[*] Binary protection state of sadf
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function strcat tear down of sadf
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/bin/sadf @ 0x36068 */
| #include <stdint.h>
|
; (fcn) fcn.00036068 () | void fcn_00036068 (int16_t arg_2a8h, int16_t arg_2e8h, int16_t arg_308h, int16_t arg_320h, int16_t arg_338h, int16_t arg_3c0h) {
| int16_t var_0h;
| int16_t var_4h;
| int16_t var_8h;
| int16_t var_ch;
| int16_t var_10h;
| int32_t var_14h;
| int32_t var_14h_2;
| FILE * stream;
| int16_t var_28h;
| int16_t var_2ch;
| int16_t var_30h;
| int16_t var_34h;
| FILE * var_3ch;
| int16_t var_40h;
| int16_t var_44h;
| int16_t var_48h;
| int16_t var_54h;
| char * src;
| int16_t var_64h;
| int16_t var_74h;
| int16_t var_98h;
| char * dest;
| int16_t var_c0h;
| int16_t var_3h;
| char * s;
| int16_t var_158h;
| int16_t var_170h;
| int16_t var_1b0h;
| int16_t var_1c0h;
| int16_t var_1f4h;
0x00036068 ldr.w r2, [pc, 0x4a0] |
0x0003606c ldr.w r3, [pc, 0x4a0] | r3 = *(0x36510);
0x00036070 push.w {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x00036074 sub sp, 0x1fc |
0x00036076 add r2, pc | r2 = 0x6c586;
0x00036078 ldr.w r5, [pc, 0x498] |
0x0003607c ldr r3, [r2, r3] |
0x0003607e ldr.w r4, [pc, 0x498] |
0x00036082 add r5, pc | r5 = 0x6c59a;
0x00036084 mov r1, r5 | r1 = r5;
0x00036086 ldr r3, [r3] | r3 = *(0x6c586);
0x00036088 str r3, [sp, 0x1f4] | var_1f4h = r3;
0x0003608a mov.w r3, 0 | r3 = 0;
0x0003608e ldr.w r3, [pc, 0x48c] |
0x00036092 add r4, pc | r4 = 0x6c5b0;
0x00036094 mov r0, r4 | r0 = r4;
0x00036096 add r3, pc | r3 = 0x6c5b8;
0x00036098 str r3, [sp, 0x30] | var_30h = r3;
0x0003609a blx 0x2ab0 | fcn_00002ab0 ();
0x0003609e str r0, [sp, 0x24] | stream = r0;
0x000360a0 cmp r0, 0 |
| if (r0 == 0) {
0x000360a2 beq.w 0x364f2 | goto label_11;
| }
| label_10:
0x000360a6 add r3, sp, 0xb4 | r3 += dest;
0x000360a8 mov r1, r4 | r1 = r4;
0x000360aa movs r2, 0x3f | r2 = 0x3f;
0x000360ac mov r0, r3 | r0 = r3;
0x000360ae str r3, [sp, 0x28] | var_28h = r3;
0x000360b0 add.w fp, sp, 0xf4 |
0x000360b4 blx 0x2a30 | strncpy (r0, r1, r2);
0x000360b8 ldr.w r0, [pc, 0x464] |
0x000360bc movs r1, 0 | r1 = 0;
0x000360be mov r5, r1 | r5 = r1;
0x000360c0 ldr r3, [sp, 0x28] | r3 = var_28h;
0x000360c2 mov r4, r5 | r4 = r5;
0x000360c4 mov r7, r5 | r7 = r5;
0x000360c6 add r0, pc | r0 = 0x6c5ea;
0x000360c8 mov.w r2, 0x800 | r2 = 0x800;
0x000360cc addw r0, r0, 0x818 | __asm ("addw r0, r0, 0x818");
0x000360d0 strb.w r1, [r3, 0x3f] | *((r3 + 0x3f)) = r1;
0x000360d4 blx 0x2acc | perror (r0);
0x000360d8 str r5, [sp, 0x34] | var_34h = r5;
| do {
| label_2:
0x000360da ldr r2, [sp, 0x24] | r2 = stream;
0x000360dc movs r1, 0xff | r1 = 0xff;
0x000360de mov r0, fp | r0 = fp;
0x000360e0 blx 0x2a48 | r0 = fgets (r0, r1, r2);
0x000360e4 cmp r0, 0 |
| if (r0 == 0) {
0x000360e6 beq.w 0x36250 | goto label_12;
| }
| label_0:
0x000360ea ldrb.w r3, [fp] | r3 = *(fp);
