[*] Binary protection state of sshd
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function fprintf tear down of sshd
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/sbin/sshd @ 0x8826c */
| #include <stdint.h>
|
; (fcn) fcn.0008826c () | void fcn_0008826c (int16_t arg_0h, int16_t arg_90h, int16_t arg_1080h, int16_t arg_2080h, int16_t arg_3080h, int16_t arg1, int16_t arg2) {
| int16_t var_0h;
| int16_t var_4h;
| int16_t var_8h;
| int16_t var_ch;
| int16_t var_10h;
| int16_t var_14h;
| int16_t var_18h;
| int16_t var_1ch;
| int16_t var_20h;
| r0 = arg1;
| r1 = arg2;
0x0008826c push.w {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x00088270 mov r4, r0 | r4 = r0;
0x00088272 ldr.w r0, [pc, 0x414] |
0x00088274 lsls r4, r2, 0x10 | r4 = r2 << 0x10;
0x00088276 sub.w sp, sp, 0x3080 |
0x0008827a sub sp, 0x14 |
0x0008827c movs r2, 0x68 | r2 = 0x68;
0x0008827e ldr.w r3, [pc, 0x40c] | r3 = *(0x8868e);
0x00088282 add r6, sp, 0x20 | r6 += var_20h;
0x00088284 add r0, pc | r0 = 0x110912;
0x00088286 str r6, [sp] | *(sp) = r6;
0x00088288 add.w r5, sp, 0x3080 | r5 += var_0h;
0x0008828c mov r7, r1 | r7 = r1;
0x0008828e ldr r3, [r0, r3] |
0x00088290 adds r5, 0xc | r5 += 0xc;
0x00088292 movs r1, 0 | r1 = 0;
0x00088294 mov r0, r6 | r0 = r6;
0x00088296 add.w sb, sp, 0x1080 | sb += arg_1080h;
0x0008829a ldr r3, [r3] | r3 = imp.isalpha;
0x0008829c str r3, [r5] | *(r5) = r3;
0x0008829e mov.w r3, 0 | r3 = 0;
0x000882a2 add r3, sp, 0x90 | r3 += arg_90h;
0x000882a4 mov r5, r3 | r5 = r3;
0x000882a6 str r3, [sp, 4] | var_4h = r3;
0x000882a8 subs r6, r5, 4 | r6 = r5 - 4;
0x000882aa add.w sb, sb, 0x10 | sb += 0x10;
0x000882ae blx 0x57c8 | fcn_000057c8 ();
0x000882b2 mov.w r2, 0x1000 | r2 = 0x1000;
0x000882b6 movs r1, 0 | r1 = 0;
0x000882b8 mov r0, r6 | r0 = r6;
0x000882ba sub.w r8, sb, 4 | r8 = sb - 4;
0x000882be blx 0x57c8 | fcn_000057c8 ();
0x000882c2 add.w r3, sp, 0x2080 | r3 += arg_2080h;
0x000882c6 mov.w r2, 0x1000 | r2 = 0x1000;
0x000882ca adds r3, 0x10 | r3 += 0x10;
0x000882cc movs r1, 0 | r1 = 0;
0x000882ce mov r5, r3 | r5 = r3;
0x000882d0 mov r0, r8 | r0 = r8;
0x000882d2 str r3, [sp, 0xc] | var_ch = r3;
0x000882d4 blx 0x57c8 | fcn_000057c8 ();
0x000882d8 subs r3, r5, 4 | r3 = r5 - 4;
0x000882da mov.w r2, 0x1000 | r2 = 0x1000;
0x000882de movs r1, 0 | r1 = 0;
0x000882e0 mov r0, r3 | r0 = r3;
0x000882e2 str r3, [sp, 8] | var_8h = r3;
0x000882e4 blx 0x57c8 | fcn_000057c8 ();
