0x00001c68 addiu v0, v0, 0xa | v0 += 0xa;
0x00001c6c sw v0, 0x60(fp) | *(arg_60h) = v0;
0x00001c70 addiu a1, zero, 0x26 | a1 = 0x26;
0x00001c74 lw a0, 0x60(fp) | a0 = *(arg_60h);
0x00001c78 lw v0, -0x7f38(gp) | v0 = sym.imp.strchr;
0x00001c7c move t9, v0 | t9 = v0;
0x00001c80 jalr t9 | t9 ();
0x00001c84 nop |
0x00001c88 lw gp, 0x18(fp) | gp = *(var_18h_2);
0x00001c8c sw v0, 0x64(fp) | *(arg_64h) = v0;
0x00001c90 lw v0, 0x64(fp) | v0 = *(arg_64h);
| if (v0 != 0) {
0x00001c94 beqz v0, 0x1cb0 |
0x00001c98 nop |
0x00001c9c lw v0, 0x64(fp) | v0 = *(arg_64h);
0x00001ca0 sb zero, (v0) | *(v0) = 0;
0x00001ca4 lw v0, 0x64(fp) | v0 = *(arg_64h);
0x00001ca8 addiu v0, v0, 1 | v0++;
0x00001cac sw v0, 0x2c(fp) | *(arg_2ch) = v0;
| }
0x00001cb0 lw a0, 0x60(fp) | a0 = *(arg_60h);
0x00001cb4 lw v0, -0x7fb4(gp) | v0 = sym.valid_sessionid;
0x00001cb8 move t9, v0 | t9 = v0;
0x00001cbc bal 0x35d0 | sym_valid_sessionid ();
0x00001cc0 nop |
0x00001cc4 lw gp, 0x18(fp) | gp = *(var_18h_2);
| if (v0 == 0) {
0x00001cc8 beqz v0, 0x2214 | goto label_1;
| }
0x00001ccc nop |
0x00001cd0 lw s0, 0x5c(fp) | s0 = *(arg_5ch);
0x00001cd4 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00001cd8 addiu a0, v0, 0x3e5c | a0 = v0 + 0x3e5c;
0x00001cdc lw v0, -0x7f20(gp) | v0 = sym.imp.getenv;
0x00001ce0 move t9, v0 | t9 = v0;
0x00001ce4 jalr t9 | t9 ();
0x00001ce8 nop |
0x00001cec lw gp, 0x18(fp) | gp = *(var_18h_2);
| if (v0 != 0) {
0x00001cf0 beqz v0, 0x1d1c |
0x00001cf4 nop |
0x00001cf8 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00001cfc addiu a0, v0, 0x3e5c | a0 = v0 + 0x3e5c;
0x00001d00 lw v0, -0x7f20(gp) | v0 = sym.imp.getenv;
0x00001d04 move t9, v0 | t9 = v0;
0x00001d08 jalr t9 | t9 ();
0x00001d0c nop |
0x00001d10 lw gp, 0x18(fp) | gp = *(var_18h_2);
0x00001d14 b 0x1d24 | goto label_2;
0x00001d18 nop |
| }
0x00001d1c lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00001d20 addiu v0, v0, 0x3e68 | v0 += 0x3e68;
| label_2:
0x00001d24 lw a3, 0x60(fp) | a3 = *(arg_60h);
0x00001d28 move a2, v0 | a2 = v0;
0x00001d2c lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00001d30 addiu a1, v0, 0x3e88 | a1 = v0 + 0x3e88;
0x00001d34 move a0, s0 | a0 = s0;
0x00001d38 lw v0, -0x7f64(gp) | v0 = sym.imp.sprintf
0x00001d3c move t9, v0 | t9 = v0;
0x00001d40 jalr t9 | t9 ();
0x00001d44 nop |
0x00001d48 lw gp, 0x18(fp) | gp = *(var_18h_2);
0x00001d4c lw v0, 0x5c(fp) | v0 = *(arg_5ch);
0x00001d50 move a1, zero | a1 = 0;
0x00001d54 move a0, v0 | a0 = v0;
0x00001d58 lw v0, -0x7f34(gp) | v0 = sym.imp.open;
0x00001d5c move t9, v0 | t9 = v0;
0x00001d60 jalr t9 | t9 ();
0x00001d64 nop |
0x00001d68 lw gp, 0x18(fp) | gp = *(var_18h_2);
0x00001d6c sw v0, 0x68(fp) | *(arg_68h) = v0;
0x00001d70 lw v1, 0x68(fp) | v1 = *(arg_68h);
0x00001d74 addiu v0, zero, -1 | v0 = -1;
| if (v1 == v0) {
0x00001d78 beq v1, v0, 0x2214 | goto label_1;
| }
0x00001d7c nop |
0x00001d80 sw zero, 0x28(fp) | *(arg_28h) = 0;
0x00001d84 sw zero, 0x34(fp) | *(arg_34h) = 0;
0x00001d88 sw zero, 0x38(fp) | *(arg_38h) = 0;
0x00001d8c sw zero, 0x3c(fp) | *(arg_3ch) = 0;
0x00001d90 sw zero, 0x40(fp) | *(arg_40h) = 0;
0x00001d94 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00001d98 addiu v0, v0, 0x3e10 | v0 += 0x3e10;
0x00001d9c sw v0, 0x44(fp) | *(arg_44h) = v0;
0x00001da0 addiu v0, fp, 0xb0 | v0 = fp + 0xb0;
0x00001da4 addiu a2, zero, 0x200 | a2 = 0x200;
0x00001da8 move a1, v0 | a1 = v0;
0x00001dac lw a0, 0x68(fp) | a0 = *(arg_68h);
0x00001db0 lw v0, -0x7eec(gp) | v0 = sym.imp.read;
0x00001db4 move t9, v0 | t9 = v0;
0x00001db8 jalr t9 | t9 ();
0x00001dbc nop |
0x00001dc0 lw gp, 0x18(fp) | gp = *(var_18h_2);
0x00001dc4 sw v0, 0x6c(fp) | *(arg_6ch) = v0;
0x00001dc8 lw a0, 0x68(fp) | a0 = *(arg_68h);
0x00001dcc lw v0, -0x7f80(gp) | v0 = sym.imp.close;
0x00001dd0 move t9, v0 | t9 = v0;
0x00001dd4 jalr t9 | t9 ();
0x00001dd8 nop |
0x00001ddc lw gp, 0x18(fp) | gp = *(var_18h_2);
0x00001de0 lw v0, 0x6c(fp) | v0 = *(arg_6ch);
| if (v0 == 0) {
0x00001de4 beqz v0, 0x2214 | goto label_1;
| }
0x00001de8 nop |
0x00001dec addiu v0, fp, 0xb0 | v0 = fp + 0xb0;
0x00001df0 sw v0, 0x48(fp) | *(arg_48h) = v0;
0x00001df4 addiu v0, fp, 0xb0 | v0 = fp + 0xb0;
0x00001df8 sw v0, 0x4c(fp) | *(arg_4ch) = v0;
0x00001dfc lw v0, 0x6c(fp) | v0 = *(arg_6ch);
0x00001e00 addiu v1, fp, 0x2b8 | v1 = fp + 0x2b8;
0x00001e04 addu v0, v1, v0 | v0 = v1 + v0;
0x00001e08 sb zero, -0x208(v0) | *((v0 - 520)) = 0;
0x00001e0c b 0x20dc | goto label_3;