0x000360ee cmp r3, 0xa |
0x000360f0 it ne |
| if (r3 != 0xa) {
0x000360f2 cmpne r3, 0x23 | __asm ("cmpne r3, 0x23");
| }
0x000360f4 beq 0x360da |
| } while (r3 == 0xa);
0x000360f6 cmp r5, 0 |
| if (r5 == 0) {
0x000360f8 beq.w 0x3628a | goto label_13;
| }
| label_1:
0x000360fc cmp r4, 0 |
| if (r4 == 0) {
0x000360fe beq.w 0x3633c | goto label_14;
| }
| label_3:
0x00036102 movs r2, 0xf0 | r2 = 0xf0;
0x00036104 movs r1, 0 | r1 = 0;
0x00036106 mov r0, r5 | r0 = r5;
0x00036108 add.w sb, r4, 4 | sb = r4 + 4;
0x0003610c blx 0x2acc | perror (r0);
0x00036110 ldr.w r1, [pc, 0x410] |
0x00036114 add.w sl, sp, 0x40 | sl += var_40h;
0x00036118 add.w r8, sp, 0x3c | r8 += var_3ch;
0x0003611c add r6, sp, 0x74 | r6 += var_74h;
0x0003611e strd r7, r7, [r4] | __asm ("strd r7, r7, [r4]");
0x00036122 mov r3, sl | r3 = sl;
0x00036124 strd r7, r7, [r4, 8] | __asm ("strd r7, r7, [r4, 8]");
0x00036126 strb r2, [r0, 0x1c] | *((r0 + 0x1c)) = r2;
0x00036128 add r1, pc | r1 = 0x6c650;
0x0003612a str r7, [r4, 0x10] | *((r4 + 0x10)) = r7;
0x0003612c mov r2, r8 | r2 = r8;
0x0003612e mov r0, fp | r0 = fp;
0x00036130 strd sb, r6, [sp] | __asm ("strd sb, r6, [sp]");
0x00036134 blx 0x2a18 | r0 = isoc99_sscanf ();
0x00036138 cmp r0, 4 |
| if (r0 == 4) {
0x0003613a beq.w 0x362b0 | goto label_15;
| }
0x0003613e ldr r1, [pc, 0x3e8] |
0x00036140 mov r3, sl | r3 = sl;
0x00036142 mov r2, r8 | r2 = r8;
0x00036144 mov r0, fp | r0 = fp;
0x00036146 str.w sb, [sp] | __asm ("str.w sb, [sp]");
0x0003614a add r1, pc | r1 = 0x6c678;
0x0003614c blx 0x2a18 | isoc99_sscanf ();
0x00036150 subs r3, r0, 3 | r3 -= var_3h;
0x00036152 cmp r3, 1 |
| if (r3 < 1) {
0x00036154 bls.w 0x362b0 | goto label_15;
| }
0x00036158 add.w r3, r5, 0x80 | r3 = r5 + 0x80;
0x0003615c ldr r1, [pc, 0x3cc] |
0x0003615e strd r3, r6, [sp, 0x14] | __asm ("strd r3, r6, [var_14h]");
0x00036162 add.w r3, r5, 0x7c | r3 = r5 + 0x7c;
0x00036166 str.w sb, [sp, 4] | __asm ("str.w sb, [var_4h]");
0x0003616a add.w sl, sp, 0x64 | sl += var_64h;
0x0003616e str r3, [sp, 0xc] | var_ch = r3;
0x00036170 add.w sb, sp, 0x44 | sb += var_44h;
0x00036174 add r3, sp, 0x54 | r3 += var_54h;
0x00036176 add r1, pc | r1 = 0x6c6a6;
0x00036178 str r3, [sp, 0x2c] | var_2ch = r3;
0x0003617a mov r2, r8 | r2 = r8;
0x0003617c str r3, [sp, 8] | var_8h = r3;
0x0003617e mov r0, fp | r0 = fp;
0x00036180 mov r3, r5 | r3 = r5;
0x00036182 str.w sl, [sp, 0x10] | __asm ("str.w sl, [var_10h]");
0x00036186 str.w sb, [sp] | __asm ("str.w sb, [sp]");
0x0003618a blx 0x2a18 | r0 = isoc99_sscanf ();
0x0003618e cmp r0, 9 |
| if (r0 != 9) {
0x00036190 bne.w 0x36366 | goto label_16;
| }
0x00036194 ldr.w r3, [r8] | r3 = *(r8);
0x00036198 subs r2, r3, 1 | r2 = r3 - 1;
0x0003619a cmp.w r2, 0x1fe |
| if (r2 >= 0x1fe) {
0x0003619e bhs.w 0x36416 | goto label_17;
| }
0x000361a2 ldrb.w r2, [sb] | r2 = *(sb);
0x000361a6 cmp r2, 0x78 |
| if (r2 == 0x78) {
0x000361a8 beq.w 0x363ac | goto label_18;
| }