0x000882e8 ldrb r5, [r4] | r5 = *(r4);
0x000882ea blx 0x615c | r0 = memcmp (r0, r1, r2);
0x000882ee mov fp, r0 |
0x000882f0 cmp r5, 0 |
| if (r5 == 0) {
0x000882f2 beq.w 0x88622 | goto label_12;
| }
0x000882f6 ldr r3, [r0] | r3 = *(r0);
0x000882f8 str r3, [sp, 0x1c] | var_1ch = r3;
0x000882fa cmp r7, 0 |
| if (r7 == 0) {
0x000882fc beq.w 0x88628 | goto label_13;
| }
0x00088300 movs r3, 0 | r3 = 0;
0x00088302 str r3, [sp, 0x18] | var_18h = r3;
| label_10:
0x00088304 cmp r5, 0x2f |
| if (r5 == 0x2f) {
0x00088306 beq.w 0x885e6 | goto label_14;
| }
0x0008830a mov.w r1, 0x1000 | r1 = 0x1000;
0x0008830e mov r0, r7 | r0 = r7;
0x00088310 blx 0x5f8c | r0 = fcn_00005f8c ();
0x00088314 cmp r0, 0 |
| if (r0 == 0) {
0x00088316 beq.w 0x88616 | goto label_15;
| }
0x0008831a mov r0, r7 | r0 = r7;
0x0008831c blx 0x5f68 | fcn_00005f68 ();
0x00088320 mov r1, r4 | r1 = r4;
0x00088322 mov r5, r0 | r5 = r0;
0x00088324 mov.w r2, 0x1000 | r2 = 0x1000;
0x00088328 mov r0, r6 | r0 = r6;
0x0008832a bl 0x9cc1c | r0 = fcn_0009cc1c (r0, r1, r2);
0x0008832e orr.w r3, r5, r0 | r3 = r5 | r0;
0x00088332 mov sl, r0 | sl = r0;
0x00088334 cmp.w r3, 0x1000 |
| if (r3 >= 0x1000) {
0x00088338 bhs.w 0x884f0 | goto label_6;
| }
0x0008833c cmp r0, 0 |
| if (r0 == 0) {
0x0008833e beq 0x88404 | goto label_16;
| }
| label_7:
0x00088340 mov r3, r7 | r3 = r7;
0x00088342 mov r7, sl | r7 = sl;
0x00088344 mov sl, r3 | sl = r3;
0x00088346 movs r1, 0 | r1 = 0;
0x00088348 strd fp, r1, [sp, 0x10] | __asm ("strd fp, r1, [sp, 0x10]");
| do {
| label_0:
0x0008834c movs r1, 0x2f | r1 = 0x2f;
0x0008834e mov r0, r6 | r0 = r6;
0x00088350 blx 0x6364 | fcn_00006364 ();
0x00088352 invalid |
0x00088356 cmp r0, 0 |
| if (r0 == 0) {
0x00088358 beq.w 0x884cc | goto label_17;
| }
0x0008835c subs.w fp, r0, r6 |
0x00088360 cmp.w fp, 0x1000 |
| if (fp >= 0x1000) {
0x00088364 bge.w 0x884ea | goto label_18;
| }
0x00088368 mov r2, fp | r2 = fp;
0x0008836a mov r1, r6 | r1 = r6;
0x0008836c mov.w r3, 0x1000 | r3 = 0x1000;
0x00088370 mov r0, r8 | r0 = r8;
0x00088372 blx 0x5290 | fcn_00005290 ();
0x00088376 sub.w r7, r7, fp | r7 -= fp;
0x0008837a add.w r2, sb, fp | r2 = sb + fp;
0x0008837e mov.w r3, 0 | r3 = 0;
0x00088382 adds r1, r4, 1 | r1 = r4 + 1;
0x00088384 strb r3, [r2, -0x4] | *((r2 - 0x4)) = r3;
0x00088388 mov r0, r6 | r0 = r6;
0x0008838a mov.w r3, 0x1000 | r3 = 0x1000;
0x0008838e adds r2, r7, 1 | r2 = r7 + 1;
0x00088390 blx 0x5f80 | fcn_00005f80 ();
| label_2:
0x00088394 add.w r3, sl, r5 | r3 = sl + r5;
0x00088398 ldrb r3, [r3, -0x1] | r3 = *((r3 - 0x1));
0x0008839c cmp r3, 0x2f |
| if (r3 != 0x2f) {
0x0008839e beq 0x883b2 |
0x000883a0 adds r3, r5, 1 | r3 = r5 + 1;
0x000883a2 cmp.w r3, 0x1000 |
| if (r3 >= 0x1000) {
0x000883a6 bhs.w 0x884ea | goto label_18;
| }
0x000883aa movs r2, 0x2f | r2 = 0x2f;
0x000883ac strh.w r2, [sl, r5] | *((sl + r5)) = r2;
0x000883b0 mov r5, r3 | r5 = r3;
| }
0x000883b2 ldrb r3, [sb, -0x4] | r3 = *((sb - 0x4));
| if (r3 != 0) {
0x000883b6 cbz r3, 0x883fe |
0x000883b8 ldrh.w r3, [r8] | r3 = *(r8);
0x000883bc cmp r3, 0x2e |
| if (r3 == 0x2e) {
0x000883be beq 0x883fe | goto label_4;
| }
0x000883c0 movw r2, 0x2e2e | r2 = 0x2e2e;
0x000883c4 cmp r3, r2 |
| if (r3 == r2) {
0x000883c6 beq.w 0x885b4 | goto label_19;
| }
| label_3:
0x000883ca mov.w r2, 0x1000 | r2 = 0x1000;
0x000883ce mov r1, r8 | r1 = r8;
0x000883d0 mov r0, sl | r0 = sl;
0x000883d2 bl 0x9ca8c | r0 = fcn_0009ca8c (r0, r1, r2);
0x000883d6 cmp.w r0, 0x1000 |
0x000883da mov r5, r0 | r5 = r0;
| if (r0 >= 0x1000) {
0x000883dc bhs.w 0x884ea | goto label_18;
| }
0x000883e0 ldr r1, [sp] | r1 = *(sp);
0x000883e2 mov r0, sl | r0 = sl;
0x000883e4 blx 0x5e5c | r0 = daemon (r0, r1);
0x000883e8 cmp r0, 0 |
| if (r0 != 0) {
0x000883ea bne.w 0x8864e | goto label_20;
| }
0x000883ee ldr r2, [sp, 4] | r2 = var_4h;
0x000883f0 ldr r2, [r2, -0x60] | r2 = *((r2 - 0x60));
0x000883f4 and r2, r2, 0xf000 | r2 &= 0xf000;
0x000883f8 cmp.w r2, 0xa000 |
| if (r2 == 0xa000) {
0x000883fc beq 0x88418 | goto label_21;
| }
| }
| label_4:
0x000883fe cmp r7, 0 |
0x00088400 bne 0x8834c |
| } while (r7 != 0);
| label_1:
0x00088402 mov r7, sl | r7 = sl;
| label_16:
0x00088404 cmp r5, 1 |
| if (r5 >= 1) {
0x00088406 bls 0x88414 |
0x00088408 subs r5, 1 | r5--;
0x0008840a ldrb r3, [r7, r5] | r3 = *((r7 + r5));
0x0008840c cmp r3, 0x2f |
0x0008840e itt eq |
| if (r3 != 0x2f) {
0x00088410 moveq r3, 0 | r3 = 0;
| }
| if (r3 == 0x2f) {
0x00088412 strbeq r3, [r7, r5] | *((r7 + r5)) = r3;
| goto label_5;
| }
| }
| label_5:
0x00088414 mov r0, r7 | r0 = r7;
0x00088416 b 0x88500 | goto label_8;
| label_21:
0x00088418 ldr r2, [sp, 0x14] | r2 = var_14h;
0x0008841a cmp r2, 0x20 |
0x0008841c add.w r7, r2, 1 | r7 = r2 + 1;
| if (r2 > 0x20) {
0x00088420 bhi.w 0x8866c | goto label_22;
| }
0x00088424 str r0, [sp, 0x14] | var_14h = r0;
0x00088426 movw r2, 0xfff | r2 = 0xfff;
0x0008842a ldr r1, [sp, 8] | r1 = var_8h;
