[*] Binary protection state of stm32flash

  
  	Full RELRO     Canary found      NX enabled   PIE enabled  No RPATH     No RUNPATH   No Symbols


[*] Function sprintf tear down of stm32flash

    ; assembly                                       | /* r2dec pseudo code output */
                                                     | /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/bin/stm32flash @ 0x2368 */
                                                     | #include <stdint.h>
                                                     |  
    ; (fcn) fcn.00002368 ()                          | void fcn_00002368 (char * arg1, int16_t arg2) {
                                                     |     r0 = arg1;
                                                     |     r1 = arg2;
    0x00002368 push.w {r4, r5, r6, r7, r8, lr}       |     
    0x0000236c mov r6, r1                            |     r6 = r1;
    0x0000236e ldr.w r8, [pc, 0x84]                  |     
    0x00002372 movs r1, 0                            |     r1 = 0;
    0x00002374 mov r7, r0                            |     r7 = r0;
    0x00002376 blx 0x10ec                            |     r0 = ctype_b_loc ();
    0x0000237a subs r5, r0, 0                        |     r5 = r0 - 0;
    0x0000237c add r8, pc                            |     r8 = 0x4776;
                                                     |     if (r5 < r0) {
    0x0000237e blt 0x23dc                            |         goto label_1;
                                                     |     }
                                                     |     do {
                                                     | label_0:
    0x00002380 movs r2, 1                            |         r2 = 1;
    0x00002382 mov r1, r6                            |         r1 = r6;
    0x00002384 mov r0, r5                            |         r0 = r5;
    0x00002386 blx 0x1000                            |         r0 = fcn_00001000 ();
    0x0000238a subs r4, r0, 0                        |         r4 = r0 - 0;
    0x0000238c ite ne                                |         
                                                     |         if (r4 == r0) {
    0x0000238e movne r2, 1                           |             r2 = 1;
                                                     |         }
                                                     |         if (r4 != r0) {
    0x00002390 moveq r2, 0                           |             r2 = 0;
                                                     |         }
    0x00002392 and r2, r2, 1                         |         r2 &= 1;
    0x00002396 it ne                                 |         
                                                     |         if (r4 == r0) {
    0x00002398 movne r2, 0                           |             r2 = 0;
                                                     |         }
                                                     |         if (r4 < r0) {
    0x0000239a blt 0x23ac                            |             goto label_2;
                                                     |         }
    0x0000239c cmp r2, 0                             |         
    0x0000239e bne 0x2380                            |         
                                                     |     } while (r2 != 0);
    0x000023a0 mov r0, r5                            |     r0 = r5;
    0x000023a2 blx 0x11f4                            |     snprintf_chk ();
    0x000023a6 mov r0, r4                            |     r0 = r4;
    0x000023a8 pop.w {r4, r5, r6, r7, r8, pc}        |     
                                                     | label_2:
    0x000023ac blx 0x114c                            |     r0 = sprintf_chk ()
    0x000023b0 ldr r3, [r0]                          |     r3 = *(r0);
    0x000023b2 cmp r3, 0xb                           |     
    0x000023b4 it ne                                 |     
                                                     |     if (r3 == 0xb) {
    0x000023b6 cmpne r3, 4                           |         __asm ("cmpne r3, 4");
                                                     |         goto label_3;
                                                     |     }
                                                     |     if (r3 == 0xb) {
                                                     | label_3:
    0x000023b8 beq 0x2380                            |         goto label_0;
                                                     |     }
    0x000023ba ldr r1, [pc, 0x3c]                    |     r1 = *(0x23fa);
    0x000023bc mov r3, r7                            |     r3 = r7;
    0x000023be ldr r2, [pc, 0x3c]                    |     
    0x000023c0 ldr.w r1, [r8, r1]                    |     r1 = *((r8 + r1));
    0x000023c4 add r2, pc                            |     r2 = 0x47c6;
    0x000023c6 ldr r0, [r1]                          |     r0 = *(0x23fa);
    0x000023c8 movs r1, 1                            |     r1 = 1;
    0x000023ca blx 0x11ac                            |     sigemptyset ();
    0x000023ce mov r0, r5                            |     r0 = r5;
    0x000023d0 blx 0x11f4                            |     snprintf_chk ();
                                                     |     do {
    0x000023d4 movs r4, 0                            |         r4 = 0;
    0x000023d6 mov r0, r4                            |         r0 = r4;
    0x000023d8 pop.w {r4, r5, r6, r7, r8, pc}        |         
                                                     | label_1:
    0x000023dc ldr r0, [pc, 0x18]                    |         
    0x000023de mov r3, r7                            |         r3 = r7;
    0x000023e0 ldr r2, [pc, 0x1c]                    |         
    0x000023e2 movs r1, 1                            |         r1 = 1;
    0x000023e4 ldr.w r0, [r8, r0]                    |         r0 = *((r8 + r0));
    0x000023e8 add r2, pc                            |         r2 = 0x47ec;
    0x000023ea ldr r0, [r0]                          |         r0 = *(0x23f8);
    0x000023ec blx 0x11ac                            |         sigemptyset ();
    0x000023f0 b 0x23d4                              |         
                                                     |     } while (1);
                                                     | }

[*] Function sprintf used 2 times stm32flash