[*] Binary protection state of sit.ko
No RELRO No Canary found NX disabled REL No RPATH No RUNPATH Symbols
[*] Function fprintf tear down of sit.ko
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/lib/modules/5.10.52-axis9/kernel/net/ipv6/sit.ko @ 0x80029fc */
| #include <stdint.h>
|
; (fcn) sym.ipip6_tunnel_ctl () | void ipip6_tunnel_ctl (int32_t arg1, int32_t arg2) {
| r0 = arg1;
| r1 = arg2;
0x080029fc sub r2, r2, 0x8900 | r2 -= 0x8900;
0x08002a00 push {r4, r5, r6, r7, r8, lr} |
0x08002a04 sub r2, r2, 0xf0 | r2 -= 0xf0;
0x08002a08 mov r4, r0 | r4 = r0;
0x08002a0c mov r5, r1 | r5 = r1;
0x08002a10 cmp r2, 3 |
| if (r2 > 3) {
| /* switch table (4 cases) at 0x8002a1c */
0x08002a14 ldrls pc, [pc, r2, lsl 2] | offset_0 = r2 << 2;
| pc = *((pc + offset_0));
| }
0x08002a18 b 0x8002c50 |
0x08002c50 mvn r0, 0x15 | r0 = ~0x15;
0x08002c54 pop {r4, r5, r6, r7, r8, pc} |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/lib/modules/5.10.52-axis9/kernel/net/ipv6/sit.ko @ 0x800253c */
| #include <stdint.h>
|
; (fcn) sym.ipip6_tunnel_locate () | void ipip6_tunnel_locate (int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_8h;
| int32_t var_ch;
| int32_t var_1ch;
| r0 = arg1;
| r1 = arg2;
0x0800253c push {r4, r5, r6, r7, r8, sb, lr} |
0x08002540 stmdaeq r0, {r2, r4, r5, r6, r7, sb, ip, sp} | __asm ("stmdaeq r0, {r2, r4, r5, r6, r7, sb, ip, sp}");
0x08002544 stmdaeq r0, {r2, r4, r5, r6, r7, sb, ip, sp} | __asm ("stmdaeq r0, {r2, r4, r5, r6, r7, sb, ip, sp}");
0x08002548 mov r7, r0 | r7 = r0;
0x0800254c sub sp, sp, 0x1c |
0x08002550 mov sb, r2 | sb = r2;
0x08002554 mov r5, r1 | r5 = r1;
0x08002558 ldr r8, [r1, 0x30] | r8 = *((r1 + 0x30));
0x0800255c ldr r6, [r1, 0x2c] | r6 = *((r1 + 0x2c));
0x08002560 ldr r4, [r3] | r4 = *(r3);
0x08002564 stmdaeq r0, {r2, r5, fp, ip, lr} | __asm ("stmdaeq r0, {r2, r5, fp, ip, lr}");
0x08002568 ldr r3, [r7, 0x6d8] | r3 = *((r7 + 0x6d8));
0x0800256c ldr r4, [r3, r4, lsl 2] | offset_0 = r4 << 2;
| r4 = *((r3 + offset_0));
0x08002570 stmdaeq r0, {r3, r5, fp, ip, lr} | __asm ("stmdaeq r0, {r3, r5, fp, ip, lr}");
0x08002574 ldr r3, [r5, 0x30] | r3 = *((r5 + 0x30));
0x08002578 ldr r1, [r5, 0x2c] | r1 = *((r5 + 0x2c));
0x0800257c cmp r3, 0 |
| if (r3 == 0) {
0x08002580 eorne r3, r3, r3, lsr 4 | r3 ^= (r3 >> 4);
| }
| if (r3 != 0) {
0x08002584 moveq r2, r3 | r2 = r3;
| }
| if (r3 == 0) {
0x08002588 movne r2, 2 | r2 = 2;
| }
| if (r3 == 0) {
0x0800258c andne r3, r3, 0xf | r3 &= 0xf;
| }
0x08002590 cmp r1, 0 |
