[*] Binary protection state of libnetsnmptrapd.so.40.2.0
Full RELRO Canary found NX enabled DSO No RPATH No RUNPATH No Symbols
[*] Function strcat tear down of libnetsnmptrapd.so.40.2.0
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/lib/libnetsnmptrapd.so.40.2.0 @ 0x2be8 */
| #include <stdint.h>
|
; (fcn) fcn.00002be8 () | void fcn_00002be8 (int16_t arg_28h, int16_t arg1, int16_t arg2, int16_t arg3, int16_t arg4) {
| int16_t var_0h;
| int16_t var_34h;
| int16_t var_8h;
| int16_t var_ch;
| r0 = arg1;
| r1 = arg2;
| r2 = arg3;
| r3 = arg4;
0x00002be8 mvnsmi lr, sp, lsr 18 | __asm ("mvnsmi lr, sp, lsr 18");
0x00002bec mov r7, r2 | r7 = r2;
0x00002bee ldr r2, [pc, 0x284] |
0x00002bf0 mov r6, r3 | r6 = r3;
0x00002bf2 sub sp, 0x10 |
0x00002bf4 mov r4, r0 | r4 = r0;
0x00002bf6 ldr r3, [pc, 0x280] | r3 = *(0x2e7a);
0x00002bf8 mov r5, r1 | r5 = r1;
0x00002bfa add r2, pc | r2 = 0x5a74;
0x00002bfc ldrb.w lr, [sp, 0x28] |
0x00002c00 ldr r3, [r2, r3] |
0x00002c02 sub.w ip, lr, 0x22 |
0x00002c06 ldr r3, [r3] | r3 = *(0x5a74);
0x00002c08 str r3, [sp, 0xc] | var_ch = r3;
0x00002c0a mov.w r3, 0 | r3 = 0;
0x00002c0e cmp.w ip, 0x54 |
| if (ip <= 0x54) {
0x00002c12 bhi 0x2cc2 |
| /* switch table (86 cases) at 0x2c18 */
0x00002c14 tbh [pc, ip, lsl 1] | __asm ("tbh [pc, ip, lsl 1]");
| }
0x00002cc2 ldr r3, [pc, 0x1b8] |
0x00002cc4 add.w r8, sp, 8 | r8 += var_8h;
0x00002cc8 movs r2, 3 | r2 = 3;
0x00002cca movs r1, 1 | r1 = 1;
0x00002ccc str.w lr, [sp] | __asm ("str.w lr, [sp]");
0x00002cd0 mov r0, r8 | r0 = r8;
0x00002cd2 add r3, pc | r3 = 0x5b54;
0x00002cd4 blx 0x1730 | fcn_00001730 ();
0x00002cd8 mov r3, r6 | r3 = r6;
0x00002cda mov r2, r7 | r2 = r7;
0x00002cdc mov r1, r5 | r1 = r5;
0x00002cde mov r0, r4 | r0 = r4;
0x00002ce0 str.w r8, [sp] | __asm ("str.w r8, [sp]");
0x00002ce4 blx 0x15a0 | fcn_000015a0 ();
0x00002ce8 ldr r2, [pc, 0x194] |
0x00002cea ldr r3, [pc, 0x18c] | r3 = *(0x2e7a);
0x00002cec add r2, pc | r2 = 0x5b70;
0x00002cee ldr r3, [r2, r3] | r3 = *(0x5b70);
0x00002cf0 ldr r2, [r3] | r2 = *(0x5b70);
0x00002cf2 ldr r3, [sp, 0xc] | r3 = var_ch;
0x00002cf4 eors r2, r3 | r2 ^= r3;
0x00002cf6 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00002cfa bne.w 0x2e6e | goto label_1;
| }
0x00002cfe add sp, 0x10 |
0x00002d00 pop.w {r4, r5, r6, r7, r8, pc} |
0x00002d04 ldr r2, [pc, 0x17c] |
0x00002d06 ldr r3, [pc, 0x170] | r3 = *(0x2e7a);
0x00002d08 add r2, pc | r2 = 0x5b90;
0x00002d0a ldr r3, [r2, r3] | r3 = *(0x5b90);
0x00002d0c ldr r2, [r3] | r2 = *(0x5b90);
0x00002d0e ldr r3, [sp, 0xc] | r3 = var_ch;
0x00002d10 eors r2, r3 | r2 ^= r3;