0x000361ac cmp r2, 0x2a |
0x000361ae add.w r0, r5, 0x20 | r0 = r5 + 0x20;
| if (r2 == 0x2a) {
0x000361b2 beq.w 0x36430 | goto label_19;
| }
0x000361b6 ldr r3, [pc, 0x378] |
0x000361b8 movs r2, 0x33 | r2 = 0x33;
0x000361ba movs r1, 1 | r1 = 1;
0x000361bc strd r5, sb, [sp] | __asm ("strd r5, sb, [sp]");
0x000361c0 add r3, pc | r3 = 0x6c6f6;
0x000361c2 blx 0x2cd4 | fcn_00002cd4 ();
0x000361c6 ldr r3, [r5, 0x78] | r3 = *((r5 + 0x78));
0x000361c8 strb.w r7, [r5, 0x53] | *((r5 + 0x53)) = r7;
0x000361cc adds r3, 1 | r3++;
0x000361ce str r3, [r5, 0x78] | *((r5 + 0x78)) = r3;
0x000361d0 ldr r3, [sp, 0x2c] | r3 = var_2ch;
0x000361d2 ldrb r3, [r3] | r3 = *(r3);
0x000361d4 cmp r3, 0x61 |
| if (r3 == 0x61) {
0x000361d6 beq.w 0x3644a | goto label_20;
| }
| label_7:
0x000361da cmp r3, 0x64 |
| if (r3 == 0x64) {
0x000361dc beq.w 0x36494 | goto label_21;
| }
0x000361e0 cmp r3, 0x25 |
| if (r3 == 0x25) {
0x000361e2 beq.w 0x3646c | goto label_22;
| }
| label_8:
0x000361e6 ldrb.w r3, [sl] | r3 = *(sl);
0x000361ea add.w r0, r5, 0x63 | r0 = r5 + 0x63;
0x000361ee cmp r3, 0x2a |
0x000361f0 it ne |
| if (r3 == 0x2a) {
0x000361f2 movne r3, sl | r3 = sl;
| }
| if (r3 == 0x2a) {
0x000361f4 bne 0x361fa |
0x000361f6 ldr r3, [pc, 0x33c] |
0x000361f8 add r3, pc | r3 = 0x6c732;
| }
0x000361fa str r3, [sp] | *(sp) = r3;
0x000361fc movs r2, 0x12 | r2 = 0x12;
0x000361fe ldr r3, [sp, 0x34] | r3 = var_34h;
0x00036200 movs r1, 1 | r1 = 1;
0x00036202 adds r3, 1 | r3++;
0x00036204 str r3, [sp, 0x34] | var_34h = r3;
0x00036206 ldr r3, [pc, 0x330] |
0x00036208 add r3, pc | r3 = 0x6c746;
0x0003620a blx 0x2cd4 | fcn_00002cd4 ();
0x0003620e movs r3, 1 | r3 = 1;
0x00036210 ldr.w r2, [r8] | r2 = *(r8);
0x00036214 str r3, [r4] | *(r4) = r3;
0x00036216 ldr r3, [pc, 0x324] |
0x00036218 strd r2, r7, [r4, 8] | __asm ("strd r2, r7, [r4, 8]");
0x0003621c str r5, [r4, 0x10] | *((r4 + 0x10)) = r5;
0x0003621e adds r5, 0x84 | r5 += 0x84;
0x00036220 add r3, pc | r3 = 0x6c762;
0x00036222 add.w r3, r3, r2, lsl 2 | r3 += (r2 << 2);
0x00036226 str r4, [r3, 0x18] | *((r3 + 0x18)) = r4;
0x00036228 ldm r6!, {r0, r1, r2, r3} | r0 = *(r6!);
| r1 = *((r6! + 4));
| r2 = *((r6! + 8));
| r3 = *((r6! + 12));
0x0003622a stm r5!, {r0, r1, r2, r3} | *(r5!) = r0;
| *((r5! + 4)) = r1;
| *((r5! + 8)) = r2;
| *((r5! + 12)) = r3;
0x0003622c ldm r6!, {r0, r1, r2, r3} | r0 = *(r6!);
| r1 = *((r6! + 4));
| r2 = *((r6! + 8));
| r3 = *((r6! + 12));
0x0003622e stm r5!, {r0, r1, r2, r3} | *(r5!) = r0;
| *((r5! + 4)) = r1;
| *((r5! + 8)) = r2;
| *((r5! + 12)) = r3;
0x00036230 ldm r6!, {r0, r1, r2, r3} | r0 = *(r6!);
| r1 = *((r6! + 4));
| r2 = *((r6! + 8));
| r3 = *((r6! + 12));
0x00036232 stm r5!, {r0, r1, r2, r3} | *(r5!) = r0;
| *((r5! + 4)) = r1;
| *((r5! + 8)) = r2;
| *((r5! + 12)) = r3;
0x00036234 ldm.w r6, {r0, r1, r2, r3} | r0 = *(r6);
| r1 = *((r6 + 4));
| r2 = *((r6 + 8));
| r3 = *((r6 + 12));
0x00036238 stm.w r5, {r0, r1, r2, r3} | *(r5) = r0;
