[*] Binary protection state of busctl
Full RELRO Canary found NX enabled PIE enabled RPATH No RUNPATH No Symbols
[*] Function fprintf tear down of busctl
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/bin/busctl @ 0x62c4 */
| #include <stdint.h>
|
; (fcn) fcn.000062c4 () | void fcn_000062c4 (int16_t arg_90h, int16_t arg_1c8h, int16_t arg_3d0h, int16_t arg1, int16_t arg2, int16_t arg3) {
| int16_t var_0h_2;
| int16_t var_4h;
| int16_t var_ch_2;
| int16_t var_ch;
| int16_t var_13h;
| int16_t var_14h;
| int16_t var_18h;
| int16_t var_40h;
| int16_t var_24h;
| r0 = arg1;
| r1 = arg2;
| r2 = arg3;
0x000062c4 push.w {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x000062c8 mov r6, r2 | r6 = r2;
0x000062ca ldr r2, [pc, 0x238] |
0x000062cc sub sp, 0x2c |
0x000062ce mov r4, r0 | r4 = r0;
0x000062d0 mov r7, r1 | r7 = r1;
0x000062d2 ldr r3, [pc, 0x234] | r3 = *(0x650a);
0x000062d4 add.w fp, sp, 0x14 |
0x000062d8 add r2, pc | r2 = 0xc7e2;
0x000062da add.w sl, sp, 0x13 | sl += var_13h;
0x000062de mov.w sb, 0 | sb = 0;
0x000062e2 ldr r3, [r2, r3] |
0x000062e4 ldr r3, [r3] | r3 = *(0xc7e2);
0x000062e6 str r3, [sp, 0x24] | var_24h = r3;
0x000062e8 mov.w r3, 0 | r3 = 0;
0x000062ec add r3, sp, 0x18 | r3 += var_18h;
0x000062ee str r3, [sp, 0xc] | var_ch = r3;
| do {
| label_1:
0x000062f0 mov r2, fp | r2 = fp;
0x000062f2 mov r1, sl | r1 = sl;
0x000062f4 mov r0, r4 | r0 = r4;
0x000062f6 str.w sb, [sp, 0x14] | __asm ("str.w sb, [var_14h]");
0x000062fa blx 0x2c84 | r0 = sd_bus_message_peek_type ();
0x000062fe cmp r0, 0 |
| if (r0 < 0) {
0x00006300 blt 0x63a4 | goto label_4;
| }
| if (r0 == 0) {
0x00006302 beq.w 0x64d4 | goto label_6;
| }
0x00006306 ldrb.w r8, [sp, 0x13] | r8 = var_13h;
0x0000630a mov r0, r8 | r0 = r8;
0x0000630c blx 0x27bc | r0 = bus_type_is_container ();
0x00006310 mov r5, r0 | r5 = r0;
| if (r0 == 0) {
0x00006312 cbz r0, 0x6352 | goto label_7;
| }
0x00006314 ldr r2, [sp, 0x14] | r2 = var_14h;
0x00006316 mov r1, r8 | r1 = r8;
0x00006318 mov r0, r4 | r0 = r4;
0x0000631a blx 0x2b7c | r0 = sd_bus_message_enter_container ();
0x0000631e cmp r0, 0 |
| if (r0 < 0) {
0x00006320 blt 0x63a4 | goto label_4;
| }
0x00006322 ldrb.w r3, [sp, 0x13] | r3 = var_13h;
0x00006326 cmp r3, 0x61 |
| if (r3 == 0x61) {
0x00006328 beq 0x638a | goto label_8;
| }
0x0000632a cmp r3, 0x76 |
| if (r3 == 0x76) {
0x0000632c beq 0x63ca | goto label_9;
| }
| label_0:
0x0000632e mov r2, r6 | r2 = r6;
0x00006330 mov r1, r7 | r1 = r7;