0x0008842c mov r0, sl | r0 = sl;
0x0008842e blx 0x5700 | r0 = fprintf_chk ()
0x00088432 subs.w fp, r0, 0 |
| if (fp < r0) {
0x00088436 blt.w 0x8867a | goto label_23;
| }
0x0008843a ldr r2, [sp, 0xc] | r2 = var_ch;
0x0008843c ldr r3, [sp, 0x14] | r3 = var_14h;
0x0008843e add.w r1, r2, fp | r1 = r2 + fp;
0x00088442 strb r3, [r1, -0x4] | *((r1 - 0x4)) = r3;
0x00088446 ldrb r1, [r2, -0x4] | r1 = *((r2 - 0x4));
0x0008844a cmp r1, 0x2f |
0x0008844c itt eq |
| if (r1 != 0x2f) {
0x0008844e moveq r5, 1 | r5 = 1;
| }
| if (r1 != 0x2f) {
0x00088450 strbeq r3, [sl, 1] | *((sl + 1)) = r3;
| }
| if (r1 != 0x2f) {
0x00088454 beq 0x88474 |
0x00088456 cmp r5, 1 |
| if (r5 < 1) {
0x00088458 bls 0x88474 | goto label_24;
| }
0x0008845a add r5, sl | r5 += sl;
0x0008845c movs r1, 0x2f | r1 = 0x2f;
0x0008845e strb r3, [r5, -0x1] | *((r5 - 0x1)) = r3;
0x00088462 mov r0, sl | r0 = sl;
0x00088464 str r3, [sp, 0x14] | var_14h = r3;
0x00088466 blx 0x622c | fcn_0000622c ();
0x0008846a ldr r3, [sp, 0x14] | r3 = var_14h;
0x0008846c strb r3, [r0, 1]! | *((r0 += 1)) = r3;
0x00088470 subs.w r5, r0, sl | r5 = r0 - sl;
0x00088472 lsls r2, r1, 0x14 | r2 = r1 << 0x14;
| }
| if (r4 != 0) {
| label_24:
0x00088474 cbz r4, 0x884b4 |
0x00088476 ldr r3, [sp, 0xc] | r3 = var_ch;
0x00088478 add.w r4, r3, fp | r4 = r3 + fp;
0x0008847c ldrb r3, [r4, -0x5] | r3 = *((r4 - 0x5));
0x00088480 cmp r3, 0x2f |
| if (r3 != 0x2f) {
0x00088482 beq 0x884a2 |
0x00088484 mov r0, fp | r0 = fp;
0x00088486 movs r1, 1 | r1 = 1;
0x00088488 bl 0x9f4fc | r0 = fcn_0009f4fc (r0, r1);
0x0008848c cmp.w r0, 0x1000 |
| if (r0 >= 0x1000) {
0x00088490 bge 0x884ea | goto label_18;
| }
0x00088492 ldr r3, [sp, 0xc] | r3 = var_ch;
0x00088494 add r0, r3 | r0 += r3;
0x00088496 movs r3, 0x2f | r3 = 0x2f;
0x00088498 strb r3, [r4, -0x4] | *((r4 - 0x4)) = r3;
0x0008849c movs r3, 0 | r3 = 0;
0x0008849e strb r3, [r0, -0x4] | *((r0 - 0x4)) = r3;
| }
0x000884a2 ldr r0, [sp, 8] | r0 = var_8h;
0x000884a4 mov.w r2, 0x1000 | r2 = 0x1000;
0x000884a8 mov r1, r6 | r1 = r6;
0x000884aa bl 0x9ca8c | r0 = fcn_0009ca8c (r0, r1, r2);
0x000884ae cmp.w r0, 0x1000 |
| if (r0 >= 0x1000) {
0x000884b2 bhs 0x884ea | goto label_18;
| }
| }
0x000884b4 ldr r1, [sp, 8] | r1 = var_8h;
0x000884b6 mov.w r2, 0x1000 | r2 = 0x1000;
0x000884ba mov r0, r6 | r0 = r6;
0x000884bc str r7, [sp, 0x14] | var_14h = r7;
0x000884be bl 0x9cc1c | r0 = fcn_0009cc1c (r0, r1, r2);
0x000884c2 mov r7, r0 | r7 = r0;
0x000884c4 cmp r7, 0 |
