[*] Binary protection state of libudev.so.1.7.4
Full RELRO Canary found NX enabled DSO No RPATH No RUNPATH No Symbols
[*] Function sprintf tear down of libudev.so.1.7.4
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/lib/libudev.so.1.7.4 @ 0x12d28 */
| #include <stdint.h>
|
; (fcn) fcn.00012d28 () | void fcn_00012d28 (int16_t arg1, int16_t arg3, int16_t arg4) {
| int16_t var_0h;
| int16_t var_4h;
| int16_t var_8h;
| int16_t var_ch;
| int16_t var_10h;
| int16_t var_20h;
| int16_t var_8ch;
| r0 = arg1;
| r2 = arg3;
| r3 = arg4;
| if (? >= ?) {
| label_3:
0x00012c30 andlt r4, sb, r8, lsl 12 | r4 = sb & (r8 << 12);
| }
0x00012c34 pop.w {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
0x00012d28 push {r4, r5, r6, r7, lr} |
0x00012d2a mov r6, r2 | r6 = r2;
0x00012d2c ldr r2, [pc, 0xc0] |
0x00012d2e mov r7, r3 | r7 = r3;
0x00012d30 sub sp, 0x94 |
0x00012d32 ldr r3, [pc, 0xc0] | r3 = *(0x12df6);
0x00012d34 add r2, pc | r2 = 0x25b28;
0x00012d36 ldr r3, [r2, r3] |
0x00012d38 ldr r3, [r3] | r3 = *(0x25b28);
0x00012d3a str r3, [sp, 0x8c] | var_8ch = r3;
0x00012d3c mov.w r3, 0 | r3 = 0;
| if (r0 == 0) {
0x00012d40 cbz r0, 0x12d56 | goto label_0;
| }
0x00012d42 mov r5, r0 | r5 = r0;
| if (r1 == 0) {
0x00012d44 cbz r1, 0x12d9c | goto label_4;
| }
| label_1:
0x00012d46 ldr r4, [r1, 0x10] | r4 = *((r1 + 0x10));
0x00012d48 lsls r3, r4, 0x1d | r3 = r4 << 0x1d;
| if (r3 == r4) {
0x00012d4a beq 0x12d56 | goto label_0;
| }
0x00012d4c bl 0x16d1c | fcn_00016d1c ();
| if (r6 == 0) {
0x00012d50 cbz r6, 0x12d70 | goto label_5;
| }
0x00012d52 cmp r0, 3 |
| if (r0 > 3) {
0x00012d54 bgt 0x12db6 | goto label_6;
| }
| do {
| label_0:
0x00012d56 movs r0, 0 | r0 = 0;
| label_2:
0x00012d58 ldr r2, [pc, 0x9c] |
0x00012d5a ldr r3, [pc, 0x98] | r3 = *(0x12df6);
0x00012d5c add r2, pc | r2 = 0x25b58;
0x00012d5e ldr r3, [r2, r3] | r3 = *(0x25b58);
0x00012d60 ldr r2, [r3] | r2 = *(0x25b58);
0x00012d62 ldr r3, [sp, 0x8c] | r3 = var_8ch;
0x00012d64 eors r2, r3 | r2 ^= r3;
0x00012d66 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00012d6a bne 0x12dea | goto label_7;
| }
0x00012d6c add sp, 0x94 |
0x00012d6e pop {r4, r5, r6, r7, pc} |
| label_5:
0x00012d70 cmp r0, 3 |
0x00012d72 ble 0x12d56 |
| } while (r0 <= 3);
0x00012d74 ldr r2, [pc, 0x84] |
0x00012d76 ubfx r4, r4, 0, 0xc | r4 = (r4 >> 0) & ((1 << 0xc) - 1);