0x00006332 mov r0, r4 | r0 = r4;
0x00006334 bl 0x62c4 | r0 = fcn_000062c4 (r0, r1, r2, r3, r4, r5);
0x00006338 subs r6, r0, 0 | r6 = r0 - 0;
| if (r6 < r0) {
0x0000633a blt.w 0x64d4 | goto label_6;
| }
0x0000633e mov r0, r4 | r0 = r4;
0x00006340 blx 0x2b40 | r0 = sd_bus_message_exit_container ();
0x00006344 cmp r0, 0 |
| if (r0 < 0) {
0x00006346 blt 0x63a4 | goto label_4;
| }
0x00006348 cmp r6, 0 |
0x0000634a ite le |
| if (r6 > 0) {
0x0000634c movle r6, 0 | r6 = 0;
| }
| if (r6 <= 0) {
0x0000634e movgt r6, 1 | r6 = 1;
| }
0x00006350 b 0x62f0 |
| } while (1);
| label_7:
0x00006352 ldr r2, [sp, 0xc] | r2 = var_ch;
0x00006354 mov r1, r8 | r1 = r8;
0x00006356 mov r0, r4 | r0 = r4;
0x00006358 blx 0x2eb0 | fcn_00002eb0 ();
0x0000635a stc p8, c2, [sl, 0]! | __asm ("stc p8, c2, [sl, 0]!");
| if (r6 < 0) {
0x0000635e blt 0x63a4 | goto label_4;
| }
| if (r6 != 0) {
0x00006360 cbnz r6, 0x63c0 | goto label_10;
| }
0x00006362 ldrb.w r3, [sp, 0x13] | r3 = var_13h;
0x00006366 subs r3, 0x62 | r3 -= 0x62;
0x00006368 cmp r3, 0x17 |
| if (r3 > 0x17) {
0x0000636a bhi.w 0x64de | goto label_11;
| }
| /* switch table (24 cases) at 0x6372 */
0x0000636e tbb [pc, r3] | __asm ("tbb [0x00006374]");
| label_8:
0x0000638a mov.w r8, 0 | r8 = 0;
0x0000638e b 0x6398 |
| if (r3 == 0x17) {
| while (r0 >= 0) {
0x00006390 beq.w 0x64b2 | goto label_12;
| }
0x00006394 add.w r8, r8, 1 | r8++;
0x00006398 ldr r1, [sp, 0x14] | r1 = var_14h;
0x0000639a mov r0, r4 | r0 = r4;
0x0000639c blx 0x2b70 | r0 = sd_bus_message_skip ();
0x000063a0 cmp r0, 0 |
0x000063a2 bge 0x6390 |
| }
| label_4:
0x000063a4 ldr r2, [pc, 0x164] |
0x000063a6 ldr r3, [pc, 0x160] | r3 = *(0x650a);
0x000063a8 add r2, pc | r2 = 0xc8b8;
0x000063aa ldr r3, [r2, r3] | r3 = *(0xc8b8);
0x000063ac ldr r2, [r3] | r2 = *(0xc8b8);
0x000063ae ldr r3, [sp, 0x24] | r3 = var_24h;
0x000063b0 eors r2, r3 | r2 ^= r3;
0x000063b2 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x000063b6 bne.w 0x6500 | goto label_13;
| }
0x000063ba add sp, 0x2c |
0x000063bc pop.w {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| label_10:
0x000063c0 mov r1, r7 | r1 = r7;
0x000063c2 movs r0, 0x20 | r0 = 0x20;
0x000063c4 blx 0x2da4 | fputc (r0, r1);
0x000063c6 stcl p7, c14, [lr], 0x32c | __asm ("stcl p7, c14, [lr], 0x32c");
| label_9:
0x000063ca cmp r6, 0 |
| if (r6 != 0) {
0x000063cc bne 0x64a8 | goto label_14;
| }
| label_3:
0x000063ce ldr r0, [sp, 0x14] | r0 = var_14h;
0x000063d0 mov r1, r7 | r1 = r7;
0x000063d2 mov r6, r5 | r6 = r5;