0x00002d12 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00002d16 bne.w 0x2e6e | goto label_1;
| }
0x00002d1a ldr.w ip, [pc, 0x16c] |
0x00002d1e add ip, pc | ip = 0x5bac;
| do {
| label_0:
0x00002d20 mov r3, r6 | r3 = r6;
0x00002d22 mov r2, r7 | r2 = r7;
0x00002d24 mov r1, r5 | r1 = r5;
0x00002d26 mov r0, r4 | r0 = r4;
0x00002d28 str.w ip, [sp, 0x28] | __asm ("str.w ip, [arg_28h]");
0x00002d2c add sp, 0x10 |
0x00002d2e pop.w {r4, r5, r6, r7, r8, lr} |
0x00002d32 b.w 0x159c | void (*0x159c)() ();
0x00002d36 ldr r2, [pc, 0x154] |
0x00002d38 ldr r3, [pc, 0x13c] | r3 = *(0x2e78);
0x00002d3a add r2, pc | r2 = 0x5bcc;
0x00002d3c ldr r3, [r2, r3] | r3 = *(0x5bcc);
0x00002d3e ldr r2, [r3] | r2 = *(0x5bcc);
0x00002d40 ldr r3, [sp, 0xc] | r3 = var_ch;
0x00002d42 eors r2, r3 | r2 ^= r3;
0x00002d44 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00002d48 bne.w 0x2e6e | goto label_1;
| }
0x00002d4c ldr.w ip, [pc, 0x140] |
0x00002d50 add ip, pc | ip = 0x5be4;
0x00002d52 b 0x2d20 |
| } while (1);
0x00002d54 ldr r2, [pc, 0x13c] |
0x00002d56 ldr r3, [pc, 0x120] | r3 = *(0x2e7a);
0x00002d58 add r2, pc | r2 = 0x5bf0;
0x00002d5a ldr r3, [r2, r3] | r3 = *(0x5bf0);
0x00002d5c ldr r2, [r3] | r2 = *(0x5bf0);
0x00002d5e ldr r3, [sp, 0xc] | r3 = var_ch;
0x00002d60 eors r2, r3 | r2 ^= r3;
0x00002d62 mov.w r3, 0 | r3 = 0;
| if (r2 == r3) {
0x00002d66 bne.w 0x2e6e |
0x00002d6a ldr.w ip, [pc, 0x12c] |
0x00002d6e add ip, pc | ip = 0x5c0c;
0x00002d70 b 0x2d20 | goto label_0;
0x00002d72 ldr r2, [pc, 0x128] |
0x00002d74 ldr r3, [pc, 0x100] | r3 = *(0x2e78);
0x00002d76 add r2, pc | r2 = 0x5c18;
0x00002d78 ldr r3, [r2, r3] | r3 = *(0x5c18);
0x00002d7a ldr r2, [r3] | r2 = *(0x5c18);
0x00002d7c ldr r3, [sp, 0xc] | r3 = var_ch;
0x00002d7e eors r2, r3 | r2 ^= r3;
0x00002d80 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00002d84 bne 0x2e6e | goto label_1;
| }
0x00002d86 ldr.w ip, [pc, 0x118] |
0x00002d8a add ip, pc | ip = 0x5c30;
0x00002d8c b 0x2d20 | goto label_0;
0x00002d8e ldr r2, [pc, 0x114] |
0x00002d90 ldr r3, [pc, 0xe4] | r3 = *(0x2e78);
0x00002d92 add r2, pc | r2 = 0x5c3c;
0x00002d94 ldr r3, [r2, r3] | r3 = *(0x5c3c);
0x00002d96 ldr r2, [r3] | r2 = *(0x5c3c);
0x00002d98 ldr r3, [sp, 0xc] | r3 = var_ch;
0x00002d9a eors r2, r3 | r2 ^= r3;
0x00002d9c mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00002da0 bne 0x2e6e | goto label_1;
| }
0x00002da2 ldr.w ip, [pc, 0x104] |
0x00002da6 add ip, pc | ip = 0x5c54;
0x00002da8 b 0x2d20 | goto label_0;
0x00002daa ldr r2, [pc, 0x100] |
0x00002dac ldr r3, [pc, 0xc8] | r3 = *(0x2e78);
0x00002dae add r2, pc | r2 = 0x5c60;
0x00002db0 ldr r3, [r2, r3] | r3 = *(0x5c60);