| if (r7 != 0) {
0x000884c6 bne.w 0x8834c | goto label_0;
| }
0x000884ca b 0x88402 | goto label_1;
| label_17:
0x000884cc cmp.w r7, 0x1000 |
| if (r7 < 0x1000) {
0x000884d0 bge 0x884ea |
0x000884d2 mov r2, r7 | r2 = r7;
0x000884d4 mov.w r3, 0x1000 | r3 = 0x1000;
0x000884d8 add r7, sb | r7 += sb;
0x000884da mov r1, r6 | r1 = r6;
0x000884dc mov r0, r8 | r0 = r8;
0x000884de blx 0x5290 | fcn_00005290 ();
0x000884e2 strb r4, [r7, -0x4] | *((r7 - 0x4)) = r4;
0x000884e6 mov r7, r4 | r7 = r4;
0x000884e8 b 0x88394 | goto label_2;
| }
| label_18:
0x000884ea ldr.w fp, [sp, 0x10] | fp = var_10h;
0x000884ee mov r7, sl | r7 = sl;
| label_6:
0x000884f0 movs r3, 0x24 | r3 = 0x24;
0x000884f2 str.w r3, [fp] | __asm ("str.w r3, [fp]");
0x000884f4 adds r0, 0 | r0 += 0;
| label_11:
0x000884f6 ldr r3, [sp, 0x18] | r3 = var_18h;
0x000884f8 cmp r3, 0 |
| if (r3 != 0) {
0x000884fa bne.w 0x8861a | goto label_25;
| }
| label_9:
0x000884fe movs r0, 0 | r0 = 0;
| label_8:
0x00088500 ldr r2, [pc, 0x18c] |
0x00088502 add.w r1, sp, 0x3080 | r1 += var_0h;
0x00088506 ldr r3, [pc, 0x184] | r3 = *(0x8868e);
0x00088508 adds r1, 0xc | r1 += 0xc;
0x0008850a add r2, pc | r2 = 0x110b9e;
0x0008850c ldr r3, [r2, r3] | r3 = imp.isalpha;
0x0008850e ldr r2, [r3] | r2 = imp.isalpha;
0x00088510 ldr r3, [r1] | r3 = *(r1);
0x00088512 eors r2, r3 | r2 ^= r3;
0x00088514 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00088518 bne.w 0x8867e | goto label_26;
| }
0x0008851c add.w sp, sp, 0x3080 |
0x00088520 add sp, 0x14 |
0x00088522 movs r1, 0 | r1 = 0;
0x00088524 movs r2, 0 | r2 = 0;
0x00088526 movs r3, 0 | r3 = 0;
0x00088528 mov.w ip, 0 |
0x0008852c mov.w lr, 0 | lr = 0;
0x00088530 vldr s0, [pc, 0x150] | __asm ("vldr s0, aav.0x000000ff");
0x00088534 vldr s1, [pc, 0x14c] | __asm ("vldr s1, aav.0x000000ff");
0x00088538 vldr s2, [pc, 0x148] | __asm ("vldr s2, aav.0x000000ff");
0x0008853c vldr s3, [pc, 0x144] | __asm ("vldr s3, aav.0x000000ff");
0x00088540 vldr s4, [pc, 0x140] | __asm ("vldr s4, aav.0x000000ff");
0x00088544 vldr s5, [pc, 0x13c] | __asm ("vldr s5, aav.0x000000ff");
0x00088548 vldr s6, [pc, 0x138] | __asm ("vldr s6, aav.0x000000ff");
0x0008854c vldr s7, [pc, 0x134] | __asm ("vldr s7, aav.0x000000ff");
0x00088550 vldr s8, [pc, 0x130] | __asm ("vldr s8, aav.0x000000ff");
0x00088554 vldr s9, [pc, 0x12c] | __asm ("vldr s9, aav.0x000000ff");
0x00088558 vldr s10, [pc, 0x128] | __asm ("vldr s10, aav.0x000000ff");