0x000063d4 blx 0x2f90 | cescape ();
0x000063d8 b 0x632e | goto label_0;
0x000063da ldr r0, [sp, 0x18] | r0 = var_18h;
0x000063dc blx 0x2f9c | r0 = loc_imp_gmon_start_ ();
0x000063e0 mov r5, r0 | r5 = r0;
0x000063e2 cmp r0, 0 |
| if (r0 == 0) {
0x000063e4 beq.w 0x64fa | goto label_15;
| }
0x000063e8 ldr r2, [pc, 0x124] |
0x000063ea mov r3, r0 | r3 = r0;
0x000063ec movs r1, 1 | r1 = 1;
0x000063ee mov r0, r7 | r0 = r7;
0x000063f0 add r2, pc | r2 = 0xc904;
0x000063f2 blx 0x29cc | fprintf_chk ()
0x000063f6 mov r0, r5 | r0 = r5;
0x000063f8 blx 0x2810 | free (r0);
| do {
| label_2:
0x000063fc movs r6, 1 | r6 = 1;
0x000063fe b 0x62f0 | goto label_1;
0x00006400 ldr r2, [pc, 0x110] |
0x00006402 movs r1, 1 | r1 = 1;
0x00006404 ldr r3, [sp, 0x18] | r3 = var_18h;
0x00006406 mov r0, r7 | r0 = r7;
0x00006408 add r2, pc | r2 = 0xc920;
0x0000640a blx 0x29cc | fprintf_chk ()
0x0000640e b 0x63fc |
| } while (1);
0x00006410 ldr r2, [pc, 0x104] |
0x00006412 movs r1, 1 | r1 = 1;
0x00006414 ldrsh.w r3, [sp, 0x18] | r3 = var_18h;
0x00006416 adds r0, 0x18 | r0 += 0x18;
0x00006418 mov r0, r7 | r0 = r7;
0x0000641a add r2, pc | r2 = 0xc936;
0x0000641c blx 0x29cc | fprintf_chk ()
0x00006420 b 0x63fc | goto label_2;
0x00006422 ldr r2, [pc, 0xf8] |
0x00006424 movs r1, 1 | r1 = 1;
0x00006426 ldrh.w r3, [sp, 0x18] | r3 = var_18h;
0x0000642a mov r0, r7 | r0 = r7;
0x0000642c add r2, pc | r2 = 0xc94e;
0x0000642e blx 0x29cc | fprintf_chk ()
0x00006432 b 0x63fc | goto label_2;
0x00006434 ldr r2, [pc, 0xe8] |
0x00006436 movs r1, 1 | r1 = 1;
0x00006438 ldrb.w r3, [sp, 0x18] | r3 = var_18h;
0x0000643c mov r0, r7 | r0 = r7;
0x0000643e add r2, pc | r2 = 0xc962;
0x00006440 blx 0x29cc | fprintf_chk ()
0x00006444 b 0x63fc | goto label_2;
0x00006446 ldr r2, [pc, 0xdc] |
0x00006448 movs r1, 1 | r1 = 1;
0x0000644a ldr r3, [sp, 0x18] | r3 = var_18h;
0x0000644c mov r0, r7 | r0 = r7;
0x0000644e add r2, pc | r2 = 0xc978;
0x00006450 blx 0x29cc | fprintf_chk ()
0x00006454 b 0x63fc | goto label_2;
0x00006456 ldr r2, [pc, 0xd0] |
0x00006458 add r2, pc | r2 = 0xc986;
| do {
0x0000645a vldr d16, [sp, 0x18] | __asm ("vldr d16, [sp, 0x18]");
0x0000645e movs r1, 1 | r1 = 1;
0x00006460 mov r0, r7 | r0 = r7;
0x00006462 vstr d16, [sp] | __asm ("vstr d16, [sp]");
0x00006466 blx 0x29cc | fprintf_chk ()
0x0000646a b 0x63fc | goto label_2;
0x0000646c ldr r2, [pc, 0xbc] |
0x0000646e add r2, pc | r2 = 0xc99e;
0x00006470 b 0x645a |
| } while (1);
0x00006472 ldr r3, [sp, 0x18] | r3 = var_18h;