0x00001e10 nop |
| do {
0x00001e14 addiu a1, zero, 0xa | a1 = 0xa;
0x00001e18 lw a0, 0x48(fp) | a0 = *(arg_48h);
0x00001e1c lw v0, -0x7f38(gp) | v0 = sym.imp.strchr;
0x00001e20 move t9, v0 | t9 = v0;
0x00001e24 jalr t9 | t9 ();
0x00001e28 nop |
0x00001e2c lw gp, 0x18(fp) | gp = *(var_18h_2);
0x00001e30 sw v0, 0x50(fp) | *(arg_50h) = v0;
0x00001e34 lw v0, 0x50(fp) | v0 = *(arg_50h);
| if (v0 != 0) {
0x00001e38 beqz v0, 0x1e54 |
0x00001e3c nop |
0x00001e40 lw v0, 0x50(fp) | v0 = *(arg_50h);
0x00001e44 sb zero, (v0) | *(v0) = 0;
0x00001e48 lw v0, 0x50(fp) | v0 = *(arg_50h);
0x00001e4c addiu v0, v0, 1 | v0++;
0x00001e50 sw v0, 0x4c(fp) | *(arg_4ch) = v0;
| }
0x00001e54 addiu a2, zero, 4 | a2 = 4;
0x00001e58 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00001e5c addiu a1, v0, 0x3e90 | a1 = v0 + str.URL;
0x00001e60 lw a0, 0x48(fp) | a0 = *(arg_48h);
0x00001e64 lw v0, -0x7f08(gp) | v0 = sym.imp.memcmp;
0x00001e68 move t9, v0 | t9 = v0;
0x00001e6c jalr t9 | t9 ();
0x00001e70 nop |
0x00001e74 lw gp, 0x18(fp) | gp = *(var_18h_2);
| if (v0 == 0) {
0x00001e78 bnez v0, 0x1ed4 |
0x00001e7c nop |
0x00001e80 lw v0, 0x48(fp) | v0 = *(arg_48h);
0x00001e84 addiu v0, v0, 4 | v0 += 4;
0x00001e88 sw v0, 0x28(fp) | *(arg_28h) = v0;
0x00001e8c lw v0, 0x28(fp) | v0 = *(arg_28h);
0x00001e90 lb v1, (v0) | v1 = *(v0);
0x00001e94 addiu v0, zero, 0x27 | v0 = 0x27;
| if (v1 != v0) {
0x00001e98 bne v1, v0, 0x1ed4 | goto label_4;
| }
0x00001e9c nop |
0x00001ea0 lw v0, 0x28(fp) | v0 = *(arg_28h);
0x00001ea4 addiu v0, v0, 1 | v0++;
0x00001ea8 sw v0, 0x28(fp) | *(arg_28h) = v0;
0x00001eac lw v0, 0x50(fp) | v0 = *(arg_50h);
0x00001eb0 addiu v0, v0, -1 | v0 += -1;
0x00001eb4 sw v0, 0x50(fp) | *(arg_50h) = v0;
0x00001eb8 lw v0, 0x50(fp) | v0 = *(arg_50h);
0x00001ebc lb v1, (v0) | v1 = *(v0);
0x00001ec0 addiu v0, zero, 0x27 | v0 = 0x27;
| if (v1 != v0) {
0x00001ec4 bne v1, v0, 0x1ed4 | goto label_4;
| }
0x00001ec8 nop |
0x00001ecc lw v0, 0x50(fp) | v0 = *(arg_50h);
0x00001ed0 sb zero, (v0) | *(v0) = 0;
| }
| label_4:
0x00001ed4 addiu a2, zero, 8 | a2 = 8;
0x00001ed8 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00001edc addiu a1, v0, 0x3e98 | a1 = v0 + str.VALIDTO;
0x00001ee0 lw a0, 0x48(fp) | a0 = *(arg_48h);
0x00001ee4 lw v0, -0x7f08(gp) | v0 = sym.imp.memcmp;
0x00001ee8 move t9, v0 | t9 = v0;
0x00001eec jalr t9 | t9 ();
0x00001ef0 nop |
0x00001ef4 lw gp, 0x18(fp) | gp = *(var_18h_2);
| if (v0 == 0) {
0x00001ef8 bnez v0, 0x1f24 |
0x00001efc nop |
0x00001f00 lw v0, 0x48(fp) | v0 = *(arg_48h);
0x00001f04 addiu v0, v0, 8 | v0 += 8;
0x00001f08 move a0, v0 | a0 = v0;
0x00001f0c lw v0, -0x7f48(gp) | v0 = sym.imp.atol;
0x00001f10 move t9, v0 | t9 = v0;
0x00001f14 jalr t9 | t9 ();
0x00001f18 nop |
0x00001f1c lw gp, 0x18(fp) | gp = *(var_18h_2);
0x00001f20 sw v0, 0x34(fp) | *(arg_34h) = v0;
| }
0x00001f24 addiu a2, zero, 0xa | a2 = 0xa;
0x00001f28 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00001f2c addiu a1, v0, 0x3ea4 | a1 = v0 + str.VALIDTIME;
0x00001f30 lw a0, 0x48(fp) | a0 = *(arg_48h);
0x00001f34 lw v0, -0x7f08(gp) | v0 = sym.imp.memcmp;
0x00001f38 move t9, v0 | t9 = v0;
0x00001f3c jalr t9 | t9 ();
0x00001f40 nop |
0x00001f44 lw gp, 0x18(fp) | gp = *(var_18h_2);
| if (v0 == 0) {
0x00001f48 bnez v0, 0x1f74 |
0x00001f4c nop |
0x00001f50 lw v0, 0x48(fp) | v0 = *(arg_48h);
0x00001f54 addiu v0, v0, 0xa | v0 += 0xa;
0x00001f58 move a0, v0 | a0 = v0;
0x00001f5c lw v0, -0x7f48(gp) | v0 = sym.imp.atol;
0x00001f60 move t9, v0 | t9 = v0;
0x00001f64 jalr t9 | t9 ();
0x00001f68 nop |
0x00001f6c lw gp, 0x18(fp) | gp = *(var_18h_2);
0x00001f70 sw v0, 0x38(fp) | *(arg_38h) = v0;
| }
0x00001f74 addiu a2, zero, 8 | a2 = 8;
0x00001f78 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00001f7c addiu a1, v0, 0x3eb0 | a1 = v0 + str.REFRESH;
0x00001f80 lw a0, 0x48(fp) | a0 = *(arg_48h);
0x00001f84 lw v0, -0x7f08(gp) | v0 = sym.imp.memcmp;
0x00001f88 move t9, v0 | t9 = v0;
0x00001f8c jalr t9 | t9 ();
0x00001f90 nop |
0x00001f94 lw gp, 0x18(fp) | gp = *(var_18h_2);
| if (v0 == 0) {
0x00001f98 bnez v0, 0x1fc4 |
0x00001f9c nop |
0x00001fa0 lw v0, 0x48(fp) | v0 = *(arg_48h);
0x00001fa4 addiu v0, v0, 8 | v0 += 8;
0x00001fa8 move a0, v0 | a0 = v0;
0x00001fac lw v0, -0x7f48(gp) | v0 = sym.imp.atol;
0x00001fb0 move t9, v0 | t9 = v0;
0x00001fb4 jalr t9 | t9 ();
0x00001fb8 nop |
0x00001fbc lw gp, 0x18(fp) | gp = *(var_18h_2);
0x00001fc0 sw v0, 0x3c(fp) | *(arg_3ch) = v0;
| }
0x00001fc4 addiu a2, zero, 9 | a2 = 9;