0x00012d7a ldr r7, [pc, 0x84] |
0x00012d7c mov r1, r6 | r1 = r6;
0x00012d7e ldr r0, [pc, 0x84] |
0x00012d80 mov.w r3, 0x5a8 | r3 = 0x5a8;
0x00012d84 add r2, pc | r2 = 0x25b84;
0x00012d86 strd r5, r4, [sp, 8] | __asm ("strd r5, r4, [sp, 8]");
0x00012d8a add r7, pc | r7 = 0x25b90;
0x00012d8c adds r2, 7 | r2 += 7;
0x00012d8e add r0, pc | r0 = 0x25b98;
0x00012d90 strd r0, r7, [sp] | __asm ("strd r0, r7, [sp]");
0x00012d94 movs r0, 4 | r0 = 4;
0x00012d96 bl 0x17574 | fcn_00017574 (r0, r1, r2);
0x00012d9a b 0x12d56 | goto label_0;
| label_4:
0x00012d9c add r4, sp, 0x20 | r4 += var_20h;
0x00012d9e mov r1, r4 | r1 = r4;
0x00012da0 blx 0x373c | r0 = asprintf_chk ()
0x00012da4 cmp r0, 0 |
0x00012da6 it ge |
| if (r0 >= 0) {
0x00012da8 movge r1, r4 | r1 = r4;
| goto label_8;
| }
| if (r0 >= 0) {
| label_8:
0x00012daa bge 0x12d46 | goto label_1;
| }
0x00012dac blx 0x3ba0 | r0 = fcn_00003ba0 ();
0x00012db0 ldr r0, [r0] | r0 = *(r0);
0x00012db2 rsbs r0, r0, 0 | r0 -= ;
0x00012db4 b 0x12d58 | goto label_2;
| label_6:
0x00012db6 ubfx r4, r4, 0, 0xc | r4 = (r4 >> 0) & ((1 << 0xc) - 1);
0x00012dba ldr r3, [pc, 0x4c] |
0x00012dbc strd r5, r4, [sp, 0x14] | __asm ("strd r5, r4, [sp, 0x14]");
0x00012dc0 movs r1, 0 | r1 = 0;
0x00012dc2 ldr r4, [pc, 0x48] |
0x00012dc4 mov r0, r6 | r0 = r6;
0x00012dc6 ldr r2, [pc, 0x48] |
0x00012dc8 add r3, pc | r3 = 0x25bd6;
0x00012dca adds r3, 7 | r3 += 7;
0x00012dcc str r1, [sp] | *(sp) = r1;
0x00012dce add r4, pc | r4 = 0x25be0;
0x00012dd0 str r3, [sp, 4] | var_4h = r3;
0x00012dd2 add r2, pc | r2 = 0x25be8;
0x00012dd4 str r4, [sp, 0xc] | var_ch = r4;
0x00012dd6 movw r4, 0x5a4 | r4 = 0x5a4;
0x00012dda str r2, [sp, 0x10] | var_10h = r2;
0x00012ddc mov r3, r7 | r3 = r7;
0x00012dde mov r2, r5 | r2 = r5;
0x00012de0 movs r1, 4 | r1 = 4;
0x00012de2 str r4, [sp, 8] | var_8h = r4;
0x00012de4 bl 0x17da4 | fcn_00017da4 (r0, r1, r2, r3, r4, r5, r6);
0x00012de6 vqshl.u64 d30, d21, 0x1e | __asm ("vqshl.u64 d30, d21, 0x1e");
0x00012de8 b 0x12d56 | goto label_0;
| label_7:
0x00012dea blx 0x39bc | fcn_000039bc ();
0x00012dee nop |
0x00012df0 adds r0, 0x24 | r0 += 0x24;
0x00012df2 movs r1, r0 | r1 = r0;
0x00012df4 lsls r4, r7, 9 | r4 = r7 << 9;
0x00012df6 movs r0, r0 |
0x00012df8 cmp r7, 0xfc |
0x00012dfa movs r1, r0 | r1 = r0;
0x00012dfc b 0x12c30 | goto label_3;
| }
[*] Function sprintf used 2 times libudev.so.1.7.4