| if (r1 == 0) {
0x08002594 orrne r2, r2, 1 | r2 |= 1;
| }
| if (r1 == 0) {
0x08002598 eorne r1, r1, r1, lsr 4 | r1 ^= (r1 >> 4);
| }
| if (r1 == 0) {
0x0800259c andne r1, r1, 0xf | r1 &= 0xf;
| }
0x080025a0 add r4, r4, r2, lsl 2 | r4 += (r2 << 2);
| if (r1 == 0) {
0x080025a4 eorne r3, r3, r1 | r3 ^= r1;
| }
0x080025a8 ldr r2, [r4, 0xc4] | r2 = *((r4 + 0xc4));
0x080025ac ldr r4, [r2, r3, lsl 2] | offset_1 = r3 << 2;
| r4 = *((r2 + offset_1));
0x080025b0 cmp r4, 0 |
| if (r4 != 0) {
0x080025b4 bne 0x80025c8 | goto label_3;
| }
0x080025b8 b 0x8002600 | goto label_4;
| do {
| label_0:
0x080025bc ldr r4, [r4] | r4 = *(r4);
0x080025c0 cmp r4, 0 |
| if (r4 == 0) {
0x080025c4 beq 0x8002600 | goto label_4;
| }
| label_3:
0x080025c8 ldr r3, [r4, 0x64] | r3 = *((r4 + 0x64));
0x080025cc cmp r3, r6 |
0x080025d0 bne 0x80025bc |
| } while (r3 != r6);
0x080025d4 ldr r3, [r4, 0x68] | r3 = *((r4 + 0x68));
0x080025d8 cmp r3, r8 |
| if (r3 != r8) {
0x080025dc bne 0x80025bc | goto label_0;
| }
0x080025e0 ldr r3, [r4, 0x48] | r3 = *((r4 + 0x48));
0x080025e4 ldr r2, [r5, 0x10] | r2 = *((r5 + 0x10));
0x080025e8 cmp r2, r3 |
| if (r2 != r3) {
0x080025ec bne 0x80025bc | goto label_0;
| }
0x080025f0 cmp sb, 0 |
| if (sb == 0) {
0x080025f4 beq 0x800269c | goto label_5;
| }
| do {
| label_1:
0x080025f8 mov r4, 0 | r4 = 0;
0x080025fc b 0x800269c | goto label_5;
| label_4:
0x08002600 cmp sb, 0 |
0x08002604 beq 0x80025f8 |
| } while (sb == 0);
0x08002608 ldrb r3, [r5] | r3 = *(r5);
0x0800260c cmp r3, 0 |
| if (r3 != 0) {
0x08002610 bne 0x80026a8 | goto label_6;
| }
0x08002614 stmdaeq r0, {r6, r8, sb, sl, fp, sp} | __asm ("stmdaeq r0, {r6, r8, sb, sl, fp, sp}");
0x08002618 stmdaeq r0, {r6, r8, sb, sl, fp, sp} | __asm ("stmdaeq r0, {r6, r8, sb, sl, fp, sp}");
0x0800261c add r4, sp, 8 | r4 += var_8h;
0x08002620 ldm r3, {r0, r1} | r0 = *(r3);
| r1 = *((r3 + 4));
0x08002624 str r0, [sp, 8] | var_8h = r0;
0x08002628 strh r1, [sp, 0xc] | var_ch = r1;
| label_2:
0x0800262c mov r3, 1 | r3 = 1;
0x08002630 mov r1, r4 | r1 = r4;
0x08002634 str r3, [sp, 4] | var_4h = r3;
0x08002638 mov r2, 0 | r2 = 0;
0x0800263c str r3, [sp] | *(sp) = r3;
0x08002640 mov r0, 0x98 | r0 = 0x98;
0x08002644 stmdaeq r0, {r4, r5, r6} | __asm ("stmdaeq r0, {r4, r5, r6}");
0x08002648 stmdaeq r0, {r4, r5, r6} | __asm ("stmdaeq r0, {r4, r5, r6}");
0x0800264c stmdaeq r0, {r6, r7, fp, ip, lr} | __asm ("stmdaeq r0, {r6, r7, fp, ip, lr}");
0x08002650 subs r6, r0, 0 | r6 = r0 - 0;
| if (r6 == r0) {