0x00001fc8 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00001fcc addiu a1, v0, 0x3ebc | a1 = v0 + str.DURATION;
0x00001fd0 lw a0, 0x48(fp) | a0 = *(arg_48h);
0x00001fd4 lw v0, -0x7f08(gp) | v0 = sym.imp.memcmp;
0x00001fd8 move t9, v0 | t9 = v0;
0x00001fdc jalr t9 | t9 ();
0x00001fe0 nop |
0x00001fe4 lw gp, 0x18(fp) | gp = *(var_18h_2);
| if (v0 == 0) {
0x00001fe8 bnez v0, 0x2054 |
0x00001fec nop |
0x00001ff0 lw v0, 0x48(fp) | v0 = *(arg_48h);
0x00001ff4 addiu v0, v0, 9 | v0 += 9;
0x00001ff8 move a0, v0 | a0 = v0;
0x00001ffc lw v0, -0x7f48(gp) | v0 = sym.imp.atol;
0x00002000 move t9, v0 | t9 = v0;
0x00002004 jalr t9 | t9 ();
0x00002008 nop |
0x0000200c lw gp, 0x18(fp) | gp = *(var_18h_2);
0x00002010 sw v0, 0x40(fp) | *(arg_40h) = v0;
0x00002014 lw v0, 0x40(fp) | v0 = *(arg_40h);
| if (v0 == 0) {
0x00002018 beqz v0, 0x2054 | goto label_5;
| }
0x0000201c nop |
0x00002020 lw a1, -0x7fb0(gp) | a1 = sym.alarm_handler;
0x00002024 addiu a0, zero, 0xe | a0 = 0xe;
0x00002028 lw v0, -0x7f04(gp) | v0 = sym.imp.signal;
0x0000202c move t9, v0 | t9 = v0;
0x00002030 jalr t9 | t9 ();
0x00002034 nop |
0x00002038 lw gp, 0x18(fp) | gp = *(var_18h_2);
0x0000203c lw a0, 0x40(fp) | a0 = *(arg_40h);
0x00002040 lw v0, -0x7f0c(gp) | v0 = sym.imp.alarm;
0x00002044 move t9, v0 | t9 = v0;
0x00002048 jalr t9 | t9 ();
0x0000204c nop |
0x00002050 lw gp, 0x18(fp) | gp = *(var_18h_2);
| }
| label_5:
0x00002054 addiu a2, zero, 0xb | a2 = 0xb;
0x00002058 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x0000205c addiu a1, v0, 0x3ec8 | a1 = v0 + str.PARAMETERS;
0x00002060 lw a0, 0x48(fp) | a0 = *(arg_48h);
0x00002064 lw v0, -0x7f08(gp) | v0 = sym.imp.memcmp;
0x00002068 move t9, v0 | t9 = v0;
0x0000206c jalr t9 | t9 ();
0x00002070 nop |
0x00002074 lw gp, 0x18(fp) | gp = *(var_18h_2);
| if (v0 == 0) {
0x00002078 bnez v0, 0x20d4 |
0x0000207c nop |
0x00002080 lw v0, 0x48(fp) | v0 = *(arg_48h);
0x00002084 addiu v0, v0, 0xb | v0 += 0xb;
0x00002088 sw v0, 0x44(fp) | *(arg_44h) = v0;
0x0000208c lw v0, 0x44(fp) | v0 = *(arg_44h);
0x00002090 lb v1, (v0) | v1 = *(v0);
0x00002094 addiu v0, zero, 0x27 | v0 = 0x27;
| if (v1 != v0) {
0x00002098 bne v1, v0, 0x20d4 | goto label_6;
| }
0x0000209c nop |
0x000020a0 lw v0, 0x44(fp) | v0 = *(arg_44h);
0x000020a4 addiu v0, v0, 1 | v0++;
0x000020a8 sw v0, 0x44(fp) | *(arg_44h) = v0;
0x000020ac lw v0, 0x50(fp) | v0 = *(arg_50h);
0x000020b0 addiu v0, v0, -1 | v0 += -1;
0x000020b4 sw v0, 0x50(fp) | *(arg_50h) = v0;
0x000020b8 lw v0, 0x50(fp) | v0 = *(arg_50h);
0x000020bc lb v1, (v0) | v1 = *(v0);
0x000020c0 addiu v0, zero, 0x27 | v0 = 0x27;
| if (v1 != v0) {
0x000020c4 bne v1, v0, 0x20d4 | goto label_6;
| }
0x000020c8 nop |
0x000020cc lw v0, 0x50(fp) | v0 = *(arg_50h);
0x000020d0 sb zero, (v0) | *(v0) = 0;
| }
| label_6:
0x000020d4 lw v0, 0x4c(fp) | v0 = *(arg_4ch);
0x000020d8 sw v0, 0x48(fp) | *(arg_48h) = v0;
| label_3:
0x000020dc lw v0, 0x48(fp) | v0 = *(arg_48h);
0x000020e0 lb v0, (v0) | v0 = *(v0);
| if (v0 == 0) {
0x000020e4 beqz v0, 0x20f8 | goto label_7;
| }
0x000020e8 nop |
0x000020ec lw v0, 0x4c(fp) | v0 = *(arg_4ch);
0x000020f0 bnez v0, 0x1e14 |
| } while (v0 != 0);
0x000020f4 nop |
| label_7:
0x000020f8 lw v0, 0x28(fp) | v0 = *(arg_28h);
| if (v0 != 0) {
0x000020fc beqz v0, 0x2200 |
0x00002100 nop |
0x00002104 lw v0, 0x34(fp) | v0 = *(arg_34h);
| if (v0 != 0) {
0x00002108 beqz v0, 0x2174 |
0x0000210c nop |
0x00002110 addiu v0, fp, 0x70 | v0 = fp + 0x70;
0x00002114 move a0, v0 | a0 = v0;
0x00002118 lw v0, -0x7f28(gp) | v0 = sym.imp.sysinfo;
0x0000211c move t9, v0 | t9 = v0;
0x00002120 jalr t9 | t9 ();
0x00002124 nop |
0x00002128 lw gp, 0x18(fp) | gp = *(var_18h_2);
0x0000212c lw v0, 0x70(fp) | v0 = *(arg_70h);
0x00002130 move v1, v0 | v1 = v0;
0x00002134 lw v0, 0x34(fp) | v0 = *(arg_34h);
0x00002138 sltu v0, v0, v1 | v0 = (v0 < v1) ? 1 : 0;
| if (v0 == 0) {
0x0000213c beqz v0, 0x2174 | goto label_8;
| }
0x00002140 nop |
0x00002144 lw v0, 0x5c(fp) | v0 = *(arg_5ch);
0x00002148 move a0, v0 | a0 = v0;
0x0000214c lw v0, -0x7f18(gp) | v0 = sym.imp.unlink;
0x00002150 move t9, v0 | t9 = v0;
0x00002154 jalr t9 | t9 ();
0x00002158 nop |
0x0000215c lw gp, 0x18(fp) | gp = *(var_18h_2);
0x00002160 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00002164 addiu v0, v0, 0x3ed4 | v0 += str.ERROR:_Session_timed_out;
0x00002168 sw v0, 0x30(fp) | *(arg_30h) = v0;
0x0000216c b 0x2218 | goto label_9;
0x00002170 nop |
| }
| label_8:
