[*] Binary protection state of inet_diag.ko

  
  	No RELRO       No Canary found   NX disabled  REL          No RPATH     No RUNPATH   Symbols


[*] Function sprintf tear down of inet_diag.ko

    ; assembly                                                       | /* r2dec pseudo code output */
                                                                     | /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/lib/modules/5.10.52-axis9/kernel/net/ipv4/inet_diag.ko @ 0x8000cc8 */
                                                                     | #include <stdint.h>
                                                                     |  
    ; (fcn) sym.__inet_diag_dump_start ()                            | void inet_diag_dump_start (int32_t arg1, int32_t arg2) {
                                                                     |     r0 = arg1;
                                                                     |     r1 = arg2;
    0x08000cc8 push {r3, r4, r5, r6, r7, r8, sb, sl, fp, lr}         |     
    0x08000ccc stmdaeq r0, {r0, r2, r5, r7, sb, sl, lr}              |     __asm ("stmdaeq r0, {r0, r2, r5, r7, sb, sl, lr}");
    0x08000cd0 stmdaeq r0, {r0, r2, r5, r7, sb, sl, lr}              |     __asm ("stmdaeq r0, {r0, r2, r5, r7, sb, sl, lr}");
    0x08000cd4 mov r5, r0                                            |     r5 = r0;
    0x08000cd8 mov r6, r1                                            |     r6 = r1;
    0x08000cdc mov r1, 0xdc0                                         |     r1 = 0xdc0;
    0x08000ce0 ldr r0, [r3, 0x18]                                    |     r0 = *((r3 + 0x18));
    0x08000ce4 ldr r7, [r5, 4]                                       |     r7 = *((r5 + 4));
    0x08000ce8 ldr r8, [r5]                                          |     r8 = *(r5);
    0x08000cec stmdaeq r0, {r0, r3, r5, r7, sb, sl, lr}              |     __asm ("stmdaeq r0, {r0, r3, r5, r7, sb, sl, lr}");
    0x08000cf0 subs r4, r0, 0                                        |     r4 = r0 - 0;
                                                                     |     if (r4 == r0) {
    0x08000cf4 beq 0x8000f28                                         |         goto label_1;
                                                                     |     }
    0x08000cf8 mov r1, r6                                            |     r1 = r6;
    0x08000cfc mov r0, r7                                            |     r0 = r7;
    0x08000d00 mov r2, r4                                            |     r2 = r4;
    0x08000d04 bl 0x8000070                                          |     r0 = inet_diag_parse_attrs ();
    0x08000d08 subs r6, r0, 0                                        |     r6 = r0 - 0;
                                                                     |     if (r6 != r0) {
    0x08000d0c bne 0x8000e68                                         |         goto label_2;
                                                                     |     }
    0x08000d10 ldr r7, [r4, 4]                                       |     r7 = *((r4 + 4));
    0x08000d14 cmp r7, 0                                             |     
                                                                     |     if (r7 != 0) {
    0x08000d18 beq 0x8000dfc                                         |         
    0x08000d1c mov r0, r8                                            |         r0 = r8;
    0x08000d20 mov r1, 0xc                                           |         r1 = 0xc;
    0x08000d24 stmdaeq r0, {r0, r2, r3, r5, r7, sb, sl, lr}          |         __asm ("stmdaeq r0, {r0, r2, r3, r5, r7, sb, sl, lr}");
    0x08000d28 ldrh r8, [r7]                                         |         r8 = *(r7);
    0x08000d2c sub r8, r8, 4                                         |         r8 -= 4;
    0x08000d30 cmp r8, 3                                             |         
                                                                     |         if (r8 < 3) {
    0x08000d34 bls 0x8000e64                                         |             goto label_3;
                                                                     |         }
    0x08000d38 add r7, r7, 4                                         |         r7 += 4;
    0x08000d3c cmp r8, 0                                             |         
                                                                     |         if (r8 <= 0) {
    0x08000d40 ble 0x8000e64                                         |             goto label_3;
                                                                     |         }
    0x08000d44 mov r2, r8                                            |         r2 = r8;
    0x08000d48 mov ip, r7                                            |         
    0x08000d4c ldrb r3, [ip]                                         |         r3 = *(ip);
    0x08000d50 cmp r3, 0xd                                           |         
                                                                     |         if (r3 > 0xd) {
                                                                     |             /* switch table (14 cases) at 0x8000d5c */
    0x08000d54 ldrls pc, [pc, r3, lsl 2]                             |             offset_0 = r3 << 2;
                                                                     |             pc = *((pc + offset_0));
                                                                     |         }
    0x08000d58 b 0x8000e64                                           |         goto label_3;
                                                                     |     }
    0x08000dfc ldr r0, [r4, 8]                                       |     r0 = *((r4 + 8));
    0x08000e00 cmp r0, 0                                             |     
                                                                     |     if (r0 != 0) {
    0x08000e04 beq 0x8000e1c                                         |         
    0x08000e08 stmdaeq r0, {r0, r4, r5, r7, sb, sl, lr}              |         __asm ("stmdaeq r0, {r0, r4, r5, r7, sb, sl, lr}");