| *((r5 + 4)) = r1;
| *((r5 + 8)) = r2;
| *((r5 + 12)) = r3;
0x0003623c movs r5, 0 | r5 = 0;
0x0003623e ldr r2, [sp, 0x24] | r2 = stream;
0x00036240 movs r1, 0xff | r1 = 0xff;
0x00036242 mov r0, fp | r0 = fp;
0x00036244 mov r4, r5 | r4 = r5;
0x00036246 blx 0x2a48 | r0 = fgets (r0, r1, r2);
0x0003624a cmp r0, 0 |
| if (r0 != 0) {
0x0003624c bne.w 0x360ea | goto label_0;
| }
| label_12:
0x00036250 ldr r0, [sp, 0x24] | r0 = stream;
0x00036252 blx 0x2a3c | fclose (r0);
0x00036256 mov r0, r5 | r0 = r5;
0x00036258 blx 0x2ae8 | fcn_00002ae8 ();
0x0003625c mov r0, r4 | r0 = r4;
0x0003625e blx 0x2ae8 | fcn_00002ae8 ();
0x00036262 ldr r3, [pc, 0x2dc] |
0x00036264 movs r2, 1 | r2 = 1;
0x00036266 ldr r0, [sp, 0x34] | r0 = var_34h;
0x00036268 add r3, pc | r3 = 0x6c7ae;
0x0003626a str r2, [r3, -0xe0] | *((r3 - 0xe0)) = r2;
| label_4:
0x0003626e ldr r2, [pc, 0x2d4] |
0x00036270 ldr r3, [pc, 0x29c] | r3 = *(0x36510);
0x00036272 add r2, pc | r2 = 0x6c7bc;
0x00036274 ldr r3, [r2, r3] | r3 = *(0x6c7bc);
0x00036276 ldr r2, [r3] | r2 = *(0x6c7bc);
0x00036278 ldr r3, [sp, 0x1f4] | r3 = var_1f4h;
0x0003627a eors r2, r3 | r2 ^= r3;
0x0003627c mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00036280 bne.w 0x36508 | goto label_23;
| }
0x00036284 add sp, 0x1fc |
0x00036286 pop.w {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| label_13:
0x0003628a movs r0, 0xf0 | r0 = 0xf0;
0x0003628c blx 0x2c18 | r0 = fcn_00002c18 ();
0x00036290 mov r5, r0 | r5 = r0;
0x00036292 cmp r0, 0 |
| if (r0 != 0) {
0x00036294 bne.w 0x360fc | goto label_1;
| }
0x00036298 ldr r0, [pc, 0x2ac] |
0x0003629a add r0, pc | r0 = 0x6c7e6;
0x0003629c blx 0x2ad8 | r0 = free (r0);
0x000362a0 bl 0x35fc4 | fcn_00035fc4 ();
0x000362a4 ldr r0, [sp, 0x24] | r0 = stream;
0x000362a6 blx 0x2a3c | fclose (r0);
0x000362aa cmp r4, 0 |
| if (r4 != 0) {
0x000362ac bne 0x363a4 | goto label_24;
| }
0x000362ae b 0x36362 | goto label_6;
| label_15:
0x000362b0 ldr.w sb, [sl] | sb = *(sl);
0x000362b4 cmp.w sb, 0 |
| if (sb == 0) {
0x000362b8 beq.w 0x360da | goto label_2;
| }
0x000362bc cmp.w sb, 0x200 |
| if (sb >= 0x200) {
0x000362c0 bhs.w 0x363e2 | goto label_25;
| }
0x000362c4 ldr.w sl, [r8] | sl = *(r8);
0x000362c8 cmp.w sl, 0x200 |
| if (sl >= 0x200) {
0x000362cc bhs.w 0x363fc | goto label_26;
| }
0x000362d0 ldr r3, [pc, 0x278] |
0x000362d2 lsl.w r8, sb, 2 | r8 = sb << 2;
0x000362d6 add r3, pc |
0x000362d8 add r3, r8 | r3 += r8;
0x000362da ldr r3, [r3, 0x18] | r3 = *(0x6c83e);
0x000362dc cmp r3, 0 |
| if (r3 == 0) {
0x000362de beq.w 0x364b8 | goto label_27;
| }
0x000362e2 cmp r0, 3 |
| if (r0 == 3) {
0x000362e4 beq.w 0x36464 | goto label_28;
| }
0x000362e8 ldr r0, [r4, 0xc] | r0 = *((r4 + 0xc));
0x000362ea cmp r0, 0 |
| if (r0 == 0) {
0x000362ec beq 0x36380 | goto label_29;
| }
| label_5:
0x000362ee mov ip, r0 |
0x000362f0 mov lr, r4 | lr = r4;
| do {
0x000362f2 mov r4, r6 | r4 = r6;
0x000362f4 add.w ip, ip, 0x10 |