0x00002174 lw v0, 0x3c(fp) | v0 = *(arg_3ch);
| if (v0 != 0) {
0x00002178 beqz v0, 0x21b8 |
0x0000217c nop |
0x00002180 lw v0, 0x44(fp) | v0 = *(arg_44h);
0x00002184 sw v0, 0x14(sp) | *(var_14h) = v0;
0x00002188 lw v0, 0x3c(fp) | v0 = *(arg_3ch);
0x0000218c sw v0, 0x10(sp) | *(var_10h_2) = v0;
0x00002190 lw a3, 0x40(fp) | a3 = *(arg_40h);
0x00002194 lw a2, 0x38(fp) | a2 = *(arg_38h);
0x00002198 lw a1, 0x28(fp) | a1 = *(arg_28h);
0x0000219c lw a0, 0x60(fp) | a0 = *(arg_60h);
0x000021a0 lw v0, -0x7fac(gp) | v0 = sym.write_session_file;
0x000021a4 move t9, v0 | t9 = v0;
0x000021a8 bal 0x36d0 | sym_write_session_file ();
0x000021ac nop |
0x000021b0 lw gp, 0x18(fp) | gp = *(var_18h_2);
0x000021b4 sw v0, 0x30(fp) | *(arg_30h) = v0;
| }
0x000021b8 lw v0, 0x44(fp) | v0 = *(arg_44h);
0x000021bc sw v0, 0x10(sp) | *(var_10h_2) = v0;
0x000021c0 lw a3, 0x2c(fp) | a3 = *(arg_2ch);
0x000021c4 lw a2, 0x34(fp) | a2 = *(arg_34h);
0x000021c8 lw a1, 0x28(fp) | a1 = *(arg_28h);
0x000021cc lw a0, 0x60(fp) | a0 = *(arg_60h);
0x000021d0 lw v0, -0x7fa8(gp) | v0 = sym.handle_session;
0x000021d4 move t9, v0 | t9 = v0;
0x000021d8 bal 0x1408 | sym_handle_session ();
0x000021dc nop |
0x000021e0 lw gp, 0x18(fp) | gp = *(var_18h_2);
0x000021e4 sw v0, 0x30(fp) | *(arg_30h) = v0;
0x000021e8 lw v0, 0x30(fp) | v0 = *(arg_30h);
| if (v0 != 0) {
0x000021ec bnez v0, 0x2218 | goto label_9;
| }
0x000021f0 nop |
0x000021f4 move v0, zero | v0 = 0;
0x000021f8 b 0x223c | goto label_10;
0x000021fc nop |
| }
0x00002200 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00002204 addiu v0, v0, 0x3ef0 | v0 += str.ERROR:_Bad_session;
0x00002208 sw v0, 0x30(fp) | *(arg_30h) = v0;
0x0000220c b 0x2218 | goto label_9;
0x00002210 nop |
| label_1:
0x00002214 nop |
| label_9:
0x00002218 lw a1, 0x30(fp) | a1 = *(arg_30h);
0x0000221c lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00002220 addiu a0, v0, 0x3f04 | a0 = v0 + str.Content_Type:_text_plain_r_n_r_n_s_r_n;
0x00002224 lw v0, -0x7ef4(gp) | v0 = sym.imp.printf;
0x00002228 move t9, v0 | t9 = v0;
0x0000222c jalr t9 | t9 ();
0x00002230 nop |
0x00002234 lw gp, 0x18(fp) | gp = *(var_18h_2);
0x00002238 addiu v0, zero, 1 | v0 = 1;
| label_10:
0x0000223c lw sp, 0x20(fp) |
0x00002240 lw v1, -0x7f00(gp) | v1 = *((gp - 8128));
0x00002244 lw a0, 0x2b4(fp) | a0 = *(arg_2b4h);
0x00002248 lw v1, (v1) | v1 = *(v1);
| if (a0 != v1) {
0x0000224c beq a0, v1, 0x2264 |
0x00002250 nop |
0x00002254 lw v0, -0x7f10(gp) | v0 = sym.imp.__stack_chk_fail;
0x00002258 move t9, v0 | t9 = v0;
0x0000225c jalr t9 | t9 ();
0x00002260 nop |
| }
0x00002264 move sp, fp |
0x00002268 lw ra, 0x2dc(sp) | ra = *(var_2dch);
0x0000226c lw fp, 0x2d8(sp) | fp = *(var_2d8h);
0x00002270 lw s7, 0x2d4(sp) | s7 = *(var_2d4h);
0x00002274 lw s6, 0x2d0(sp) | s6 = *(var_2d0h);
0x00002278 lw s5, 0x2cc(sp) | s5 = *(var_2cch);
0x0000227c lw s4, 0x2c8(sp) | s4 = *(var_2c8h);
0x00002280 lw s3, 0x2c4(sp) | s3 = *(var_2c4h);
0x00002284 lw s2, 0x2c0(sp) | s2 = *(var_2c0h);
0x00002288 lw s1, 0x2bc(sp) | s1 = *(var_2bch);
0x0000228c lw s0, 0x2b8(sp) | s0 = *(var_2b8h);
0x00002290 addiu sp, sp, 0x2e0 |
0x00002294 jr ra | return v0;
0x00002298 nop |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/html/axis-cgi/session.cgi @ 0x3264 */
| #include <stdint.h>
|
; (fcn) sym.url_write_request () | void url_write_request () {
0x00003264 lui gp, 2 |
0x00003268 addiu gp, gp, -0x6254 |
0x0000326c addu gp, gp, t9 | gp += t9;
0x00003270 addiu sp, sp, -0x90 |
0x00003274 sw ra, 0x8c(sp) | *(var_8ch) = ra;
0x00003278 sw fp, 0x88(sp) | *(var_88h) = fp;
0x0000327c move fp, sp | fp = sp;
0x00003280 sw gp, 0x20(sp) | *(var_20h) = gp;
0x00003284 sw a0, 0x34(fp) | *(arg_34h) = a0;
0x00003288 sw a1, 0x94(fp) | *(arg_94h) = a1;
0x0000328c sw a2, 0x30(fp) | *(arg_30h) = a2;
0x00003290 sw a3, 0x2c(fp) | *(arg_2ch) = a3;
0x00003294 lw v0, -0x7f00(gp) | v0 = *((gp - 8128));
0x00003298 lw v0, (v0) | v0 = *(v0);
0x0000329c sw v0, 0x84(fp) | *(arg_84h) = v0;
0x000032a0 sw zero, 0x3c(fp) | *(arg_3ch) = 0;
0x000032a4 lw v0, 0x2c(fp) | v0 = *(arg_2ch);
| if (v0 == 0) {
0x000032a8 bnez v0, 0x32d8 |
0x000032ac nop |
0x000032b0 lw v0, 0x30(fp) | v0 = *(arg_30h);
0x000032b4 lw v1, 0xc(v0) | v1 = *((v0 + 3));
0x000032b8 addiu v0, zero, 1 | v0 = 1;
| if (v1 == v0) {
0x000032bc beq v1, v0, 0x32d8 | goto label_0;
| }
0x000032c0 nop |
0x000032c4 lw v0, 0x30(fp) | v0 = *(arg_30h);
0x000032c8 lw v1, 0xc(v0) | v1 = *((v0 + 3));