0x0008855c vldr s11, [pc, 0x124] | __asm ("vldr s11, aav.0x000000ff");
0x00088560 vldr s12, [pc, 0x120] | __asm ("vldr s12, aav.0x000000ff");
0x00088564 vldr s13, [pc, 0x11c] | __asm ("vldr s13, aav.0x000000ff");
0x00088568 vldr s14, [pc, 0x118] | __asm ("vldr s14, aav.0x000000ff");
0x0008856c vldr s15, [pc, 0x114] | __asm ("vldr s15, aav.0x000000ff");
0x00088570 vmov.i32 d16, 0 | __asm ("vmov.i32 d16, 0");
0x00088574 vmov.i32 d17, 0 | __asm ("vmov.i32 d17, 0");
0x00088578 vmov.i32 d18, 0 | __asm ("vmov.i32 d18, 0");
0x0008857c vmov.i32 d19, 0 | __asm ("vmov.i32 d19, 0");
0x00088580 vmov.i32 d20, 0 | __asm ("vmov.i32 d20, 0");
0x00088584 vmov.i32 d21, 0 | __asm ("vmov.i32 d21, 0");
0x00088588 vmov.i32 d22, 0 | __asm ("vmov.i32 d22, 0");
0x0008858c vmov.i32 d23, 0 | __asm ("vmov.i32 d23, 0");
0x00088590 vmov.i32 d24, 0 | __asm ("vmov.i32 d24, 0");
0x00088594 vmov.i32 d25, 0 | __asm ("vmov.i32 d25, 0");
0x00088598 vmov.i32 d26, 0 | __asm ("vmov.i32 d26, 0");
0x0008859c vmov.i32 d27, 0 | __asm ("vmov.i32 d27, 0");
0x000885a0 vmov.i32 d28, 0 | __asm ("vmov.i32 d28, 0");
0x000885a4 vmov.i32 d29, 0 | __asm ("vmov.i32 d29, 0");
0x000885a8 vmov.i32 d30, 0 | __asm ("vmov.i32 d30, 0");
0x000885ac vmov.i32 d31, 0 | __asm ("vmov.i32 d31, 0");
0x000885b0 pop.w {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| label_19:
0x000885b4 ldrb.w r3, [r8, 2] | r3 = *((r8 + 2));
0x000885b8 cmp r3, 0 |
| if (r3 != 0) {
0x000885ba bne.w 0x883ca | goto label_3;
| }
0x000885be cmp r5, 1 |
| if (r5 < 1) {
0x000885c0 bls.w 0x883fe | goto label_4;
| }
0x000885c4 add r5, sl | r5 += sl;
0x000885c6 mov.w r4, 0 | r4 = 0;
0x000885ca strb r4, [r5, -0x1] | *((r5 - 0x1)) = r4;
0x000885ce movs r1, 0x2f | r1 = 0x2f;
0x000885d0 mov r0, sl | r0 = sl;
0x000885d2 blx 0x622c | fcn_0000622c ();
0x000885d6 strb r4, [r0, 1]! | *((r0 += 1)) = r4;
0x000885da subs.w r5, r0, sl | r5 = r0 - sl;
0x000885de cmp r7, 0 |
| if (r7 != 0) {
0x000885e0 bne.w 0x8834c | goto label_0;
| }
0x000885e4 b 0x88402 | goto label_1;
| label_14:
0x000885e6 strh r5, [r7] | *(r7) = r5;
0x000885e8 ldrb r3, [r4, 1] | r3 = *((r4 + 1));
0x000885ea cmp r3, 0 |
| if (r3 == 0) {
0x000885ec beq.w 0x88414 | goto label_5;
| }
0x000885f0 adds r1, r4, 1 | r1 = r4 + 1;
0x000885f2 mov.w r2, 0x1000 | r2 = 0x1000;
0x000885f6 mov r0, r6 | r0 = r6;
0x000885f8 bl 0x9cc1c | r0 = fcn_0009cc1c (r0, r1, r2);
0x000885fc orr r3, r0, 1 | r3 = r0 | 1;
0x000885fe lsls r1, r0, 0xc | r1 = r0 << 0xc;