| if (r3 == 0) {
0x00006474 cbz r3, 0x64d8 | goto label_16;
| }
0x00006476 ldr r0, [pc, 0xb8] |
0x00006478 add r0, pc | r0 = 0xc9ae;
| label_5:
0x0000647a mov r1, r7 | r1 = r7;
0x0000647c blx 0x2f90 | cescape ();
0x00006480 b 0x63fc | goto label_2;
0x00006482 vldr d16, [sp, 0x18] | __asm ("vldr d16, [sp, 0x18]");
0x00006486 movs r1, 1 | r1 = 1;
0x00006488 ldr r2, [pc, 0xa8] |
0x0000648a mov r0, r7 | r0 = r7;
0x0000648c vstr d16, [sp] | __asm ("vstr d16, [sp]");
0x00006490 add r2, pc | r2 = 0xc9c8;
0x00006492 blx 0x29cc | fprintf_chk ()
0x00006494 eors.w r7, ip, r1, ror 26 | r7 = ip ^ (r1 >>> 26);
0x00006498 ldr r2, [pc, 0x9c] |
0x0000649a movs r1, 1 | r1 = 1;
0x0000649c ldr r3, [sp, 0x18] | r3 = var_18h;
0x0000649e mov r0, r7 | r0 = r7;
0x000064a0 add r2, pc | r2 = 0xc9dc;
0x000064a2 blx 0x29cc | fprintf_chk ()
0x000064a6 b 0x63fc | goto label_2;
| label_14:
0x000064a8 mov r1, r7 | r1 = r7;
0x000064aa movs r0, 0x20 | r0 = 0x20;
0x000064ac blx 0x2da4 | fputc (r0, r1);
0x000064b0 b 0x63ce | goto label_3;
| label_12:
0x000064b2 mov r1, r0 | r1 = r0;
0x000064b4 mov r0, r4 | r0 = r4;
0x000064b6 blx 0x2c48 | r0 = sd_bus_message_rewind ();
0x000064ba cmp r0, 0 |
| if (r0 < 0) {
0x000064bc blt.w 0x63a4 | goto label_4;
| }
0x000064be add r7, sp, 0x1c8 | r7 = sp + 0x1c8;
0x000064c0 cbnz r6, 0x64f0 |
| while (1) {
0x000064c2 ldr r2, [pc, 0x78] |
0x000064c4 mov r3, r8 | r3 = r8;
0x000064c6 movs r1, 1 | r1 = 1;
0x000064c8 mov r0, r7 | r0 = r7;
0x000064ca mov r6, r5 | r6 = r5;
0x000064cc add r2, pc | r2 = 0xca0e;
0x000064ce blx 0x29cc | fprintf_chk ()
0x000064d2 b 0x632e | goto label_0;
| label_6:
0x000064d4 mov r0, r6 | r0 = r6;
0x000064d6 b 0x63a4 | goto label_4;
| label_16:
0x000064d8 ldr r0, [pc, 0x64] |
0x000064da add r0, pc | r0 = 0xca1e;
0x000064dc b 0x647a | goto label_5;
| label_11:
0x000064de ldr r0, [pc, 0x64] |
0x000064e0 mov.w r1, 0x2c8 | r1 = 0x2c8;
0x000064e4 ldr r2, [pc, 0x60] |
0x000064e6 add r0, pc | r0 = 0xca30;
0x000064e8 add r2, pc | r2 = 0xca34;
0x000064ea adds r0, 7 | r0 += 7;
0x000064ec blx 0x2f44 | fcn_00002f44 ();
0x000064f0 mov r1, r7 | r1 = r7;
0x000064f2 movs r0, 0x20 | r0 = 0x20;
0x000064f4 blx 0x2da4 | fputc (r0, r1);
0x000064f8 b 0x64c2 |
| }
| label_15:
0x000064fa mvn r0, 0xb | r0 = ~0xb;
0x000064fe b 0x63a4 | goto label_4;
| label_13:
0x00006500 blx 0x2be8 | stack_chk_fail ();
0x00006504 ldr r1, [sp, 0x3d0] | r1 = *(arg_3d0h);
0x00006506 movs r0, r0 |
0x00006508 lsls r0, r7, 0xb | r0 = r7 << 0xb;
