[*] Binary protection state of psnap.ko
No RELRO No Canary found NX disabled REL No RPATH No RUNPATH Symbols
[*] Function strcpy tear down of psnap.ko
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/lib/modules/5.10.52-axis9/kernel/net/802/psnap.ko @ 0x800020c */
| #include <stdint.h>
|
| #define BIT_MASK(t,v) ((t)(-((v)!= 0)))&(((t)-1)>>((sizeof(t)*CHAR_BIT)-(v)))
|
; (fcn) sym.register_snap_client () | void register_snap_client (int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| r0 = arg1;
| r1 = arg2;
0x0800020c push {r4, r5, r6, r7, r8, lr} |
0x08000210 mov r6, r0 | r6 = r0;
0x08000214 mov r7, r1 | r7 = r1;
0x08000218 mov r3, sp | r3 = sp;
0x0800021c bic r2, r3, 0x1fc0 | r2 = BIT_MASK (r3, 0x1fc0);
0x08000220 bic r2, r2, 0x3f | r2 = BIT_MASK (r2, 0x3f);
0x08000224 ldr r3, [r2, 4] | r3 = *((r2 + 4));
0x08000228 add r3, r3, 0x200 | r3 += 0x200;
0x0800022c add r3, r3, 1 | r3++;
0x08000230 str r3, [r2, 4] | *((r2 + 4)) = r3;
0x08000234 stmdaeq r0, {r2, r3, r7, sl} | __asm ("stmdaeq r0, {r2, r3, r7, sl}");
0x08000238 stmdaeq r0, {r2, r3, r7, sl} | __asm ("stmdaeq r0, {r2, r3, r7, sl}");
0x0800023c ldr r3, [r5] | r3 = *(r5);
0x08000240 cmp r5, r3 |
| if (r5 == r3) {
0x08000244 beq 0x8000298 | goto label_1;
| }
0x08000248 sub r4, r3, 0x18 | r4 = r3 - 0x18;
0x0800024c b 0x8000260 |
| while (r0 != 0) {
0x08000250 ldr r3, [r4, 0x18] | r3 = *((r4 + 0x18));
0x08000254 sub r4, r3, 0x18 | r4 = r3 - 0x18;
0x08000258 cmp r5, r3 |
| if (r5 == r3) {
0x0800025c beq 0x8000298 | goto label_1;
| }
0x08000260 mov r1, r6 | r1 = r6;
0x08000264 mov r0, r4 | r0 = r4;
0x08000268 mov r2, 5 | r2 = 5;
0x0800026c stmdaeq r0, {r2, r4, r5, r6, r7, r8, ip} | __asm ("stmdaeq r0, {r2, r4, r5, r6, r7, r8, ip}");
0x08000270 cmp r0, 0 |
0x08000274 bne 0x8000250 |
| }
0x08000278 cmp r4, 0 |
| if (r4 == 0) {
0x0800027c movne r4, r0 | r4 = r0;
| }
0x08000280 beq 0x8000298 |
| while (r4 == r0) {
| label_0:
0x08000284 ldr r0, [pc, 0x6c] | r0 = *(0x80002f4);
0x08000288 movw r1, 0x201 | r1 = 0x201;
0x0800028c stmdaeq r0, {r2, r5, r6, r7, r8, ip} | __asm ("stmdaeq r0, {r2, r5, r6, r7, r8, ip}");
0x08000290 mov r0, r4 | r0 = r4;
0x08000294 pop {r4, r5, r6, r7, r8, pc} |
| label_1:
0x08000298 stmdaeq r0, {r3, sb, ip} | __asm ("stmdaeq r0, {r3, sb, ip}");
0x0800029c stmdaeq r0, {r3, sb, ip} | __asm ("stmdaeq r0, {r3, sb, ip}");
0x080002a0 mov r1, 0xa20 | r1 = 0xa20;
0x080002a4 ldr r0, [r3, 0x18] | r0 = *((r3 + 0x18));
0x080002a8 stmdaeq r0, {r2, r3, sb, ip} | __asm ("stmdaeq r0, {r2, r3, sb, ip}");
0x080002ac subs r4, r0, 0 | r4 = r0 - 0;
0x080002b0 beq 0x8000284 |
| }
0x080002b4 ldrb r3, [r6, 4] | r3 = *((r6 + 4));
0x080002b8 mov r2, 8 | r2 = 8;
0x080002bc ldr r0, [r6] | r0 = *(r6);
0x080002c0 ldr r1, [r5] | r1 = *(r5);
0x080002c4 strh r2, [r4, 0xc] | *((r4 + 0xc)) = r2;
0x080002c8 stmdaeq r0, {r4, r5, r6} | __asm ("stmdaeq r0, {r4, r5, r6}");
0x080002cc stmdaeq r0, {r4, r5, r6} | __asm ("stmdaeq r0, {r4, r5, r6}");
0x080002d0 strb r3, [r4, 4] | *((r4 + 4)) = r3;
0x080002d4 str r0, [r4] | *(r4) = r0;
0x080002d8 add r3, r4, 0x18 | r3 = r4 + 0x18;
0x080002dc str r7, [r4, 0x10] | *((r4 + 0x10)) = r7;
0x080002e0 str r1, [r4, 0x18] | *((r4 + 0x18)) = r1;
0x080002e4 str r2, [r4, 0x14] | *((r4 + 0x14)) = r2;
0x080002e8 str r5, [r4, 0x1c] | *((r4 + 0x1c)) = r5;
0x080002ec str r3, [r5] | *(r5) = r3;
0x080002f0 str r3, [r1, 4] | *((r1 + 4)) = r3;
0x080002f4 b 0x8000284 | goto label_0;
| }
[*] Function strcpy used 1 times psnap.ko