0x000362f8 ldm r4!, {r0, r1, r2, r3} | r0 = *(r4!);
| r1 = *((r4! + 4));
| r2 = *((r4! + 8));
| r3 = *((r4! + 12));
0x000362fa adds r6, 0x10 | r6 += 0x10;
0x000362fc str r0, [ip, -0x10] | *((ip - 0x10)) = r0;
0x00036300 str r1, [ip, -0xc] | *((ip - 0xc)) = r1;
0x00036304 str r2, [ip, -0x8] | *((ip - 0x8)) = r2;
0x00036308 str r3, [ip, -0x4] | *((ip - 0x4)) = r3;
0x0003630c ldr r3, [sp, 0x28] | r3 = var_28h;
0x0003630e cmp r4, r3 |
0x00036310 bne 0x362f2 |
| } while (r4 != r3);
0x00036312 mov r4, lr | r4 = lr;
| label_9:
0x00036314 ldr r3, [pc, 0x238] |
0x00036316 str.w sb, [r4, 8] | __asm ("str.w sb, [r4, 8]");
0x0003631a add r3, pc | r3 = 0x6c86e;
0x0003631c add r8, r3 | r8 += r3;
0x0003631e add.w r3, r3, sl, lsl 2 | r3 += (sl << 2);
0x00036322 ldr.w r2, [r8, 0x818] | r2 = *((r8 + 0x818));
0x00036326 str r4, [r3, 0x18] | *((r3 + 0x18)) = r4;
0x00036328 ldr.w r3, [r8, 0x18] | r3 = *((r8 + 0x18));
0x0003632c adds r2, 1 | r2++;
0x0003632e str.w r2, [r8, 0x818] | __asm ("str.w r2, [r8, 0x818]");
0x00036332 ldr r3, [r3, 0x10] | r3 = *((r3 + 0x10));
0x00036334 str r7, [r4] | *(r4) = r7;
0x00036336 str r3, [r4, 0x10] | *((r4 + 0x10)) = r3;
0x00036338 movs r4, 0 | r4 = 0;
0x0003633a b 0x360da | goto label_2;
| label_14:
0x0003633c movs r0, 0x14 | r0 = 0x14;
0x0003633e blx 0x2c18 | r0 = fcn_00002c18 ();
0x00036342 mov r4, r0 | r4 = r0;
0x00036344 cmp r0, 0 |
| if (r0 != 0) {
0x00036346 bne.w 0x36102 | goto label_3;
| }
0x0003634a ldr r0, [pc, 0x208] |
0x0003634c add r0, pc | r0 = 0x6c8a6;
0x0003634e blx 0x2ad8 | r0 = free (r0);
0x00036352 bl 0x35fc4 | fcn_00035fc4 ();
0x00036356 ldr r0, [sp, 0x24] | r0 = stream;
0x00036358 blx 0x2a3c | fclose (r0);
0x0003635c mov r0, r5 | r0 = r5;
0x0003635e blx 0x2ae8 | fcn_00002ae8 ();
| label_6:
0x00036362 movs r0, 0 | r0 = 0;
0x00036364 b 0x3626e | goto label_4;
| label_16:
0x00036366 ldr r6, [sp, 0x30] | r6 = var_30h;
0x00036368 ldr r1, [pc, 0x1ec] | r1 = *(0x36558);
0x0003636a ldr r2, [pc, 0x1f0] |
0x0003636c ldr r3, [sp, 0x28] | r3 = var_28h;
0x0003636e ldr r1, [r6, r1] | r1 = *((r6 + r1));
0x00036370 add r2, pc | r2 = 0x6c8d2;
0x00036372 strd r0, fp, [sp] | __asm ("strd r0, fp, [sp]");
0x00036376 ldr r0, [r1] | r0 = *(0x36558);
0x00036378 movs r1, 1 | r1 = 1;
0x0003637a blx 0x2c3c | fcn_00002c3c ();
0x0003637e b 0x360da | goto label_2;
| label_29:
0x00036380 movs r0, 0x40 | r0 = 0x40;
0x00036382 blx 0x2c18 | fcn_00002c18 ();
0x00036386 str r0, [r4, 0xc] | *((r4 + 0xc)) = r0;
0x00036388 cmp r0, 0 |
| if (r0 != 0) {
0x0003638a bne 0x362ee | goto label_5;
| }
0x0003638c ldr r0, [pc, 0x1d0] |
0x0003638e add r0, pc | r0 = 0x6c8f2;
0x00036390 blx 0x2ad8 | r0 = free (r0);
0x00036394 bl 0x35fc4 | fcn_00035fc4 ();
0x00036398 ldr r0, [sp, 0x24] | r0 = stream;
0x0003639a blx 0x2a3c | fclose (r0);
0x0003639e mov r0, r5 | r0 = r5;
0x000363a0 blx 0x2ae8 | fcn_00002ae8 ();
| label_24:
0x000363a4 mov r0, r4 | r0 = r4;
0x000363a6 blx 0x2ae8 | fcn_00002ae8 ();
