[*] Binary protection state of getfacl
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function strcpy tear down of getfacl
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/bin/getfacl @ 0x25f8 */
| #include <stdint.h>
|
; (fcn) fcn.000025f8 () | void fcn_000025f8 (int16_t arg1) {
| int16_t var_0h;
| int16_t var_4h;
| int16_t var_8h;
| int16_t var_ch;
| int16_t var_10h;
| int32_t var_10h_2;
| int16_t var_18h;
| int32_t var_18h_2;
| int16_t var_20h;
| int16_t var_24h;
| int16_t var_2ch;
| r0 = arg1;
0x000025f8 ldr r2, [pc, 0x3fc] |
0x000025fa push.w {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x000025fe add.w r6, r0, 0x1000 | r6 = r0 + 0x1000;
0x00002602 ldr r3, [pc, 0x3f8] | r3 = *(0x29fe);
0x00002604 sub sp, 0x34 |
0x00002606 add r2, pc | r2 = 0x5002;
0x00002608 mov r4, r0 | r4 = r0;
0x0000260a ldr r5, [r6] | r5 = *(r6);
0x0000260c ldr r3, [r2, r3] |
0x0000260e ands sb, r5, 4 | sb = r5 & 4;
0x00002612 ldr r3, [r3] | r3 = *(0x5002);
0x00002614 str r3, [sp, 0x2c] | var_2ch = r3;
0x00002616 mov.w r3, 0 | r3 = 0;
0x0000261a it ne |
| if (sb == r5) {
0x0000261c movne sb, 1 | sb = 1;
| }
0x00002620 ldr r3, [r6, 0xc] | r3 = *((r6 + 0xc));
| if (sb == r5) {
0x00002622 bne 0x2634 |
0x00002624 and r2, r5, 0xa | r2 = r5 & 0xa;
0x00002628 cmp r2, 8 |
0x0000262a itt eq |
| if (r2 == 8) {
0x0000262c clzeq sb, r3 | __asm ("clzeq sb, r3");
| }
| if (r2 != 8) {
0x00002630 lsr.w sb, sb, 5 | sb >>= 5;
| goto label_13;
| }
| }
| if (r3 == 0) {
| label_13:
0x00002634 cbnz r3, 0x263a |
0x00002636 orr r5, r5, 0x100 | r5 |= 0x100;
| }
0x0000263a add.w r8, r4, 0x1020 | r8 = r4 + 0x1020;
0x0000263e mov r0, r4 | r0 = r4;
0x00002640 add.w r8, r8, 0x18 | r8 += 0x18;
0x00002644 mov r1, r8 | r1 = r8;
0x00002646 blx 0xcf8 | lstat64 ();
0x0000264a str r0, [sp] | *(sp) = r0;
0x0000264c cmp r0, 0 |
| if (r0 != 0) {
0x0000264e bne 0x26c0 | goto label_14;
| }
0x00002650 lsls r1, r5, 0x1a | r1 = r5 << 0x1a;
| if (r1 >= r5) {
0x00002652 bpl 0x2696 | goto label_15;
| }
0x00002654 add.w r2, r4, 0x10a0 | r2 = r4 + 0x10a0;
0x00002658 add.w r3, r4, 0x1040 | r3 = r4 + 0x1040;
0x0000265c ldrd r0, r1, [r2] | __asm ("ldrd r0, r1, [r2]");
0x00002660 ldrd ip, r3, [r3, -0x8] | __asm ("ldrd ip, r3, [r3, -0x8]");
0x00002664 orrs.w lr, r0, r1 | lr = r0 | r1;
0x00002668 it eq |
| if (lr == r0) {
0x0000266a strdeq ip, r3, [r2] | __asm ("strdeq ip, r3, [r2]");
| }
| if (lr == r0) {
0x0000266e beq 0x2696 | goto label_15;
| }
0x00002670 cmp r1, r3 |
0x00002672 it eq |
| if (r1 == r3) {
0x00002674 cmpeq r0, ip | __asm ("cmpeq r0, ip");
| }
0x00002676 beq 0x2696 |
| while (1) {
| label_4:
0x00002678 ldr r2, [pc, 0x384] |
0x0000267a ldr r3, [pc, 0x380] | r3 = *(0x29fe);
0x0000267c add r2, pc | r2 = 0x5080;
0x0000267e ldr r3, [r2, r3] | r3 = imp.__aeabi_unwind_cpp_pr0;
0x00002680 ldr r2, [r3] | r2 = imp.__aeabi_unwind_cpp_pr0;
0x00002682 ldr r3, [sp, 0x2c] | r3 = var_2ch;
0x00002684 eors r2, r3 | r2 ^= r3;
0x00002686 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x0000268a bne.w 0x2928 | goto label_16;
| }
0x0000268e ldr r0, [sp] | r0 = *(sp);
0x00002690 add sp, 0x34 |
0x00002692 pop.w {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| label_15:
0x00002696 ldr r3, [r6, 0x48] | r3 = *((r6 + 0x48));
0x00002698 and r3, r3, 0xf000 | r3 &= 0xf000;
0x0000269c cmp.w r3, 0xa000 |
| if (r3 == 0xa000) {
0x000026a0 beq 0x2738 | goto label_17;
| }
0x000026a2 cmp.w r3, 0x4000 |
| if (r3 == 0x4000) {
0x000026a6 beq 0x2762 | goto label_18;
| }
| label_2:
0x000026a8 mov r2, r5 | r2 = r5;
0x000026aa ldr r3, [r6, 8] | r3 = *((r6 + 8));
0x000026ac ldr r7, [r6, 4] | r7 = *((r6 + 4));
0x000026ae mov r1, r8 | r1 = r8;
0x000026b0 mov r0, r4 | r0 = r4;
0x000026b2 blx r7 | uint32_t (*r7)(uint32_t, uint32_t, uint32_t, uint32_t) (r0, r1, r2, r3);
0x000026b4 lsls r2, r5, 0x1f | r2 = r5 << 0x1f;
0x000026b6 mov fp, r0 |
| if (r2 < r5) {
0x000026b8 bmi 0x26ee | goto label_19;
| }
| label_0:
0x000026ba str.w fp, [sp] | __asm ("str.w fp, [sp]");
0x000026be b 0x2678 |
| }
| label_14:
0x000026c0 ldr r2, [pc, 0x340] |
0x000026c2 ldr r3, [pc, 0x338] | r3 = *(0x29fe);
0x000026c4 add r2, pc | r2 = 0x50cc;
0x000026c6 ldr r3, [r2, r3] | r3 = imp.__aeabi_unwind_cpp_pr0;
0x000026c8 ldr r2, [r3] | r2 = imp.__aeabi_unwind_cpp_pr0;
0x000026ca ldr r3, [sp, 0x2c] | r3 = var_2ch;
0x000026cc eors r2, r3 | r2 ^= r3;
0x000026ce mov.w r3, 0 | r3 = 0;
0x000026d2 itt eq |
| if (r2 == r3) {
0x000026d4 ldrdeq r7, r3, [r6, 4] | __asm ("ldrdeq r7, r3, [r6, 4]");
| }
| if (r2 == r3) {
0x000026d8 orr r2, r5, 0x400 | r2 = r5 | 0x400;
| }
| if (r2 != r3) {
0x000026dc bne.w 0x2928 | goto label_16;
| }
| label_8:
0x000026e0 mov r0, r4 | r0 = r4;
0x000026e2 movs r1, 0 | r1 = 0;
0x000026e4 mov ip, r7 |
0x000026e6 add sp, 0x34 |
0x000026e8 pop.w {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x000026ec bx ip | return void (*ip)() ();
| label_19:
0x000026ee lsls r3, r5, 0x16 | r3 = r5 << 0x16;
| if (r3 >= r5) {
0x000026f0 bpl 0x2780 | goto label_20;
| }
0x000026f2 cmp.w sb, 0 |
| if (sb == 0) {
0x000026f6 beq 0x26ba | goto label_0;
| }
| label_3:
0x000026f8 ldr r7, [sp] | r7 = *(sp);
0x000026fa cmp r7, 0 |
| if (r7 == 0) {
0x000026fc beq 0x2794 | goto label_21;
| }
0x000026fe ldr r3, [r6, 0x14] | r3 = *((r6 + 0x14));