0x08002654 beq 0x80025f8 | goto label_1;
| }
0x08002658 mov ip, r5 |
0x0800265c str r7, [r6, 0x2b4] | *((r6 + 0x2b4)) = r7;
0x08002660 add lr, r6, 0x570 | lr = r6 + 0x570;
0x08002664 add r4, r6, 0x540 | r4 = r6 + 0x540;
0x08002668 add lr, lr, 8 | lr += 8;
0x0800266c ldm ip!, {r0, r1, r2, r3} | r0 = *(ip!);
| r1 = *((ip! + 4));
| r2 = *((ip! + 8));
| r3 = *((ip! + 12));
0x08002670 stm lr!, {r0, r1, r2, r3} | *(lr!) = r0;
| *((lr! + 4)) = r1;
| *((lr! + 8)) = r2;
| *((lr! + 12)) = r3;
0x08002674 ldm ip!, {r0, r1, r2, r3} | r0 = *(ip!);
| r1 = *((ip! + 4));
| r2 = *((ip! + 8));
| r3 = *((ip! + 12));
0x08002678 stm lr!, {r0, r1, r2, r3} | *(lr!) = r0;
| *((lr! + 4)) = r1;
| *((lr! + 8)) = r2;
| *((lr! + 12)) = r3;
0x0800267c ldm ip!, {r0, r1, r2, r3} | r0 = *(ip!);
| r1 = *((ip! + 4));
| r2 = *((ip! + 8));
| r3 = *((ip! + 12));
0x08002680 stm lr!, {r0, r1, r2, r3} | *(lr!) = r0;
| *((lr! + 4)) = r1;
| *((lr! + 8)) = r2;
| *((lr! + 12)) = r3;
0x08002684 mov r0, r6 | r0 = r6;
0x08002688 ldr r3, [ip] | r3 = *(ip);
0x0800268c str r3, [lr] | *(lr) = r3;
0x08002690 bl 0x8002480 | r0 = ipip6_tunnel_create ();
0x08002694 cmp r0, 0 |
| if (r0 < 0) {
0x08002698 blt 0x80026d0 | goto label_7;
| }
| label_5:
0x0800269c mov r0, r4 | r0 = r4;
0x080026a0 add sp, sp, 0x1c |
0x080026a4 pop {r4, r5, r6, r7, r8, sb, pc} |
| label_6:
0x080026a8 mov r0, r5 | r0 = r5;
0x080026ac stmdaeq r0, {r2, r5, r8, fp, ip, lr} | __asm ("stmdaeq r0, {r2, r5, r8, fp, ip, lr}");
0x080026b0 cmp r0, 0 |
| if (r0 == 0) {
0x080026b4 beq 0x80025f8 | goto label_1;
| }
0x080026b8 add r4, sp, 8 | r4 += var_8h;
0x080026bc mov r1, r5 | r1 = r5;
0x080026c0 mov r0, r4 | r0 = r4;
0x080026c4 mov r2, 0x10 | r2 = 0x10;
0x080026c8 stmdaeq r0, {r3, r5, r8, fp, ip, lr} | __asm ("stmdaeq r0, {r3, r5, r8, fp, ip, lr}");
0x080026cc b 0x800262c | goto label_2;
| label_7:
0x080026d0 mov r0, r6 | r0 = r6;
0x080026d4 stmdaeq r0, {r3, r6, r7, fp, ip, lr} | __asm ("stmdaeq r0, {r3, r6, r7, fp, ip, lr}");
0x080026d8 b 0x80025f8 | goto label_1;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/lib/modules/5.10.52-axis9/kernel/net/ipv6/sit.ko @ 0x8001650 */
| #include <stdint.h>
|
; (fcn) sym.sit_init_net () | void sit_init_net (int32_t arg1) {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_8h;
| r0 = arg1;
0x08001650 push {r4, r5, r6, r7, r8, lr} |
0x08001654 mov r5, r0 | r5 = r0;
0x08001658 stmdaeq r0, {r2, r4, r5, r6, r7, sb, ip, sp} | __asm ("stmdaeq r0, {r2, r4, r5, r6, r7, sb, ip, sp}");