0x000363aa b 0x36362 | goto label_6;
| label_18:
0x000363ac ldr r2, [pc, 0x1b4] |
0x000363ae add r2, pc | r2 = 0x6c916;
0x000363b0 add.w r2, r2, r3, lsl 2 | r2 += (r3 << 2);
0x000363b4 ldr r2, [r2, 0x18] | r2 = *((r2 + 0x18));
0x000363b6 cmp r2, 0 |
| if (r2 == 0) {
0x000363b8 beq.w 0x364da | goto label_30;
| }
0x000363bc ldr r6, [r2, 0x10] | r6 = *((r2 + 0x10));
0x000363be ldr.w r8, [r6, 0xe8] | r8 = *((r6 + 0xe8));
0x000363c2 cmp.w r8, 0 |
| if (r8 == 0) {
0x000363c6 beq 0x3649a | goto label_31;
| }
0x000363c8 ldr r1, [sp, 0x30] | r1 = var_30h;
0x000363ca ldr r2, [pc, 0x18c] | r2 = *(0x3655a);
0x000363cc ldr r2, [r1, r2] | r2 = *((r1 + r2));
0x000363ce movs r1, 1 | r1 = 1;
0x000363d0 strd r3, fp, [sp] | __asm ("strd r3, fp, [sp]");
0x000363d4 ldr r3, [sp, 0x28] | r3 = var_28h;
0x000363d6 ldr r0, [r2] | r0 = *(0x3655a);
0x000363d8 ldr r2, [pc, 0x18c] |
0x000363da add r2, pc | r2 = 0x6c946;
0x000363dc blx 0x2c3c | fcn_00002c3c ();
0x000363e0 b 0x360da | goto label_2;
| label_25:
0x000363e2 ldr r2, [sp, 0x30] | r2 = var_30h;
0x000363e4 movs r1, 1 | r1 = 1;
0x000363e6 ldr r3, [pc, 0x170] | r3 = *(0x3655a);
0x000363e8 ldr r3, [r2, r3] | r3 = *((r2 + r3));
0x000363ea ldr r2, [pc, 0x180] |
0x000363ec str.w sb, [sp] | __asm ("str.w sb, [sp]");
0x000363f0 ldr r0, [r3] | r0 = *(0x3655a);
0x000363f2 add r2, pc | r2 = 0x6c964;
0x000363f4 ldr r3, [sp, 0x28] | r3 = var_28h;
0x000363f6 blx 0x2c3c | fcn_00002c3c ();
0x000363fa b 0x360da | goto label_2;
| label_26:
0x000363fc ldr r2, [sp, 0x30] | r2 = var_30h;
0x000363fe movs r1, 1 | r1 = 1;
0x00036400 ldr r3, [pc, 0x154] | r3 = *(0x36558);
0x00036402 ldr r3, [r2, r3] | r3 = *((r2 + r3));
0x00036404 ldr r2, [pc, 0x168] |
0x00036406 str.w sl, [sp] | __asm ("str.w sl, [sp]");
0x0003640a ldr r0, [r3] | r0 = *(0x36558);
0x0003640c add r2, pc | r2 = 0x6c980;
0x0003640e ldr r3, [sp, 0x28] | r3 = var_28h;
0x00036410 blx 0x2c3c | fcn_00002c3c ();
0x00036414 b 0x360da | goto label_2;
| label_17:
0x00036416 ldr r1, [sp, 0x30] | r1 = var_30h;
0x00036418 ldr r2, [pc, 0x13c] | r2 = *(0x36558);
0x0003641a ldr r2, [r1, r2] | r2 = *((r1 + r2));
0x0003641c movs r1, 1 | r1 = 1;
0x0003641e str r3, [sp] | *(sp) = r3;
0x00036420 ldr r3, [pc, 0x150] |
0x00036422 ldr r0, [r2] | r0 = *(0x36558);
0x00036424 ldr r2, [pc, 0x150] |
0x00036426 add r3, pc | r3 = 0x6c99e;
0x00036428 add r2, pc | r2 = 0x6c9a4;
0x0003642a blx 0x2c3c | fcn_00002c3c ();
0x0003642e b 0x360da | goto label_2;
| label_19:
0x00036430 movs r2, 0x20 | r2 = 0x20;
0x00036432 mov r1, r5 | r1 = r5;
0x00036434 blx 0x2a30 | strncpy (r0, r1, r2);
0x00036438 ldr r3, [sp, 0x2c] | r3 = var_2ch;
0x0003643a strb.w r7, [r5, 0x52] | *((r5 + 0x52)) = r7;
0x0003643e strb.w r7, [r5, 0x53] | *((r5 + 0x53)) = r7;
0x00036442 ldrb r3, [r3] | r3 = *(r3);
0x00036444 cmp r3, 0x61 |
| if (r3 != 0x61) {
0x00036446 bne.w 0x361da | goto label_7;
| }
| label_20:
0x0003644a ldr r3, [pc, 0x130] |