0x0000650a movs r0, r0 |
0x0000650c ldr r1, [sp, 0x90] | r1 = *(arg_90h);
0x0000650e movs r0, r0 |
0x00006510 ldr r4, [r1, 0x28] | r4 = *((r1 + 0x28));
0x00006512 movs r0, r0 |
0x00006514 ldr r4, [r3, 0x24] | r4 = *((r3 + 0x24));
0x00006516 movs r0, r0 |
0x00006518 ldr r2, [r1, 0x24] | r2 = *((r1 + 0x24));
0x0000651a movs r0, r0 |
0x0000651c ldr r4, [r6, 0x20] | r4 = *((r6 + 0x20));
0x0000651e movs r0, r0 |
0x00006520 ldr r2, [r4, 0x20] | r2 = *((r4 + 0x20));
0x00006522 movs r0, r0 |
0x00006524 lsls r0, r1, 5 | r0 = r1 << 5;
0x00006526 movs r0, r0 |
0x00006528 ldr r0, [r2, 0x20] | r0 = *((r2 + 0x20));
0x0000652a movs r0, r0 |
0x0000652c ldr r2, [r0, 0x20] | r2 = *((r0 + 0x20));
0x0000652e movs r0, r0 |
0x00006530 strb r4, [r4, r3] | *((r4 + r3)) = r4;
0x00006532 movs r0, r0 |
0x00006534 ldr r0, [r5, 0x1c] | r0 = *((r5 + 0x1c));
0x00006536 movs r0, r0 |
0x00006538 ldr r4, [r0, 0x1c] | r4 = *((r0 + 0x1c));
0x0000653a movs r0, r0 |
0x0000653c ldr r4, [r2, 0x18] | r4 = *((r2 + 0x18));
0x0000653e movs r0, r0 |
0x00006540 strb r6, [r6, r3] | *((r6 + r3)) = r6;
0x00006542 movs r0, r0 |
0x00006544 ldrb r6, [r4, r0] | r6 = *((r4 + r0));
0x00006546 movs r0, r0 |
0x00006548 ldrb r0, [r6, 4] | r0 = *((r6 + 4));
0x0000654a movs r0, r0 |
0x0000654c ldr.w ip, [pc, 0xb0] |
0x00006550 movs r2, 1 | r2 = 1;
0x00006552 push {r4, r5, lr} |
0x00006554 movs r3, 0 | r3 = 0;
0x00006556 ldr r4, [pc, 0xac] | r4 = *(0x6606);
0x00006558 sub sp, 0x14 |
0x0000655a add ip, pc | ip = 0xcb5e;
0x0000655c ldr.w r4, [ip, r4] |
0x00006560 ldr r4, [r4] | r4 = *(0xcb5e);
0x00006562 str r4, [sp, 0xc] | var_ch_2 = r4;
0x00006564 mov.w r4, 0 | r4 = 0;
0x00006566 lsls r0, r0, 0x10 | r0 <<= 0x10;
0x00006568 strd r2, r3, [sp] | __asm ("strd r2, r3, [sp]");
0x0000656a movs r3, 0 | r3 = 0;
0x0000656c cmp r0, 0 |
| if (r0 != 0) {
0x0000656e beq 0x65d0 |
0x00006570 mov r4, r0 | r4 = r0;
0x00006572 ldr r0, [r0] | r0 = *(r0);
0x00006574 cmp r0, 0 |
| if (r0 == 0) {
0x00006576 beq 0x65e6 | goto label_17;
| }
0x00006578 mov r5, r1 | r5 = r1;
0x0000657a blx 0x2a8c | string_hash_func ();
0x0000657e ldrd r3, r1, [r4, 4] | __asm ("ldrd r3, r1, [r4, 4]");
0x00006582 mov r0, sp | r0 = sp;
0x00006584 ldr r2, [sp] | r2 = *(sp);
0x00006586 subs r3, 0 |
0x00006588 it ne |
| if (r3 == 0) {
0x0000658a movne r3, 1 | r3 = 1;
| }
0x0000658c cmp r1, 0 |
0x0000658e it ne |
| if (r1 == 0) {
0x00006590 addne r3, 1 | r3++;
| }
0x00006592 mov r1, r5 | r1 = r5;
0x00006594 adds r2, r2, r3 | r2 += r3;