0x00088600 mov sl, r0 | sl = r0;
0x00088602 cmp.w r3, 0x1000 |
| if (r3 >= 0x1000) {
0x00088606 bhs.w 0x884f0 | goto label_6;
| }
0x0008860a movs r5, 1 | r5 = 1;
0x0008860c cmp r0, 0 |
| if (r0 != 0) {
0x0008860e bne.w 0x88340 | goto label_7;
| }
0x00088612 mov r0, r7 | r0 = r7;
0x00088614 b 0x88500 | goto label_8;
| label_15:
0x00088616 ldr r3, [sp, 0x18] | r3 = var_18h;
| if (r3 == 0) {
0x00088618 cbz r3, 0x8863e | goto label_27;
| }
| label_25:
0x0008861a mov r0, r7 | r0 = r7;
0x0008861c blx 0x53b4 | fcn_000053b4 ();
0x00088620 b 0x884fe | goto label_9;
| label_12:
0x00088622 movs r3, 2 | r3 = 2;
0x00088624 str r3, [r0] | *(r0) = r3;
0x00088626 b 0x884fe | goto label_9;
| label_13:
0x00088628 mov.w r0, 0x1000 | r0 = 0x1000;
0x0008862c blx 0x5f5c | r0 = fcn_00005f5c ();
0x00088630 mov r7, r0 | r7 = r0;
0x00088632 cmp r0, 0 |
| if (r0 == 0) {
0x00088634 beq.w 0x884fe | goto label_9;
| }
0x00088638 movs r3, 1 | r3 = 1;
0x0008863a str r3, [sp, 0x18] | var_18h = r3;
0x0008863c b 0x88304 | goto label_10;
| label_27:
0x0008863e ldr r1, [pc, 0x54] |
0x00088640 mov.w r2, 0x1000 | r2 = 0x1000;
0x00088644 mov r0, r7 | r0 = r7;
0x00088646 add r1, pc | r1 = 0x110ce0;
0x00088648 bl 0x9cc1c | fcn_0009cc1c (r0, r1, r2);
0x0008864a invalid |
| label_20:
0x0008864e ldr.w fp, [sp, 0x10] | fp = var_10h;
0x00088652 mov r7, sl | r7 = sl;
0x00088654 ldr.w r3, [fp] | r3 = *(fp);
0x00088658 cmp r3, 2 |
0x0008865a it eq |
| if (r3 != 2) {
0x0008865c cmpeq r4, 0 | __asm ("cmpeq r4, 0");
| goto label_28;
| }
| if (r3 != 2) {
| label_28:
0x0008865e bne.w 0x884f6 | goto label_11;
| }
0x00088662 ldr r3, [sp, 0x1c] | r3 = var_1ch;
0x00088664 mov r0, r7 | r0 = r7;
0x00088666 str.w r3, [fp] | __asm ("str.w r3, [fp]");
0x0008866a b 0x88500 | goto label_8;
| label_22:
0x0008866c ldr.w fp, [sp, 0x10] | fp = var_10h;
0x00088670 movs r3, 0x28 | r3 = 0x28;
0x00088672 mov r7, sl | r7 = sl;
0x00088674 str.w r3, [fp] | __asm ("str.w r3, [fp]");
0x00088678 b 0x884f6 | goto label_11;
| label_23:
0x0008867a mov r7, sl | r7 = sl;
0x0008867c b 0x884f6 | goto label_11;
| label_26:
0x0008867e blx 0x5c04 | openpty ();
0x00088682 nop |
0x00088684 movs r0, r0 |
0x00088686 movs r0, r0 |
0x00088688 stm r6!, {r7} | *(r6!) = r7;
0x0008868a movs r4, r0 | r4 = r0;
0x0008868c lsls r0, r3, 0x18 | r0 = r3 << 0x18;
0x0008868e movs r0, r0 |
0x00088690 stm r3!, {r1, r3, r4, r5, r6, r7} | *(r3!) = r1;
| *((r3! + 4)) = r3;