0x0800165c stmdaeq r0, {r2, r4, r5, r6, r7, sb, ip, sp} | __asm ("stmdaeq r0, {r2, r4, r5, r6, r7, sb, ip, sp}");
0x08001660 sub sp, sp, 8 |
0x08001664 ldr r4, [r6] | r4 = *(r6);
0x08001668 stmdaeq r0, {r2, r5, fp, ip, lr} | __asm ("stmdaeq r0, {r2, r5, fp, ip, lr}");
0x0800166c ldr r3, [r5, 0x6d8] | r3 = *((r5 + 0x6d8));
0x08001670 ldr r4, [r3, r4, lsl 2] | offset_0 = r4 << 2;
| r4 = *((r3 + offset_0));
0x08001674 stmdaeq r0, {r3, r5, fp, ip, lr} | __asm ("stmdaeq r0, {r3, r5, fp, ip, lr}");
0x08001678 stmdaeq r0, {r3, r4, r5, r7, fp, ip, lr} | __asm ("stmdaeq r0, {r3, r4, r5, r7, fp, ip, lr}");
0x0800167c stmdaeq r0, {r3, r4, r5, r7, fp, ip, lr} | __asm ("stmdaeq r0, {r3, r4, r5, r7, fp, ip, lr}");
0x08001680 add r2, r4, 0xc0 | r2 = r4 + 0xc0;
0x08001684 str r4, [r4, 0xd0] | *((r4 + 0xd0)) = r4;
0x08001688 ldr r3, [r3] | r3 = *(r3);
0x0800168c str r2, [r4, 0xc4] | *((r4 + 0xc4)) = r2;
0x08001690 add r2, r4, 0x80 | r2 = r4 + 0x80;
0x08001694 cmp r3, 0 |
0x08001698 str r2, [r4, 0xc8] | *((r4 + 0xc8)) = r2;
0x0800169c add r2, r4, 0x40 | r2 = r4 + 0x40;
0x080016a0 str r2, [r4, 0xcc] | *((r4 + 0xcc)) = r2;
| if (r3 == 0) {
0x080016a4 beq 0x80016cc | goto label_1;
| }
0x080016a8 stmdaeq r0, {r2, r3, r4, r5, r7, fp, ip, lr} | __asm ("stmdaeq r0, {r2, r3, r4, r5, r7, fp, ip, lr}");
0x080016ac stmdaeq r0, {r2, r3, r4, r5, r7, fp, ip, lr} | __asm ("stmdaeq r0, {r2, r3, r4, r5, r7, fp, ip, lr}");
0x080016b0 cmp r5, r2 |
0x080016b4 cmpeq r3, 1 | __asm ("cmpeq r3, 1");
0x080016b8 beq 0x80016cc |
| while (1) {
0x080016bc mov r5, 0 | r5 = 0;
| label_0:
0x080016c0 mov r0, r5 | r0 = r5;
0x080016c4 add sp, sp, 8 |
0x080016c8 pop {r4, r5, r6, r7, r8, pc} |
| label_1:
0x080016cc mov r2, 1 | r2 = 1;
0x080016d0 stmdaeq r0, {r4, r5, r6} | __asm ("stmdaeq r0, {r4, r5, r6}");
0x080016d4 stmdaeq r0, {r4, r5, r6} | __asm ("stmdaeq r0, {r4, r5, r6}");
0x080016d8 str r2, [sp, 4] | var_4h = r2;
0x080016dc str r2, [sp] | *(sp) = r2;
0x080016e0 stmdaeq r0, {r2, r3, r4, r8, sb, sl, fp, sp} | __asm ("stmdaeq r0, {r2, r3, r4, r8, sb, sl, fp, sp}");
0x080016e4 stmdaeq r0, {r2, r3, r4, r8, sb, sl, fp, sp} | __asm ("stmdaeq r0, {r2, r3, r4, r8, sb, sl, fp, sp}");
0x080016e8 mov r2, 0 | r2 = 0;
0x080016ec mov r0, 0x98 | r0 = 0x98;
0x080016f0 stmdaeq r0, {r6, r7, fp, ip, lr} | __asm ("stmdaeq r0, {r6, r7, fp, ip, lr}");
0x080016f4 cmp r0, 0 |
0x080016f8 str r0, [r4, 0xd4] | *((r4 + 0xd4)) = r0;
| if (r0 == 0) {
0x080016fc beq 0x80017a4 | goto label_2;