0x00002700 add.w r0, r4, 0x1000 | r0 = r4 + 0x1000;
0x00002704 adds r0, 0x10 | r0 += 0x10;
0x00002706 ldrd lr, ip, [sp, 0x10] | __asm ("ldrd lr, ip, [var_10h]");
0x0000270a ldrd r1, r2, [sp, 0x18] | __asm ("ldrd r1, r2, [var_18h]");
0x0000270e cmp r0, r3 |
| if (r0 == r3) {
0x00002710 beq 0x2794 | goto label_21;
| }
0x00002712 mov sb, r5 | sb = r5;
0x00002714 mov sl, r4 | sl = r4;
0x00002716 b 0x271e |
| while (ip != r5) {
| label_1:
0x00002718 ldr r3, [r3, 4] | r3 = *((r3 + 4));
0x0000271a cmp r0, r3 |
| if (r0 == r3) {
0x0000271c beq 0x278e | goto label_22;
| }
0x0000271e ldrd r4, r5, [r3, 8] | __asm ("ldrd r4, r5, [r3, 8]");
0x00002722 cmp ip, r5 |
0x00002724 it eq |
| if (ip == r5) {
0x00002726 cmpeq lr, r4 | __asm ("cmpeq lr, r4");
| }
0x00002728 bne 0x2718 |
| }
0x0000272a ldrd r4, r5, [r3, 0x10] | __asm ("ldrd r4, r5, [r3, 0x10]");
0x0000272e cmp r2, r5 |
0x00002730 it eq |
| if (r2 != r5) {
0x00002732 cmpeq r1, r4 | __asm ("cmpeq r1, r4");
| goto label_23;
| }
| if (r2 != r5) {
| label_23:
0x00002734 bne 0x2718 | goto label_1;
| }
0x00002736 b 0x26ba | goto label_0;
| label_17:
0x00002738 ands r3, r5, 8 | r3 = r5 & 8;
0x0000273c orr sl, r5, 0x200 | sl = r5 | 0x200;
0x00002740 str r3, [sp] | *(sp) = r3;
| if (r3 != r5) {
0x00002742 bne 0x2752 | goto label_24;
| }
0x00002744 and r3, r5, 0x110 | r3 = r5 & 0x110;
0x00002748 cmp.w r3, 0x110 |
0x0000274c it ne |
| if (r3 != 0x110) {
0x0000274e movne r5, sl | r5 = sl;
| goto label_25;
| }
| if (r3 != 0x110) {
| label_25:
0x00002750 bne 0x26a8 | goto label_2;
| }
| label_24:
0x00002752 mov r1, r8 | r1 = r8;
0x00002754 mov r0, r4 | r0 = r4;
0x00002756 blx 0xd10 | r0 = stat64 ();
0x0000275a cmp r0, 0 |
| if (r0 != 0) {
0x0000275c bne.w 0x2908 | goto label_26;
| }
0x00002760 mov r5, sl | r5 = sl;
| label_18:
0x00002762 add.w r2, r4, 0x10a0 | r2 = r4 + 0x10a0;
0x00002766 add.w r3, r4, 0x1040 | r3 = r4 + 0x1040;
0x0000276a ldrd r0, r1, [r2, -0x8] | __asm ("ldrd r0, r1, [r2, -0x8]");
0x0000276e ldrd r2, r3, [r3, -0x8] | __asm ("ldrd r2, r3, [r3, -0x8]");
0x00002772 strd r0, r1, [sp, 0x18] | __asm ("strd r0, r1, [var_18h]");
0x00002776 strd r2, r3, [sp, 0x10] | __asm ("strd r2, r3, [var_10h]");
0x0000277a movs r3, 1 | r3 = 1;
0x0000277c str r3, [sp] | *(sp) = r3;
0x0000277e b 0x26a8 | goto label_2;
| label_20:
0x00002780 ldr r3, [r6, 0x48] | r3 = *((r6 + 0x48));
0x00002782 and r3, r3, 0xf000 | r3 &= 0xf000;
0x00002786 cmp.w r3, 0x4000 |
| if (r3 != 0x4000) {
0x0000278a bne 0x26ba | goto label_0;
| }
0x0000278c b 0x26f8 | goto label_3;
| label_22:
0x0000278e mov r5, sb | r5 = sb;