    0x08000e0c cmn r0, 0x1000                                        |         
    0x08000e10 mov r3, r0                                            |         r3 = r0;
                                                                     |         if (r0 > 0x1000) {
    0x08000e14 strls r0, [r4, 0x10]                                  |             *((r4 + 0x10)) = r0;
                                                                     |         }
                                                                     |         if (r0 > 0x1000) {
    0x08000e18 bhi 0x8000eec                                         |             goto label_4;
                                                                     |         }
                                                                     |     }
    0x08000e1c str r4, [r5, 0x10]                                    |     *((r5 + 0x10)) = r4;
                                                                     |     do {
                                                                     | label_0:
    0x08000e20 mov r0, r6                                            |         r0 = r6;
    0x08000e24 pop {r3, r4, r5, r6, r7, r8, sb, sl, fp, pc}          |         
                                                                     | label_3:
    0x08000e64 mvn r6, 0x15                                          |         r6 = ~0x15;
                                                                     | label_2:
    0x08000e68 mov r0, r4                                            |         r0 = r4;
    0x08000e6c stmdaeq r0, {r0, r4, r7, sb, sl, lr}                  |         __asm ("stmdaeq r0, {r0, r4, r7, sb, sl, lr}");
    0x08000e70 mov r0, r6                                            |         r0 = r6;
    0x08000e74 pop {r3, r4, r5, r6, r7, r8, sb, sl, fp, pc}          |         
                                                                     | label_4:
    0x08000eec mov r0, r4                                            |         r0 = r4;
    0x08000ef0 mov r6, r3                                            |         r6 = r3;
    0x08000ef4 stmdaeq r0, {r0, r4, r7, sb, sl, lr}                  |         __asm ("stmdaeq r0, {r0, r4, r7, sb, sl, lr}");
    0x08000ef8 b 0x8000e20                                           |         
                                                                     |     } while (1);
                                                                     | label_1:
    0x08000f28 mvn r6, 0xb                                           |     r6 = ~0xb;
    0x08000f2c b 0x8000e20                                           |     goto label_0;
                                                                     | }
    ; assembly                                                       | /* r2dec pseudo code output */
                                                                     | /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/lib/modules/5.10.52-axis9/kernel/net/ipv4/inet_diag.ko @ 0x8000a04 */
                                                                     | #include <stdint.h>
                                                                     |  
    ; (fcn) sym.inet_diag_cmd_exact ()                               | void inet_diag_cmd_exact (int32_t arg_90h, int32_t arg1, int32_t arg2) {
                                                                     |     int32_t var_4h;
                                                                     |     int32_t var_8h;
                                                                     |     int32_t var_ch;
                                                                     |     int32_t var_10h;
                                                                     |     int32_t var_14h;
                                                                     |     int32_t var_18h;
                                                                     |     int32_t var_1ch;
                                                                     |     int32_t var_20h;
                                                                     |     int32_t var_28h;
                                                                     |     int32_t var_7ch;
                                                                     |     r0 = arg1;
                                                                     |     r1 = arg2;
    0x08000a04 push {r4, r5, r6, r7, lr}                             |     
    0x08000a08 mov r5, r2                                            |     r5 = r2;
    0x08000a0c mov r7, r1                                            |     r7 = r1;
    0x08000a10 sub sp, sp, 0x7c                                      |     
    0x08000a14 mov r1, r3                                            |     r1 = r3;
    0x08000a18 mov r6, r0                                            |     r6 = r0;
    0x08000a1c add r2, sp, 4                                         |     r2 += var_4h;
    0x08000a20 mov r0, r5                                            |     r0 = r5;
    0x08000a24 mov r3, 0                                             |     r3 = 0;
    0x08000a28 str r3, [sp, 4]                                       |     var_4h = r3;
    0x08000a2c str r3, [sp, 8]                                       |     var_8h = r3;
    0x08000a30 str r3, [sp, 0xc]                                     |     var_ch = r3;
    0x08000a34 str r3, [sp, 0x10]                                    |     var_10h = r3;
    0x08000a38 str r3, [sp, 0x14]                                    |     var_14h = r3;
    0x08000a3c bl 0x8000070                                          |     r0 = inet_diag_parse_attrs ();
    0x08000a40 subs r4, r0, 0                                        |     r4 = r0 - 0;
                                                                     |     if (r4 != r0) {
    0x08000a44 bne 0x8000a8c                                         |         goto label_2;
                                                                     |     }
    0x08000a48 ldr r3, [sp, 0x10]                                    |     r3 = var_10h;