0x0003644c ldr r2, [pc, 0x130] |
0x0003644e add r3, pc | r3 = 0x6c9d0;
0x00036450 add r2, pc | r2 = 0x6c9d4;
0x00036452 str.w r2, [r5, 0xc4] | __asm ("str.w r2, [r5, 0xc4]");
0x00036456 ldrh r2, [r3] | r2 = *(r3);
0x00036458 ldrb r3, [r3, 2] | r3 = *((r3 + 2));
0x0003645a strh.w r2, [r5, 0x53] | *((r5 + 0x53)) = r2;
0x0003645e strb.w r3, [r5, 0x55] | *((r5 + 0x55)) = r3;
0x00036462 b 0x361e6 | goto label_8;
| label_28:
0x00036464 ldr r3, [r3, 0x10] | r3 = *((r3 + 0x10));
0x00036466 adds r3, 0x84 | r3 += 0x84;
0x00036468 str r3, [r4, 0xc] | *((r4 + 0xc)) = r3;
0x0003646a b 0x36314 | goto label_9;
| label_22:
0x0003646c add.w r3, r5, 0x53 | r3 = r5 + 0x53;
0x00036470 movs r2, 0xf | r2 = 0xf;
0x00036472 mov r0, r3 | r0 = r3;
0x00036474 add.w r1, sp, 0x55 | r1 += src;
0x00036478 blx 0x2a30 | r0 = strncpy (r0, r1, r2);
0x0003647c mov r3, r0 | r3 = r0;
| do {
0x0003647e mov r0, r3 | r0 = r3;
0x00036480 ldr r3, [pc, 0x100] |
0x00036482 ldr r1, [pc, 0x104] |
0x00036484 movs r2, 0x10 | r2 = 0x10;
0x00036486 add r3, pc | r3 = 0x6ca0e;
0x00036488 add r1, pc | r1 = 0x6ca16;
0x0003648a str.w r3, [r5, 0xc4] | __asm ("str.w r3, [r5, 0xc4]");
0x0003648e blx 0x2a24 | strcat_chk ()
0x00036492 b 0x361e6 | goto label_8;
| label_21:
0x00036494 add.w r3, r5, 0x53 | r3 = r5 + 0x53;
0x00036498 b 0x3647e |
| } while (1);
| label_31:
0x0003649a ldr r3, [r4, 4] | r3 = *((r4 + 4));
0x0003649c movs r2, 0x20 | r2 = 0x20;
0x0003649e mov r1, r5 | r1 = r5;
0x000364a0 add.w r0, r6, 0xc8 | r0 = r6 + 0xc8;
0x000364a4 str.w r3, [r6, 0xec] | __asm ("str.w r3, [r6, 0xec]");
0x000364a8 blx 0x2a30 | strncpy (r0, r1, r2);
0x000364ac movs r3, 1 | r3 = 1;
0x000364ae strb.w r8, [r6, 0xe7] | *((r6 + 0xe7)) = r8;
0x000364b2 str.w r3, [r6, 0xe8] | __asm ("str.w r3, [r6, 0xe8]");
0x000364b6 b 0x360da | goto label_2;
| label_27:
0x000364b8 ldr r2, [sp, 0x30] | r2 = var_30h;
0x000364ba movs r1, 1 | r1 = 1;
0x000364bc ldr r3, [pc, 0x98] | r3 = *(0x36558);
0x000364be ldr r3, [r2, r3] | r3 = *((r2 + r3));
0x000364c0 str.w sl, [sp, 0xc] | __asm ("str.w sl, [var_ch]");
0x000364c4 ldr r2, [pc, 0xc4] |
0x000364c6 ldr r0, [r3] | r0 = *(0x36558);
0x000364c8 ldr r3, [r4, 4] | r3 = *((r4 + 4));
0x000364ca add r2, pc | r2 = 0x6ca5a;
0x000364cc strd sl, sb, [sp] | __asm ("strd sl, sb, [sp]");
0x000364d0 str r3, [sp, 8] | var_8h = r3;
0x000364d2 ldr r3, [sp, 0x28] | r3 = var_28h;
0x000364d4 blx 0x2c3c | fcn_00002c3c ();
0x000364d8 b 0x360da | goto label_2;
| label_30:
0x000364da ldr r1, [sp, 0x30] | r1 = var_30h;
0x000364dc ldr r2, [pc, 0x78] | r2 = *(0x36558);
0x000364de ldr r2, [r1, r2] | r2 = *((r1 + r2));
0x000364e0 movs r1, 1 | r1 = 1;
0x000364e2 str r3, [sp] | *(sp) = r3;
0x000364e4 ldr r3, [sp, 0x28] | r3 = var_28h;
0x000364e6 ldr r0, [r2] | r0 = *(0x36558);
0x000364e8 ldr r2, [pc, 0xa4] |
0x000364ea add r2, pc | r2 = 0x6ca7e;
0x000364ec blx 0x2c3c | fcn_00002c3c ();
0x000364f0 b 0x360da | goto label_2;
| label_11:
0x000364f2 ldr r4, [pc, 0xa0] |
0x000364f4 mov r1, r5 | r1 = r5;
0x000364f6 add r4, pc | r4 = 0x6ca90;
0x000364f8 mov r0, r4 | r0 = r4;
0x000364fa blx 0x2ab0 | fcn_00002ab0 ();
0x000364fe str r0, [sp, 0x24] | stream = r0;
0x00036500 cmp r0, 0 |
| if (r0 != 0) {
0x00036502 bne.w 0x360a6 | goto label_10;
| }
0x00036506 b 0x36362 | goto label_6;
| label_23:
0x00036508 blx 0x2c24 | fcn_00002c24 ();
0x0003650c ldm r5, {r1, r4, r5, r6, r7} | r1 = *(r5);
| r4 = *((r5 + 4));
| r5 = *((r5 + 8));
| r6 = *((r5 + 12));
| r7 = *((r5 + 16));
0x0003650e movs r0, r0 |
0x00036510 lsls r4, r3, 5 | r4 = r3 << 5;
0x00036512 movs r0, r0 |
0x00036514 ldr r2, [sp, 0x2a8] | r2 = *(arg_2a8h);
0x00036516 movs r0, r0 |
0x00036518 ldr r3, [sp, 0x338] | r3 = *(arg_338h);
0x0003651a movs r0, r0 |
0x0003651c ldm r5!, {r1, r4, r6, r7} | r1 = *(r5!);
| r4 = *((r5! + 4));
| r6 = *((r5! + 8));
| r7 = *((r5! + 12));
0x0003651e movs r0, r0 |
0x00036520 ldr r6, [pc, 0x3d8] | r6 = *(0x368fc);
0x00036522 movs r1, r0 | r1 = r0;
0x00036524 ldr r3, [sp, 0x1b0] | r3 = var_1b0h;
0x00036526 movs r0, r0 |
0x00036528 ldr r3, [sp, 0x158] | r3 = var_158h;
0x0003652a movs r0, r0 |
0x0003652c ldr r3, [sp, 0x308] | r3 = *(arg_308h);
0x0003652e movs r0, r0 |
0x00036530 ldr r4, [sp, 0x1c0] | r4 = var_1c0h;
0x00036532 movs r0, r0 |
0x00036534 movs r4, 0xc0 | r4 = 0xc0;
0x00036536 movs r0, r0 |
0x00036538 ldr r4, [sp, 0xc0] | r4 = var_c0h;
0x0003653a movs r0, r0 |
0x0003653c ldr r5, [pc, 0x270] | r5 = *(0x367b0);
0x0003653e movs r1, r0 | r1 = r0;
0x00036540 ldrsh r4, [r1, r1] | r4 = *((r1 + r1));
0x00036542 movs r1, r0 | r1 = r0;
0x00036544 ldm r3!, {r1, r2, r4, r5, r6, r7} | r1 = *(r3!);
| r2 = *((r3! + 4));
| r4 = *((r3! + 8));
| r5 = *((r3! + 12));
| r6 = *((r3! + 16));
| r7 = *((r3! + 20));
0x00036546 movs r0, r0 |
0x00036548 ldr r2, [r0, 0x40] | r2 = *((r0 + 0x40));
0x0003654a movs r0, r0 |
0x0003654c ldr r4, [pc, 0x398] | r4 = *(0x368e8);
0x0003654e movs r1, r0 | r1 = r0;
0x00036550 ldr r4, [pc, 0x288] | r4 = *(0x367dc);
0x00036552 movs r1, r0 | r1 = r0;
0x00036554 ldr r0, [r2, 0x34] | r0 = *((r2 + 0x34));
0x00036556 movs r0, r0 |
0x00036558 lsls r4, r7, 5 | r4 = r7 << 5;
0x0003655a movs r0, r0 |
0x0003655c ldr r1, [sp, 0x3c0] | r1 = *(arg_3c0h);
0x0003655e movs r0, r0 |
0x00036560 ldr r6, [r1, 0x30] | r6 = *((r1 + 0x30));
0x00036562 movs r0, r0 |
0x00036564 ldr r4, [pc, 0x38] | r4 = *(0x365a0);
0x00036566 movs r1, r0 | r1 = r0;
0x00036568 ldr r2, [sp, 0x48] | r2 = var_48h;
0x0003656a movs r0, r0 |
0x0003656c ldr r0, [sp, 0x2e8] | r0 = *(arg_2e8h);
0x0003656e movs r0, r0 |
0x00036570 ldr r0, [sp, 0x320] | r0 = *(arg_320h);
0x00036572 movs r0, r0 |
0x00036574 ldr r2, [sp, 0x98] | r2 = var_98h;
0x00036576 movs r0, r0 |
0x00036578 ldr r1, [sp, 0x170] | r1 = var_170h;
0x0003657a movs r0, r0 |
0x0003657c strb r2, [r3, 7] | *((r3 + 7)) = r2;
0x0003657e movs r0, r0 |
0x00036580 invalid |
| }
[*] Function strcat used 2 times sadf