0x00002790 mov r4, sl | r4 = sl;
0x00002792 str r7, [sp] | *(sp) = r7;
| label_21:
0x00002794 ldr r3, [r6, 0x34] | r3 = *((r6 + 0x34));
0x00002796 cmp r3, 0 |
| if (r3 == 0) {
0x00002798 beq.w 0x28d0 | goto label_27;
| }
| label_7:
0x0000279c mov r0, r4 | r0 = r4;
0x0000279e blx 0xd58 | r0 = opendir ();
0x000027a2 mov r3, r0 | r3 = r0;
0x000027a4 str r0, [sp, 0x20] | var_20h = r0;
0x000027a6 cmp r0, 0 |
| if (r0 == 0) {
0x000027a8 beq.w 0x29b4 | goto label_28;
| }
0x000027ac ldr r2, [sp] | r2 = *(sp);
0x000027ae cmp r2, 0 |
| if (r2 == 0) {
0x000027b0 beq.w 0x292c | goto label_29;
| }
0x000027b4 ldr r0, [r6, 0x14] | r0 = *((r6 + 0x14));
0x000027b6 add.w r7, r4, 0x1000 | r7 = r4 + 0x1000;
0x000027ba adds r7, 0x10 | r7 += 0x10;
| label_9:
0x000027bc ldr r2, [r6, 0x34] | r2 = *((r6 + 0x34));
0x000027be add r1, sp, 8 | r1 += var_8h;
0x000027c0 strd r7, r0, [sp, 8] | __asm ("strd r7, r0, [var_8h]");
0x000027c4 mov.w sl, 0x2f | sl = 0x2f;
0x000027c8 str r1, [r6, 0x14] | *((r6 + 0x14)) = r1;
0x000027ca mov r7, fp | r7 = fp;
0x000027cc str r1, [r0] | *(r0) = r1;
0x000027ce mov.w sb, 0 | sb = 0;
0x000027d2 mov r0, r3 | r0 = r3;
0x000027d4 subs r2, 1 | r2--;
0x000027d6 str r2, [r6, 0x34] | *((r6 + 0x34)) = r2;
0x000027d8 str r5, [sp] | *(sp) = r5;
| label_6:
0x000027da blx 0xe94 | r0 = fcn_00000e94 ();
| if (r0 == 0) {
0x000027de cbz r0, 0x27fa | goto label_30;
| }
| do {
0x000027e0 ldrb r3, [r0, 0x13] | r3 = *((r0 + 0x13));
0x000027e2 add.w r8, r0, 0x13 | r8 = r0 + 0x13;
0x000027e6 cmp r3, 0x2e |
| if (r3 != 0x2e) {
0x000027e8 bne 0x2832 | goto label_31;
| }
0x000027ea ldrb.w r3, [r8, 1] | r3 = *((r8 + 1));
| if (r3 != 0) {
0x000027ee cbnz r3, 0x2832 | goto label_31;
| }
| label_5:
0x000027f0 ldr r0, [sp, 0x20] | r0 = var_20h;
0x000027f2 blx 0xe94 | r0 = fcn_00000e94 ();
0x000027f6 cmp r0, 0 |
0x000027f8 bne 0x27e0 |
| } while (r0 != 0);
| label_30:
0x000027fa ldr r3, [r6, 0x34] | r3 = *((r6 + 0x34));
0x000027fc ldr r1, [sp, 8] | r1 = var_8h;
0x000027fe ldr r2, [sp, 0xc] | r2 = var_ch;
0x00002800 adds r3, 1 | r3++;
0x00002802 ldr.w r8, [sp, 0x20] | r8 = var_20h;
0x00002806 ldr r5, [sp] | r5 = *(sp);
0x00002808 str r2, [r1, 4] | *((r1 + 4)) = r2;
0x0000280a str r7, [sp] | *(sp) = r7;
0x0000280c str r1, [r2] | *(r2) = r1;
0x0000280e str r3, [r6, 0x34] | *((r6 + 0x34)) = r3;
| label_11:
0x00002810 mov r0, r8 | r0 = r8;
0x00002812 blx 0xeb8 | r0 = fcn_00000eb8 ();
0x00002816 cmp r0, 0 |
| if (r0 == 0) {
0x00002818 beq.w 0x2678 | goto label_4;
| }
0x0000281c ldrd r8, r3, [r6, 4] | __asm ("ldrd r8, r3, [r6, 4]");
0x00002820 orr r2, r5, 0x400 | r2 = r5 | 0x400;
0x00002824 mov r0, r4 | r0 = r4;