0x00006596 ldr r3, [sp, 4] | r3 = var_4h;
0x00006598 str r2, [sp] | *(sp) = r2;
0x0000659a adc r3, r3, 0 | __asm ("adc r3, r3, 0");
0x0000659e str r3, [sp, 4] | var_4h = r3;
0x000065a0 blx 0x2fcc | cxa_finalize ();
0x000065a4 ldr r0, [r4, 8] | r0 = *((r4 + 8));
| if (r0 != 0) {
0x000065a6 cbz r0, 0x65ae |
0x000065a8 mov r1, r5 | r1 = r5;
0x000065aa blx 0x2a8c | string_hash_func ();
| }
0x000065ae ldr r0, [r4, 4] | r0 = *((r4 + 4));
| if (r0 != 0) {
0x000065b0 cbz r0, 0x65b8 |
0x000065b2 mov r1, r5 | r1 = r5;
0x000065b4 blx 0x2a8c | string_hash_func ();
| }
0x000065b8 ldr r2, [pc, 0x4c] |
0x000065ba ldr r3, [pc, 0x48] | r3 = *(0x6606);
0x000065bc add r2, pc | r2 = 0xcbc8;
0x000065be ldr r3, [r2, r3] | r3 = *(0xcbc8);
0x000065c0 ldr r2, [r3] | r2 = *(0xcbc8);
0x000065c2 ldr r3, [sp, 0xc] | r3 = var_ch_2;
0x000065c4 eors r2, r3 | r2 ^= r3;
0x000065c6 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x000065ca bne 0x65fc | goto label_18;
| }
0x000065cc add sp, 0x14 |
0x000065ce pop {r4, r5, pc} |
| }
0x000065d0 ldr r1, [pc, 0x38] |
0x000065d2 movw r2, 0x2dd | r2 = 0x2dd;
0x000065d6 ldr r3, [pc, 0x38] |
0x000065d8 ldr r0, [pc, 0x38] |
0x000065da add r1, pc | r1 = 0xcbea;
0x000065dc add r3, pc | r3 = 0xcbf2;
0x000065de adds r1, 7 | r1 += 7;
0x000065e0 add r0, pc | r0 = 0xcbf8;
0x000065e2 blx 0x2804 | log_assert_failed ();
| label_17:
0x000065e6 ldr r1, [pc, 0x30] |
0x000065e8 movw r2, 0x2de | r2 = 0x2de;
0x000065ec ldr r3, [pc, 0x2c] |
0x000065ee ldr r0, [pc, 0x30] |
0x000065f0 add r1, pc | r1 = 0xcc0e;
0x000065f2 add r3, pc | r3 = 0xcc12;
0x000065f4 adds r1, 7 | r1 += 7;
0x000065f6 add r0, pc | r0 = 0xcc1c;
0x000065f8 blx 0x2804 | log_assert_failed ();
| label_18:
0x000065fc blx 0x2be8 | stack_chk_fail ();
0x00006600 str r7, [sp, 0x1c8] | *(arg_1c8h) = r7;
0x00006602 movs r0, r0 |
0x00006604 lsls r0, r7, 0xb | r0 = r7 << 0xb;
0x00006606 movs r0, r0 |
0x00006608 str r7, [sp, 0x40] | var_40h = r7;
0x0000660a movs r0, r0 |
0x0000660c ldrh r2, [r6, r4] | r2 = *((r6 + r4));
0x0000660e movs r0, r0 |
0x00006610 strb r0, [r7, 0x1e] | *((r7 + 0x1e)) = r0;
0x00006612 movs r0, r0 |
0x00006614 strb r4, [r0, 0x17] | *((r0 + 0x17)) = r4;
0x00006616 movs r0, r0 |
0x00006618 ldrh r4, [r3, r4] | r4 = *((r3 + r4));
0x0000661a movs r0, r0 |
0x0000661c strb r2, [r4, 0x1e] | *((r4 + 0x1e)) = r2;
0x0000661e movs r0, r0 |
0x00006620 ldr r6, [r1, 8] | r6 = *((r1 + 8));
0x00006622 movs r0, r0 |
| }
[*] Function fprintf used 11 times busctl