0x000032cc addiu v0, zero, 2 | v0 = 2;
| if (v1 != v0) {
0x000032d0 bne v1, v0, 0x32e4 | goto label_1;
| }
0x000032d4 nop |
| }
| label_0:
0x000032d8 addiu v0, zero, 1 | v0 = 1;
0x000032dc b 0x32e8 | goto label_2;
0x000032e0 nop |
| label_1:
0x000032e4 move v0, zero | v0 = 0;
| label_2:
0x000032e8 sw v0, 0x40(fp) | *(arg_40h) = v0;
0x000032ec lw v0, 0x34(fp) | v0 = *(arg_34h);
0x000032f0 sw v0, 0x38(fp) | *(arg_38h) = v0;
0x000032f4 lw v0, 0x2c(fp) | v0 = *(arg_2ch);
| if (v0 != 0) {
0x000032f8 beqz v0, 0x3378 |
0x000032fc nop |
0x00003300 lw v0, 0x30(fp) | v0 = *(arg_30h);
0x00003304 lw a1, 4(v0) | a1 = *((v0 + 1));
0x00003308 lw v0, 0x30(fp) | v0 = *(arg_30h);
0x0000330c lw a2, 8(v0) | a2 = *((v0 + 2));
0x00003310 lw v0, 0x30(fp) | v0 = *(arg_30h);
0x00003314 lw v0, 0x14(v0) | v0 = *((v0 + 5));
0x00003318 lw v1, 0x30(fp) | v1 = *(arg_30h);
0x0000331c lw v1, 0x18(v1) | v1 = *((v1 + 6));
0x00003320 lw a0, 0x30(fp) | a0 = *(arg_30h);
0x00003324 lw a0, 0x1c(a0) | a0 = *((a0 + 7));
0x00003328 sw a0, 0x18(sp) | *(var_18h) = a0;
0x0000332c sw v1, 0x14(sp) | *(var_14h) = v1;
0x00003330 sw v0, 0x10(sp) | *(var_10h) = v0;
0x00003334 move a3, a2 | a3 = a2;
0x00003338 move a2, a1 | a2 = a1;
0x0000333c lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00003340 addiu a1, v0, 0x3ff8 | a1 = v0 + str._s__s:___s:_i__s_HTTP_1.0_r_n;
0x00003344 lw a0, 0x38(fp) | a0 = *(arg_38h);
0x00003348 lw v0, -0x7f64(gp) | v0 = sym.imp.sprintf
0x0000334c move t9, v0 | t9 = v0;
0x00003350 jalr t9 | t9 ();
0x00003354 nop |
0x00003358 lw gp, 0x20(fp) | gp = *(arg_20h);
0x0000335c sw v0, 0x3c(fp) | *(arg_3ch) = v0;
0x00003360 lw v0, 0x3c(fp) | v0 = *(arg_3ch);
0x00003364 lw v1, 0x38(fp) | v1 = *(arg_38h);
0x00003368 addu v0, v1, v0 | v0 = v1 + v0;
0x0000336c sw v0, 0x38(fp) | *(arg_38h) = v0;
0x00003370 b 0x33d0 | goto label_3;
0x00003374 nop |
| }
0x00003378 lw v0, 0x40(fp) | v0 = *(arg_40h);
| if (v0 != 0) {
0x0000337c beqz v0, 0x33d0 |
0x00003380 nop |
0x00003384 lw v0, 0x30(fp) | v0 = *(arg_30h);
0x00003388 lw v1, 4(v0) | v1 = *((v0 + 1));
0x0000338c lw v0, 0x30(fp) | v0 = *(arg_30h);
0x00003390 lw v0, 0x1c(v0) | v0 = *((v0 + 7));
0x00003394 move a3, v0 | a3 = v0;
0x00003398 move a2, v1 | a2 = v1;
0x0000339c lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x000033a0 addiu a1, v0, 0x4014 | a1 = v0 + str._s___s_HTTP_1.0_r_n;
0x000033a4 lw a0, 0x38(fp) | a0 = *(arg_38h);
0x000033a8 lw v0, -0x7f64(gp) | v0 = sym.imp.sprintf
0x000033ac move t9, v0 | t9 = v0;
0x000033b0 jalr t9 | t9 ();
0x000033b4 nop |
0x000033b8 lw gp, 0x20(fp) | gp = *(arg_20h);
0x000033bc sw v0, 0x3c(fp) | *(arg_3ch) = v0;
0x000033c0 lw v0, 0x3c(fp) | v0 = *(arg_3ch);
0x000033c4 lw v1, 0x38(fp) | v1 = *(arg_38h);
0x000033c8 addu v0, v1, v0 | v0 = v1 + v0;
0x000033cc sw v0, 0x38(fp) | *(arg_38h) = v0;
| }
| label_3:
0x000033d0 lw v0, 0x40(fp) | v0 = *(arg_40h);
| if (v0 != 0) {
0x000033d4 beqz v0, 0x341c |
0x000033d8 nop |
0x000033dc lw v0, 0x30(fp) | v0 = *(arg_30h);
0x000033e0 lw v0, 0x14(v0) | v0 = *((v0 + 5));
0x000033e4 move a2, v0 | a2 = v0;
0x000033e8 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x000033ec addiu a1, v0, 0x4028 | a1 = v0 + str.Connection:_Keep_Alive_r_nPragma:_no_cache_r_nCache_Control:_no_cache__no_store_r_nHost:__s_r_nUser_Agent:_session.cgi_r_n;
0x000033f0 lw a0, 0x38(fp) | a0 = *(arg_38h);
0x000033f4 lw v0, -0x7f64(gp) | v0 = sym.imp.sprintf
0x000033f8 move t9, v0 | t9 = v0;
0x000033fc jalr t9 | t9 ();
0x00003400 nop |
0x00003404 lw gp, 0x20(fp) | gp = *(arg_20h);
0x00003408 sw v0, 0x3c(fp) | *(arg_3ch) = v0;
0x0000340c lw v0, 0x3c(fp) | v0 = *(arg_3ch);
0x00003410 lw v1, 0x38(fp) | v1 = *(arg_38h);
0x00003414 addu v0, v1, v0 | v0 = v1 + v0;
0x00003418 sw v0, 0x38(fp) | *(arg_38h) = v0;
| }
0x0000341c lw v0, 0x40(fp) | v0 = *(arg_40h);
| if (v0 != 0) {
0x00003420 beqz v0, 0x34c8 |
0x00003424 nop |
0x00003428 lw v0, 0x30(fp) | v0 = *(arg_30h);
0x0000342c lw v0, 0x10(v0) | v0 = *((v0 + 4));
| if (v0 == 0) {
0x00003430 beqz v0, 0x34c8 | goto label_4;
| }
0x00003434 nop |
0x00003438 lw v0, 0x30(fp) | v0 = *(arg_30h);
0x0000343c lw v0, 0x10(v0) | v0 = *((v0 + 4));
0x00003440 addiu v1, fp, 0x44 | v1 = fp + 0x44;
0x00003444 move a1, v1 | a1 = v1;
0x00003448 move a0, v0 | a0 = v0;
0x0000344c lw v0, -0x7fa0(gp) | v0 = sym.encode_base64;
0x00003450 move t9, v0 | t9 = v0;
0x00003454 bal 0x2ea0 | sym_encode_base64 ();
0x00003458 nop |
0x0000345c lw gp, 0x20(fp) | gp = *(arg_20h);