| *((r3! + 8)) = r4;
| *((r3! + 12)) = r5;
| *((r3! + 16)) = r6;
| *((r3! + 20)) = r7;
0x00088692 movs r4, r0 | r4 = r0;
0x00088694 ldr r6, [r5, 0x5c] | r6 = *((r5 + 0x5c));
0x00088696 movs r2, r0 | r2 = r0;
0x00088698 movs r0, 0 | r0 = 0;
0x0008869a movs r1, 0 | r1 = 0;
0x0008869c movs r2, 0 | r2 = 0;
0x0008869e movs r3, 0 | r3 = 0;
0x000886a0 mov.w ip, 0 |
0x000886a4 vldr s0, [pc, 0x80] | __asm ("vldr s0, [fcn.0008872c]");
0x000886a8 vldr s1, [pc, 0x7c] | __asm ("vldr s1, [fcn.0008872c]");
0x000886ac vldr s2, [pc, 0x78] | __asm ("vldr s2, [fcn.0008872c]");
0x000886b0 vldr s3, [pc, 0x74] | __asm ("vldr s3, [fcn.0008872c]");
0x000886b4 vldr s4, [pc, 0x70] | __asm ("vldr s4, [fcn.0008872c]");
0x000886b8 vldr s5, [pc, 0x6c] | __asm ("vldr s5, [fcn.0008872c]");
0x000886bc vldr s6, [pc, 0x68] | __asm ("vldr s6, [fcn.0008872c]");
0x000886c0 vldr s7, [pc, 0x64] | __asm ("vldr s7, [fcn.0008872c]");
0x000886c4 vldr s8, [pc, 0x60] | __asm ("vldr s8, [fcn.0008872c]");
0x000886c8 vldr s9, [pc, 0x5c] | __asm ("vldr s9, [fcn.0008872c]");
0x000886cc vldr s10, [pc, 0x58] | __asm ("vldr s10, [fcn.0008872c]");
0x000886d0 vldr s11, [pc, 0x54] | __asm ("vldr s11, [fcn.0008872c]");
0x000886d4 vldr s12, [pc, 0x50] | __asm ("vldr s12, [fcn.0008872c]");
0x000886d8 vldr s13, [pc, 0x4c] | __asm ("vldr s13, [fcn.0008872c]");
0x000886dc vldr s14, [pc, 0x48] | __asm ("vldr s14, [fcn.0008872c]");
0x000886e0 vldr s15, [pc, 0x44] | __asm ("vldr s15, [fcn.0008872c]");
0x000886e4 vmov.i32 d16, 0 | __asm ("vmov.i32 d16, 0");
0x000886e8 vmov.i32 d17, 0 | __asm ("vmov.i32 d17, 0");
0x000886ec vmov.i32 d18, 0 | __asm ("vmov.i32 d18, 0");
0x000886f0 vmov.i32 d19, 0 | __asm ("vmov.i32 d19, 0");
0x000886f4 vmov.i32 d20, 0 | __asm ("vmov.i32 d20, 0");
0x000886f8 vmov.i32 d21, 0 | __asm ("vmov.i32 d21, 0");
0x000886fc vmov.i32 d22, 0 | __asm ("vmov.i32 d22, 0");
0x00088700 vmov.i32 d23, 0 | __asm ("vmov.i32 d23, 0");
0x00088704 vmov.i32 d24, 0 | __asm ("vmov.i32 d24, 0");
0x00088708 vmov.i32 d25, 0 | __asm ("vmov.i32 d25, 0");
0x0008870c vmov.i32 d26, 0 | __asm ("vmov.i32 d26, 0");
0x00088710 vmov.i32 d27, 0 | __asm ("vmov.i32 d27, 0");
0x00088714 vmov.i32 d28, 0 | __asm ("vmov.i32 d28, 0");
0x00088718 vmov.i32 d29, 0 | __asm ("vmov.i32 d29, 0");
0x0008871c vmov.i32 d30, 0 | __asm ("vmov.i32 d30, 0");
0x00088720 vmov.i32 d31, 0 | __asm ("vmov.i32 d31, 0");
0x00088724 bx lr | return;
| }
[*] Function fprintf used 2 times sshd