0x00002db2 ldr r2, [r3] | r2 = *(0x5c60);
0x00002db4 ldr r3, [sp, 0xc] | r3 = var_ch;
0x00002db6 eors r2, r3 | r2 ^= r3;
0x00002db8 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00002dbc bne 0x2e6e | goto label_1;
| }
0x00002dbe ldr.w ip, [pc, 0xf0] |
0x00002dc2 add ip, pc | ip = 0x5c78;
0x00002dc4 b 0x2d20 | goto label_0;
0x00002dc6 ldr r2, [pc, 0xec] |
0x00002dc8 ldr r3, [pc, 0xac] | r3 = *(0x2e78);
0x00002dca add r2, pc | r2 = 0x5c84;
0x00002dcc ldr r3, [r2, r3] | r3 = *(0x5c84);
0x00002dce ldr r2, [r3] | r2 = *(0x5c84);
0x00002dd0 ldr r3, [sp, 0xc] | r3 = var_ch;
0x00002dd2 eors r2, r3 | r2 ^= r3;
0x00002dd4 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00002dd8 bne 0x2e6e | goto label_1;
| }
0x00002dda ldr.w ip, [pc, 0xdc] |
0x00002dde add ip, pc | ip = 0x5c9c;
0x00002de0 b 0x2d20 | goto label_0;
0x00002de2 ldr r2, [pc, 0xd8] |
0x00002de4 ldr r3, [pc, 0x90] | r3 = *(0x2e78);
0x00002de6 add r2, pc | r2 = 0x5ca8;
0x00002de8 ldr r3, [r2, r3] | r3 = *(0x5ca8);
0x00002dea ldr r2, [r3] | r2 = *(0x5ca8);
0x00002dec ldr r3, [sp, 0xc] | r3 = var_ch;
0x00002dee eors r2, r3 | r2 ^= r3;
0x00002df0 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00002df4 bne 0x2e6e | goto label_1;
| }
0x00002df6 ldr.w ip, [pc, 0xc8] |
0x00002dfa add ip, pc | ip = 0x5cc0;
0x00002dfc b 0x2d20 | goto label_0;
0x00002dfe ldr r2, [pc, 0xc4] |
0x00002e00 ldr r3, [pc, 0x74] | r3 = *(0x2e78);
0x00002e02 add r2, pc | r2 = 0x5ccc;
0x00002e04 ldr r3, [r2, r3] | r3 = *(0x5ccc);
0x00002e06 ldr r2, [r3] | r2 = *(0x5ccc);
0x00002e08 ldr r3, [sp, 0xc] | r3 = var_ch;
0x00002e0a eors r2, r3 | r2 ^= r3;
0x00002e0c mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00002e10 bne 0x2e6e | goto label_1;
| }
0x00002e12 ldr.w ip, [pc, 0xb4] |
0x00002e16 add ip, pc | ip = 0x5ce4;
0x00002e18 b 0x2d20 | goto label_0;
0x00002e1a ldr r2, [pc, 0xb0] |
0x00002e1c ldr r3, [pc, 0x58] | r3 = *(0x2e78);
0x00002e1e add r2, pc | r2 = 0x5cf0;
0x00002e20 ldr r3, [r2, r3] | r3 = *(0x5cf0);
0x00002e22 ldr r2, [r3] | r2 = *(0x5cf0);
0x00002e24 ldr r3, [sp, 0xc] | r3 = var_ch;
0x00002e26 eors r2, r3 | r2 ^= r3;
0x00002e28 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00002e2c bne 0x2e6e | goto label_1;
| }
0x00002e2e ldr.w ip, [pc, 0xa0] |
0x00002e32 add ip, pc | ip = 0x5d08;
0x00002e34 b 0x2d20 | goto label_0;
0x00002e36 ldr r2, [pc, 0x9c] |
0x00002e38 ldr r3, [pc, 0x3c] | r3 = *(0x2e78);
0x00002e3a add r2, pc | r2 = 0x5d14;
0x00002e3c ldr r3, [r2, r3] | r3 = *(0x5d14);
0x00002e3e ldr r2, [r3] | r2 = *(0x5d14);
0x00002e40 ldr r3, [sp, 0xc] | r3 = var_ch;
0x00002e42 eors r2, r3 | r2 ^= r3;