0x00003460 move a2, v0 | a2 = v0;
0x00003464 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00003468 addiu a1, v0, 0x409c | a1 = v0 + str.Authorization:_Basic__s_r_n;
0x0000346c lw a0, 0x38(fp) | a0 = *(arg_38h);
0x00003470 lw v0, -0x7f64(gp) | v0 = sym.imp.sprintf
0x00003474 move t9, v0 | t9 = v0;
0x00003478 jalr t9 | t9 ();
0x0000347c nop |
0x00003480 lw gp, 0x20(fp) | gp = *(arg_20h);
0x00003484 sw v0, 0x3c(fp) | *(arg_3ch) = v0;
0x00003488 lw v0, 0x30(fp) | v0 = *(arg_30h);
0x0000348c lw v0, 0x10(v0) | v0 = *((v0 + 4));
0x00003490 addiu v1, fp, 0x44 | v1 = fp + 0x44;
0x00003494 move a2, v0 | a2 = v0;
0x00003498 move a1, v1 | a1 = v1;
0x0000349c lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x000034a0 addiu a0, v0, 0x40b8 | a0 = v0 + str.Authorization:_Basic__s___s__n;
0x000034a4 lw v0, -0x7ef4(gp) | v0 = sym.imp.printf;
0x000034a8 move t9, v0 | t9 = v0;
0x000034ac jalr t9 | t9 ();
0x000034b0 nop |
0x000034b4 lw gp, 0x20(fp) | gp = *(arg_20h);
0x000034b8 lw v0, 0x3c(fp) | v0 = *(arg_3ch);
0x000034bc lw v1, 0x38(fp) | v1 = *(arg_38h);
0x000034c0 addu v0, v1, v0 | v0 = v1 + v0;
0x000034c4 sw v0, 0x38(fp) | *(arg_38h) = v0;
| }
| label_4:
0x000034c8 lw v0, 0x2c(fp) | v0 = *(arg_2ch);
| if (v0 != 0) {
0x000034cc beqz v0, 0x3544 |
0x000034d0 nop |
0x000034d4 lw v0, 0x2c(fp) | v0 = *(arg_2ch);
0x000034d8 lw v0, 0x10(v0) | v0 = *((v0 + 4));
| if (v0 == 0) {
0x000034dc beqz v0, 0x3544 | goto label_5;
| }
0x000034e0 nop |
0x000034e4 lw v0, 0x2c(fp) | v0 = *(arg_2ch);
0x000034e8 lw v0, 0x10(v0) | v0 = *((v0 + 4));
0x000034ec addiu v1, fp, 0x44 | v1 = fp + 0x44;
0x000034f0 move a1, v1 | a1 = v1;
0x000034f4 move a0, v0 | a0 = v0;
0x000034f8 lw v0, -0x7fa0(gp) | v0 = sym.encode_base64;
0x000034fc move t9, v0 | t9 = v0;
0x00003500 bal 0x2ea0 | sym_encode_base64 ();
0x00003504 nop |
0x00003508 lw gp, 0x20(fp) | gp = *(arg_20h);
0x0000350c move a2, v0 | a2 = v0;
0x00003510 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00003514 addiu a1, v0, 0x40d8 | a1 = v0 + str.Proxy_Authorization:_Basic__s_r_n;
0x00003518 lw a0, 0x38(fp) | a0 = *(arg_38h);
0x0000351c lw v0, -0x7f64(gp) | v0 = sym.imp.sprintf
0x00003520 move t9, v0 | t9 = v0;
0x00003524 jalr t9 | t9 ();
0x00003528 nop |
0x0000352c lw gp, 0x20(fp) | gp = *(arg_20h);
0x00003530 sw v0, 0x3c(fp) | *(arg_3ch) = v0;
0x00003534 lw v0, 0x3c(fp) | v0 = *(arg_3ch);
0x00003538 lw v1, 0x38(fp) | v1 = *(arg_38h);
0x0000353c addu v0, v1, v0 | v0 = v1 + v0;
0x00003540 sw v0, 0x38(fp) | *(arg_38h) = v0;
| }
| label_5:
0x00003544 lw v0, 0x40(fp) | v0 = *(arg_40h);
| if (v0 != 0) {
0x00003548 beqz v0, 0x3584 |
0x0000354c nop |
0x00003550 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00003554 addiu a1, v0, 0x40f8 | a1 = v0 + 0x40f8;
0x00003558 lw a0, 0x38(fp) | a0 = *(arg_38h);
0x0000355c lw v0, -0x7f64(gp) | v0 = sym.imp.sprintf
0x00003560 move t9, v0 | t9 = v0;
0x00003564 jalr t9 | t9 ();
0x00003568 nop |
0x0000356c lw gp, 0x20(fp) | gp = *(arg_20h);
0x00003570 sw v0, 0x3c(fp) | *(arg_3ch) = v0;
0x00003574 lw v0, 0x3c(fp) | v0 = *(arg_3ch);
0x00003578 lw v1, 0x38(fp) | v1 = *(arg_38h);
0x0000357c addu v0, v1, v0 | v0 = v1 + v0;
0x00003580 sw v0, 0x38(fp) | *(arg_38h) = v0;
| }
0x00003584 lw v1, 0x38(fp) | v1 = *(arg_38h);
0x00003588 lw v0, 0x34(fp) | v0 = *(arg_34h);
0x0000358c subu v0, v1, v0 | __asm ("subu v0, v1, v0");
0x00003590 lw v1, -0x7f00(gp) | v1 = *((gp - 8128));
0x00003594 lw a0, 0x84(fp) | a0 = *(arg_84h);
0x00003598 lw v1, (v1) | v1 = *(v1);
| if (a0 != v1) {
0x0000359c beq a0, v1, 0x35b4 |
0x000035a0 nop |
0x000035a4 lw v0, -0x7f10(gp) | v0 = sym.imp.__stack_chk_fail;
0x000035a8 move t9, v0 | t9 = v0;
0x000035ac jalr t9 | t9 ();
0x000035b0 nop |
| }
0x000035b4 move sp, fp |
0x000035b8 lw ra, 0x8c(sp) | ra = *(var_8ch);
0x000035bc lw fp, 0x88(sp) | fp = *(var_88h);
0x000035c0 addiu sp, sp, 0x90 |
0x000035c4 jr ra | return v0;
0x000035c8 nop |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/4325012-58052244.squashfs_v4_le_extract/usr/html/axis-cgi/session.cgi @ 0x36d0 */
| #include <stdint.h>
|
; (fcn) sym.write_session_file () | void write_session_file () {
0x000036d0 lui gp, 2 |
0x000036d4 addiu gp, gp, -0x66c0 |
0x000036d8 addu gp, gp, t9 | gp += t9;
0x000036dc addiu sp, sp, -0x2c8 |
0x000036e0 sw ra, 0x2c4(sp) | *(var_2c4h) = ra;
0x000036e4 sw fp, 0x2c0(sp) | *(var_2c0h) = fp;
0x000036e8 sw s7, 0x2bc(sp) | *(var_2bch) = s7;
0x000036ec sw s6, 0x2b8(sp) | *(var_2b8h) = s6;