| }
0x08001700 str r5, [r0, 0x2b4] | *((r0 + 0x2b4)) = r5;
0x08001704 ldr r2, [pc, 0xa0] | r2 = *(0x80017a8);
0x08001708 ldr r3, [r4, 0xd4] | r3 = *((r4 + 0xd4));
0x0800170c str r2, [r3, 0x494] | *((r3 + 0x494)) = r2;
0x08001710 ldr r2, [r4, 0xd4] | r2 = *((r4 + 0xd4));
0x08001714 ldr r3, [r2, 0x70] | r3 = *(0x8001818);
0x08001718 orr r3, r3, 0x2000 | r3 |= 0x2000;
0x0800171c str r3, [r2, 0x70] | *((r2 + 0x70)) = r3;
0x08001720 ldr r0, [r4, 0xd4] | r0 = *((r4 + 0xd4));
0x08001724 stmdaeq r0, {r2, r6, r7, fp, ip, lr} | __asm ("stmdaeq r0, {r2, r6, r7, fp, ip, lr}");
0x08001728 subs r5, r0, 0 | r5 = r0 - 0;
| if (r5 != r0) {
0x0800172c bne 0x800177c | goto label_3;
| }
0x08001730 ldr r5, [r4, 0xd4] | r5 = *((r4 + 0xd4));
0x08001734 ldr r6, [r6] | r6 = *(r6);
0x08001738 add r7, r5, 0x540 | r7 = r5 + 0x540;
0x0800173c add r5, r5, 0x5a0 | r5 += 0x5a0;
0x08001740 ldr r8, [r5, -0x2ec] | r8 = *((r5 - 0x2ec));
0x08001744 stmdaeq r0, {r2, r5, fp, ip, lr} | __asm ("stmdaeq r0, {r2, r5, fp, ip, lr}");
0x08001748 ldr r3, [r8, 0x6d8] | r3 = *((r8 + 0x6d8));
0x0800174c ldr r6, [r3, r6, lsl 2] | offset_1 = r6 << 2;
| r6 = *((r3 + offset_1));
0x08001750 stmdaeq r0, {r3, r5, fp, ip, lr} | __asm ("stmdaeq r0, {r3, r5, fp, ip, lr}");
0x08001754 mov r3, 0x45 | r3 = 0x45;
0x08001758 strb r3, [r5, -8] | *((r5 - 8)) = r3;
0x0800175c mov r3, 0x2940 | r3 = 0x2940;
0x08001760 strh r3, [r5] | *(r5) = r3;
0x08001764 str r7, [r6, 0xc0] | *((r6 + 0xc0)) = r7;
0x08001768 ldr r1, [r4, 0xd4] | r1 = *((r4 + 0xd4));
0x0800176c add r0, r1, 0x570 | r0 = r1 + 0x570;
0x08001770 add r0, r0, 8 | r0 += 8;
0x08001774 stmdaeq r0, {r2, r4, r7, fp, ip, lr} | __asm ("stmdaeq r0, {r2, r4, r7, fp, ip, lr}");
0x08001778 b 0x80016bc |
| }
| label_3:
0x0800177c ldr r6, [r4, 0xd4] | r6 = *((r4 + 0xd4));
0x08001780 add r0, r6, 0x570 | r0 = r6 + 0x570;
0x08001784 stmdaeq r0, {r2, r4, r5, fp, ip, lr} | __asm ("stmdaeq r0, {r2, r4, r5, fp, ip, lr}");
0x08001788 ldr r0, [r6, 0x2c0] | r0 = *((r6 + 0x2c0));
0x0800178c stmdaeq r0, {r3, r4, r5, fp, ip, lr} | __asm ("stmdaeq r0, {r3, r4, r5, fp, ip, lr}");
0x08001790 ldr r0, [r4, 0xd4] | r0 = *((r4 + 0xd4));
0x08001794 stmdaeq r0, {r3, r6, r7, fp, ip, lr} | __asm ("stmdaeq r0, {r3, r6, r7, fp, ip, lr}");
0x08001798 mov r0, r5 | r0 = r5;
0x0800179c add sp, sp, 8 |
0x080017a0 pop {r4, r5, r6, r7, r8, pc} |
| label_2:
0x080017a4 mvn r5, 0xb | r5 = ~0xb;
0x080017a8 b 0x80016c0 | goto label_0;
| }
[*] Function fprintf used 1 times sit.ko