0x00002e44 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00002e48 bne 0x2e6e | goto label_1;
| }
0x00002e4a ldr.w ip, [pc, 0x8c] |
0x00002e4e add ip, pc | ip = 0x5d2c;
0x00002e50 b 0x2d20 | goto label_0;
0x00002e52 ldr r2, [pc, 0x88] |
0x00002e54 ldr r3, [pc, 0x20] | r3 = *(0x2e78);
0x00002e56 add r2, pc | r2 = 0x5d38;
0x00002e58 ldr r3, [r2, r3] | r3 = *(0x5d38);
0x00002e5a ldr r2, [r3] | r2 = *(0x5d38);
0x00002e5c ldr r3, [sp, 0xc] | r3 = var_ch;
0x00002e5e eors r2, r3 | r2 ^= r3;
0x00002e60 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00002e64 bne 0x2e6e | goto label_1;
| }
0x00002e66 ldr.w ip, [pc, 0x78] |
0x00002e6a add ip, pc | ip = 0x5d50;
0x00002e6c b 0x2d20 | goto label_0;
| }
| label_1:
0x00002e6e blx 0x16b8 | fcn_000016b8 ();
0x00002e72 nop |
0x00002e74 adds r2, 0x8a | r2 += 0x8a;
0x00002e76 movs r0, r0 |
0x00002e78 lsls r4, r6, 4 | r4 = r6 << 4;
0x00002e7a movs r0, r0 |
0x00002e7c subs r6, r2, 6 | r6 = r2 - 6;
0x00002e7e movs r0, r0 |
0x00002e80 adds r1, 0x98 | r1 += 0x98;
0x00002e82 movs r0, r0 |
0x00002e84 adds r1, 0x7c | r1 += 0x7c;
0x00002e86 movs r0, r0 |
0x00002e88 subs r6, r0, 5 | r6 = r0 - 5;
0x00002e8a movs r0, r0 |
0x00002e8c adds r1, 0x4a | r1 += 0x4a;
0x00002e8e movs r0, r0 |
0x00002e90 subs r4, r1, 4 | r4 = r1 - 4;
0x00002e92 movs r0, r0 |
0x00002e94 adds r1, 0x2c | r1 += 0x2c;
0x00002e96 movs r0, r0 |
0x00002e98 subs r2, r6, 3 | r2 = r6 - 3;
0x00002e9a movs r0, r0 |
0x00002e9c adds r1, 0xe | r1 += 0xe;
0x00002e9e movs r0, r0 |
0x00002ea0 subs r6, r1, 3 | r6 = r1 - 3;
0x00002ea2 movs r0, r0 |
0x00002ea4 adds r0, 0xf2 | r0 += 0xf2;
0x00002ea6 movs r0, r0 |
0x00002ea8 subs r6, r5, 2 | r6 = r5 - 2;
0x00002eaa movs r0, r0 |
0x00002eac adds r0, 0xd6 | r0 += 0xd6;
0x00002eae movs r0, r0 |
0x00002eb0 subs r2, r7, 1 | r2 = r7 - 1;
0x00002eb2 movs r0, r0 |
0x00002eb4 adds r0, 0xba | r0 += 0xba;
0x00002eb6 movs r0, r0 |
0x00002eb8 subs r2, r4, 1 | r2 = r4 - 1;
0x00002eba movs r0, r0 |
0x00002ebc adds r0, 0x9e | r0 += 0x9e;
0x00002ebe movs r0, r0 |
0x00002ec0 subs r2, r1, 1 | r2 = r1 - 1;
0x00002ec2 movs r0, r0 |
0x00002ec4 adds r0, 0x82 | r0 += 0x82;
0x00002ec6 movs r0, r0 |
0x00002ec8 subs r6, r6, 5 | r6 -= 5;
0x00002eca movs r0, r0 |
0x00002ecc adds r0, 0x66 | r0 += 0x66;
0x00002ece movs r0, r0 |
0x00002ed0 subs r6, r2, 0 | r6 = r2 - 0;
0x00002ed2 movs r0, r0 |
0x00002ed4 adds r0, 0x4a | r0 += 0x4a;
0x00002ed6 movs r0, r0 |
0x00002ed8 adds r6, r7, 7 | r6 = r7 + 7;
0x00002eda movs r0, r0 |
0x00002edc adds r0, 0x2e | r0 += 0x2e;
0x00002ede movs r0, r0 |
0x00002ee0 adds r6, r4, 7 | r6 = r4 + 7;
0x00002ee2 movs r0, r0 |
| }
[*] Function strcat used 1 times libnetsnmptrapd.so.40.2.0