    0x08000a4c cmp r3, 0                                             |     
                                                                     |     if (r3 != 0) {
    0x08000a50 ldreq r3, [sp, 0x90]                                  |         r3 = *(arg_90h);
                                                                     |     }
                                                                     |     if (r3 == 0) {
    0x08000a54 ldrne r0, [r3, 4]                                     |         r0 = *((r3 + 4));
                                                                     |     }
                                                                     |     if (r3 != 0) {
    0x08000a58 ldrbeq r0, [r3, 1]                                    |         r0 = *((r3 + 1));
                                                                     |     }
    0x08000a5c bl 0x8000854                                          |     r0 = inet_diag_lock_handler ();
    0x08000a60 mov r4, r0                                            |     r4 = r0;
    0x08000a64 cmn r0, 0x1000                                        |     
                                                                     |     if (r0 <= 0x1000) {
    0x08000a68 bhi 0x8000a80                                         |         
    0x08000a6c cmp r6, 0x14                                          |         
                                                                     |         if (r6 == 0x14) {
    0x08000a70 beq 0x8000a98                                         |             goto label_3;
                                                                     |         }
    0x08000a74 cmp r6, 0x15                                          |         
                                                                     |         if (r6 == 0x15) {
    0x08000a78 beq 0x8000adc                                         |             goto label_4;
                                                                     |         }
                                                                     | label_0:
    0x08000a7c mvn r4, 0x5e                                          |         r4 = ~0x5e;
                                                                     |     }
                                                                     | label_1:
    0x08000a80 stmdaeq r0, {r4, r5, r6, r8, sl, sp}                  |     __asm ("stmdaeq r0, {r4, r5, r6, r8, sl, sp}");
    0x08000a84 stmdaeq r0, {r4, r5, r6, r8, sl, sp}                  |     __asm ("stmdaeq r0, {r4, r5, r6, r8, sl, sp}");
    0x08000a88 stmdaeq r0, {r0, r3, r7, sb, sl, lr}                  |     __asm ("stmdaeq r0, {r0, r3, r7, sb, sl, lr}");
                                                                     |     do {
                                                                     | label_2:
    0x08000a8c mov r0, r4                                            |         r0 = r4;
    0x08000a90 add sp, sp, 0x7c                                      |         
    0x08000a94 pop {r4, r5, r6, r7, pc}                              |         
                                                                     | label_3:
    0x08000a98 mov r2, 0x58                                          |         r2 = 0x58;
    0x08000a9c mov r1, 0                                             |         r1 = 0;
    0x08000aa0 add r0, sp, 0x20                                      |         r0 += var_20h;
    0x08000aa4 stmdaeq r0, {r0, r2, r3, r4, r7, sb, sl, lr}          |         __asm ("stmdaeq r0, {r0, r2, r3, r4, r7, sb, sl, lr}");
    0x08000aa8 add r3, sp, 4                                         |         r3 += var_4h;
    0x08000aac str r5, [sp, 0x1c]                                    |         var_1ch = r5;
    0x08000ab0 add r0, sp, 0x18                                      |         r0 += var_18h;
    0x08000ab4 str r3, [sp, 0x28]                                    |         var_28h = r3;
    0x08000ab8 ldr r1, [sp, 0x90]                                    |         r1 = *(arg_90h);
    0x08000abc ldr r3, [r4, 4]                                       |         r3 = *((r4 + 4));
    0x08000ac0 str r7, [sp, 0x18]                                    |         var_18h = r7;
    0x08000ac4 blx r3                                                |         r0 = uint32_t (*r3)(uint32_t, uint32_t, uint32_t, uint32_t) (r0, r1, r2, r3);
    0x08000ac8 mov r4, r0                                            |         r4 = r0;
    0x08000acc stmdaeq r0, {r4, r5, r6, r8, sl, sp}                  |         __asm ("stmdaeq r0, {r4, r5, r6, r8, sl, sp}");
    0x08000ad0 stmdaeq r0, {r4, r5, r6, r8, sl, sp}                  |         __asm ("stmdaeq r0, {r4, r5, r6, r8, sl, sp}");
    0x08000ad4 stmdaeq r0, {r0, r3, r7, sb, sl, lr}                  |         __asm ("stmdaeq r0, {r0, r3, r7, sb, sl, lr}");
    0x08000ad8 b 0x8000a8c                                           |         
                                                                     |     } while (1);
                                                                     | label_4:
    0x08000adc ldr r3, [r0, 0x14]                                    |     r3 = *((r0 + 0x14));
    0x08000ae0 cmp r3, 0                                             |     
                                                                     |     if (r3 == 0) {
    0x08000ae4 beq 0x8000a7c                                         |         goto label_0;
                                                                     |     }
    0x08000ae8 ldr r1, [sp, 0x90]                                    |     r1 = *(arg_90h);
    0x08000aec mov r0, r7                                            |     r0 = r7;
    0x08000af0 blx r3                                                |     r0 = uint32_t (*r3)(uint32_t, uint32_t) (r0, r1);
    0x08000af4 mov r4, r0                                            |     r4 = r0;
    0x08000af8 b 0x8000a80                                           |     goto label_1;
                                                                     | }

[*] Function sprintf used 1 times inet_diag.ko