0x000036f0 sw s5, 0x2b4(sp) | *(var_2b4h) = s5;
0x000036f4 sw s4, 0x2b0(sp) | *(var_2b0h) = s4;
0x000036f8 sw s3, 0x2ac(sp) | *(var_2ach) = s3;
0x000036fc sw s2, 0x2a8(sp) | *(var_2a8h) = s2;
0x00003700 sw s1, 0x2a4(sp) | *(var_2a4h) = s1;
0x00003704 sw s0, 0x2a0(sp) | *(var_2a0h) = s0;
0x00003708 move fp, sp | fp = sp;
0x0000370c sw gp, 0x28(sp) | *(var_28h) = gp;
0x00003710 sw a0, 0x3c(fp) | *(arg_3ch) = a0;
0x00003714 sw a1, 0x38(fp) | *(arg_38h) = a1;
0x00003718 sw a2, 0x2d0(fp) | *(arg_2d0h) = a2;
0x0000371c sw a3, 0x2d4(fp) | *(arg_2d4h) = a3;
0x00003720 lw v0, 0x2dc(fp) | v0 = *(arg_2dch);
0x00003724 sw v0, 0x34(fp) | *(arg_34h) = v0;
0x00003728 lw v0, -0x7f00(gp) | v0 = *((gp - 8128));
0x0000372c lw v0, (v0) | v0 = *(v0);
0x00003730 sw v0, 0x29c(fp) | *(arg_29ch) = v0;
0x00003734 move v0, sp | v0 = sp;
0x00003738 sw v0, 0x30(fp) | *(arg_30h) = v0;
0x0000373c lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00003740 addiu a0, v0, 0x4110 | a0 = v0 + str.SESSION_DIR;
0x00003744 lw v0, -0x7f20(gp) | v0 = sym.imp.getenv;
0x00003748 move t9, v0 | t9 = v0;
0x0000374c jalr t9 | t9 ();
0x00003750 nop |
0x00003754 lw gp, 0x28(fp) | gp = *(arg_28h);
| if (v0 != 0) {
0x00003758 beqz v0, 0x3784 |
0x0000375c nop |
0x00003760 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00003764 addiu a0, v0, 0x4110 | a0 = v0 + str.SESSION_DIR;
0x00003768 lw v0, -0x7f20(gp) | v0 = sym.imp.getenv;
0x0000376c move t9, v0 | t9 = v0;
0x00003770 jalr t9 | t9 ();
0x00003774 nop |
0x00003778 lw gp, 0x28(fp) | gp = *(arg_28h);
0x0000377c b 0x378c | goto label_0;
0x00003780 nop |
| }
0x00003784 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00003788 addiu v0, v0, 0x411c | v0 += str._var_run_session_;
| label_0:
0x0000378c move a0, v0 | a0 = v0;
0x00003790 lw v0, -0x7f3c(gp) | v0 = sym.imp.strlen;
0x00003794 move t9, v0 | t9 = v0;
0x00003798 jalr t9 | t9 ();
0x0000379c nop |
0x000037a0 lw gp, 0x28(fp) | gp = *(arg_28h);
0x000037a4 addiu v0, v0, 0x41 | v0 += 0x41;
0x000037a8 move v1, v0 | v1 = v0;
0x000037ac addiu v1, v1, -1 | v1 += -1;
0x000037b0 sw v1, 0x44(fp) | *(arg_44h) = v1;
0x000037b4 move s6, v0 | s6 = v0;
0x000037b8 move s7, zero | s7 = 0;
0x000037bc srl v1, s6, 0x1d | v1 = s6 >> 0x1d;
0x000037c0 sll s3, s7, 3 | s3 = s7 << 3;
0x000037c4 or s3, v1, s3 | s3 = v1 | s3;
0x000037c8 sll s2, s6, 3 | s2 = s6 << 3;
0x000037cc move s4, v0 | s4 = v0;
0x000037d0 move s5, zero | s5 = 0;
0x000037d4 srl v1, s4, 0x1d | v1 = s4 >> 0x1d;
0x000037d8 sll s1, s5, 3 | s1 = s5 << 3;
0x000037dc or s1, v1, s1 | s1 = v1 | s1;
0x000037e0 sll s0, s4, 3 | s0 = s4 << 3;
0x000037e4 addiu v0, v0, 7 | v0 += 7;
0x000037e8 srl v0, v0, 3 | v0 >>= 3;
0x000037ec sll v0, v0, 3 | v0 <<= 3;
0x000037f0 subu sp, sp, v0 |
0x000037f4 addiu v0, sp, 0x28 | v0 = sp + 0x28;
0x000037f8 addiu v0, v0, 0 | v0 += 0;
0x000037fc sw v0, 0x48(fp) | *(arg_48h) = v0;
0x00003800 sw zero, 0x40(fp) | *(arg_40h) = 0;
0x00003804 lw s0, 0x48(fp) | s0 = *(arg_48h);
0x00003808 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x0000380c addiu a0, v0, 0x4110 | a0 = v0 + str.SESSION_DIR;
0x00003810 lw v0, -0x7f20(gp) | v0 = sym.imp.getenv;
0x00003814 move t9, v0 | t9 = v0;
0x00003818 jalr t9 | t9 ();
0x0000381c nop |
0x00003820 lw gp, 0x28(fp) | gp = *(arg_28h);
| if (v0 != 0) {
0x00003824 beqz v0, 0x3850 |
0x00003828 nop |
0x0000382c lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00003830 addiu a0, v0, 0x4110 | a0 = v0 + str.SESSION_DIR;
0x00003834 lw v0, -0x7f20(gp) | v0 = sym.imp.getenv;
0x00003838 move t9, v0 | t9 = v0;
0x0000383c jalr t9 | t9 ();
0x00003840 nop |
0x00003844 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00003848 b 0x3858 | goto label_1;
0x0000384c nop |
| }
0x00003850 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00003854 addiu v0, v0, 0x411c | v0 += str._var_run_session_;
| label_1:
0x00003858 lw a3, 0x3c(fp) | a3 = *(arg_3ch);
0x0000385c move a2, v0 | a2 = v0;
0x00003860 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00003864 addiu a1, v0, 0x4130 | a1 = v0 + str._s_s;
0x00003868 move a0, s0 | a0 = s0;
0x0000386c lw v0, -0x7f64(gp) | v0 = sym.imp.sprintf
0x00003870 move t9, v0 | t9 = v0;
0x00003874 jalr t9 | t9 ();
0x00003878 nop |
0x0000387c lw gp, 0x28(fp) | gp = *(arg_28h);
0x00003880 lw v0, 0x48(fp) | v0 = *(arg_48h);
0x00003884 addiu a2, zero, 0x180 | a2 = aav.0x00000180;
0x00003888 addiu a1, zero, 0x301 | a1 = 0x301;
0x0000388c move a0, v0 | a0 = v0;
0x00003890 lw v0, -0x7f34(gp) | v0 = sym.imp.open;
0x00003894 move t9, v0 | t9 = v0;
0x00003898 jalr t9 | t9 ();
0x0000389c nop |
0x000038a0 lw gp, 0x28(fp) | gp = *(arg_28h);
0x000038a4 sw v0, 0x4c(fp) | *(arg_4ch) = v0;
0x000038a8 lw v1, 0x4c(fp) | v1 = *(arg_4ch);
0x000038ac addiu v0, zero, -1 | v0 = -1;
| if (v1 != v0) {
0x000038b0 beq v1, v0, 0x39bc |
0x000038b4 nop |
0x000038b8 lw v0, 0x2d0(fp) | v0 = *(arg_2d0h);
| if (v0 == 0) {
0x000038bc bnez v0, 0x38cc |
0x000038c0 nop |
0x000038c4 addiu v0, zero, 0x1e | v0 = 0x1e;
0x000038c8 sw v0, 0x2d0(fp) | *(arg_2d0h) = v0;
| }
0x000038cc addiu v0, fp, 0x58 | v0 = fp + 0x58;
0x000038d0 move a0, v0 | a0 = v0;
0x000038d4 lw v0, -0x7f28(gp) | v0 = sym.imp.sysinfo;
0x000038d8 move t9, v0 | t9 = v0;
0x000038dc jalr t9 | t9 ();
0x000038e0 nop |
0x000038e4 lw gp, 0x28(fp) | gp = *(arg_28h);
0x000038e8 lw v0, 0x58(fp) | v0 = *(arg_58h);
0x000038ec move v1, v0 | v1 = v0;
0x000038f0 lw v0, 0x2d0(fp) | v0 = *(arg_2d0h);
0x000038f4 addu v0, v0, v1 | v0 += v1;
0x000038f8 sw v0, 0x50(fp) | *(arg_50h) = v0;
0x000038fc lw v0, 0x58(fp) | v0 = *(arg_58h);
0x00003900 addiu a0, fp, 0x98 | a0 = fp + 0x98;
0x00003904 lw v1, 0x34(fp) | v1 = *(arg_34h);
0x00003908 sw v1, 0x24(sp) | *(var_24h) = v1;
0x0000390c lw v1, 0x2d8(fp) | v1 = *(arg_2d8h);
0x00003910 sw v1, 0x20(sp) | *(var_20h) = v1;
0x00003914 lw v1, 0x2d4(fp) | v1 = *(arg_2d4h);
0x00003918 sw v1, 0x1c(sp) | *(var_1ch) = v1;
0x0000391c lw v1, 0x50(fp) | v1 = *(arg_50h);
0x00003920 sw v1, 0x18(sp) | *(var_18h) = v1;
0x00003924 lw v1, 0x2d0(fp) | v1 = *(arg_2d0h);
0x00003928 sw v1, 0x14(sp) | *(var_14h) = v1;
0x0000392c sw v0, 0x10(sp) | *(var_10h) = v0;
0x00003930 lw a3, 0x38(fp) | a3 = *(arg_38h);
0x00003934 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00003938 addiu a2, v0, 0x4138 | a2 = v0 + str.URL_s_nCREATED_lu_nVALIDTIME_lu_nVALIDTO_lu_nDURATION_lu_nREFRESH_lu_nPARAMETERS_s_n;
0x0000393c addiu a1, zero, 0x200 | a1 = 0x200;
0x00003940 lw v0, -0x7f50(gp) | v0 = sym.imp.snprintf;
0x00003944 move t9, v0 | t9 = v0;
0x00003948 jalr t9 | t9 ();
0x0000394c nop |
0x00003950 lw gp, 0x28(fp) | gp = *(arg_28h);
0x00003954 sw v0, 0x54(fp) | *(arg_54h) = v0;
0x00003958 lw v0, 0x54(fp) | v0 = *(arg_54h);
0x0000395c addiu v1, fp, 0x98 | v1 = fp + 0x98;
0x00003960 move a2, v0 | a2 = v0;
0x00003964 move a1, v1 | a1 = v1;
0x00003968 lw a0, 0x4c(fp) | a0 = *(arg_4ch);
0x0000396c lw v0, -0x7f44(gp) | v0 = sym.imp.write;
0x00003970 move t9, v0 | t9 = v0;
0x00003974 jalr t9 | t9 ();
0x00003978 nop |
0x0000397c lw gp, 0x28(fp) | gp = *(arg_28h);
0x00003980 move v1, v0 | v1 = v0;
0x00003984 lw v0, 0x54(fp) | v0 = *(arg_54h);
| if (v0 != v1) {
0x00003988 beq v0, v1, 0x399c |
0x0000398c nop |
0x00003990 lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x00003994 addiu v0, v0, 0x4194 | v0 += str.ERROR:_Failed_to_write_sessioninfo;
0x00003998 sw v0, 0x40(fp) | *(arg_40h) = v0;
| }
0x0000399c lw a0, 0x4c(fp) | a0 = *(arg_4ch);
0x000039a0 lw v0, -0x7f80(gp) | v0 = sym.imp.close;
0x000039a4 move t9, v0 | t9 = v0;
0x000039a8 jalr t9 | t9 ();
0x000039ac nop |
0x000039b0 lw gp, 0x28(fp) | gp = *(arg_28h);
0x000039b4 b 0x39c8 | goto label_2;
0x000039b8 nop |
| }
0x000039bc lw v0, -0x7fd0(gp) | v0 = *((gp - 8180));
0x000039c0 addiu v0, v0, 0x41b8 | v0 += str.ERROR:_Failed_to_create_session;
0x000039c4 sw v0, 0x40(fp) | *(arg_40h) = v0;
| label_2:
0x000039c8 lw v0, 0x40(fp) | v0 = *(arg_40h);
0x000039cc lw sp, 0x30(fp) |
0x000039d0 lw v1, -0x7f00(gp) | v1 = *((gp - 8128));
0x000039d4 lw a0, 0x29c(fp) | a0 = *(arg_29ch);
0x000039d8 lw v1, (v1) | v1 = *(v1);
| if (a0 != v1) {
0x000039dc beq a0, v1, 0x39f4 |
0x000039e0 nop |
0x000039e4 lw v0, -0x7f10(gp) | v0 = sym.imp.__stack_chk_fail;
0x000039e8 move t9, v0 | t9 = v0;
0x000039ec jalr t9 | t9 ();
0x000039f0 nop |
| }
0x000039f4 move sp, fp |
0x000039f8 lw ra, 0x2c4(sp) | ra = *(var_2c4h);
0x000039fc lw fp, 0x2c0(sp) | fp = *(var_2c0h);
0x00003a00 lw s7, 0x2bc(sp) | s7 = *(var_2bch);
0x00003a04 lw s6, 0x2b8(sp) | s6 = *(var_2b8h);
0x00003a08 lw s5, 0x2b4(sp) | s5 = *(var_2b4h);
0x00003a0c lw s4, 0x2b0(sp) | s4 = *(var_2b0h);
0x00003a10 lw s3, 0x2ac(sp) | s3 = *(var_2ach);
0x00003a14 lw s2, 0x2a8(sp) | s2 = *(var_2a8h);
0x00003a18 lw s1, 0x2a4(sp) | s1 = *(var_2a4h);
0x00003a1c lw s0, 0x2a0(sp) | s0 = *(var_2a0h);
0x00003a20 addiu sp, sp, 0x2c8 |
0x00003a24 jr ra | return v0;
0x00003a28 nop |
| }
[*] Function sprintf used 9 times session.cgi