0x00002826 movs r1, 0 | r1 = 0;
0x00002828 blx r8 | uint32_t (*r8)(uint32_t, uint32_t, uint32_t) (r0, r1, r2);
0x0000282a ldr r3, [sp] | r3 = *(sp);
0x0000282c add r3, r0 | r3 += r0;
0x0000282e str r3, [sp] | *(sp) = r3;
0x00002830 b 0x2678 | goto label_4;
| label_31:
0x00002832 ldrb r3, [r0, 0x13] | r3 = *((r0 + 0x13));
0x00002834 cmp r3, 0x2e |
| if (r3 != 0x2e) {
0x00002836 bne 0x2848 | goto label_32;
| }
0x00002838 ldrb.w r3, [r8, 1] | r3 = *((r8 + 1));
0x0000283c cmp r3, 0x2e |
| if (r3 != 0x2e) {
0x0000283e bne 0x2848 | goto label_32;
| }
0x00002840 ldrb.w r3, [r8, 2] | r3 = *((r8 + 2));
0x00002844 cmp r3, 0 |
| if (r3 == 0) {
0x00002846 beq 0x27f0 | goto label_5;
| }
| label_32:
0x00002848 mov r0, r4 | r0 = r4;
0x0000284a blx 0xdec | r0 = fcn_00000dec ();
0x0000284e mov fp, r0 |
0x00002850 mov r0, r8 | r0 = r8;
0x00002852 blx 0xdec | r0 = fcn_00000dec ();
0x00002856 add.w r3, r0, fp | r3 = r0 + fp;
0x0000285a adds r3, 1 | r3++;
0x0000285c cmp.w r3, 0x1000 |
| if (r3 > 0x1000) {
0x00002860 blo 0x2880 |
0x00002862 blx 0xe1c | fcn_00000e1c ();
0x00002866 ldr r2, [sp] | r2 = *(sp);
0x00002868 movs r3, 0x24 | r3 = 0x24;
0x0000286a str r3, [r0] | *(r0) = r3;
0x0000286c movs r1, 0 | r1 = 0;
0x0000286e ldr r3, [r6, 8] | r3 = *((r6 + 8));
0x00002870 mov r0, r4 | r0 = r4;
0x00002872 ldr r5, [r6, 4] | r5 = *((r6 + 4));
0x00002874 orr r2, r2, 0x400 | r2 |= 0x400;
0x00002878 blx r5 | r0 = uint32_t (*r5)(uint32_t, uint32_t, uint32_t, uint32_t) (r0, r1, r2, r3);
0x0000287a add r7, r0 | r7 += r0;
0x0000287c ldr r0, [sp, 0x20] | r0 = var_20h;
0x0000287e b 0x27da | goto label_6;
| }
0x00002880 add.w r0, r4, fp | r0 = r4 + fp;
0x00002884 mov r1, r8 | r1 = r8;
0x00002886 adds r0, 1 | r0++;
0x00002888 strb.w sl, [r4, fp] | *((r4 + fp)) = sl;
0x0000288c blx 0xd4c | strcpy (r0, r1)
0x00002890 ldr r3, [r6, 0xc] | r3 = *((r6 + 0xc));
0x00002892 mov r0, r4 | r0 = r4;
0x00002894 adds r3, 1 | r3++;
0x00002896 str r3, [r6, 0xc] | *((r6 + 0xc)) = r3;
0x00002898 bl 0x25f8 | fcn_000025f8 (r0);
0x0000289c ldr r3, [r6, 0xc] | r3 = *((r6 + 0xc));
0x0000289e add r7, r0 | r7 += r0;
0x000028a0 ldr r0, [sp, 0x20] | r0 = var_20h;
0x000028a2 subs r3, 1 | r3--;
0x000028a4 str r3, [r6, 0xc] | *((r6 + 0xc)) = r3;
0x000028a6 strb.w sb, [r4, fp] | *((r4 + fp)) = sb;
0x000028aa cmp r0, 0 |
| if (r0 != 0) {
0x000028ac bne 0x27da | goto label_6;
| }
0x000028ae mov r0, r4 | r0 = r4;
0x000028b0 blx 0xd58 | r0 = opendir ();
0x000028b4 mov r1, r0 | r1 = r0;
0x000028b6 str r0, [sp, 0x20] | var_20h = r0;
0x000028b8 cmp r0, 0 |
| if (r0 == 0) {
0x000028ba beq 0x299e | goto label_33;
| }
0x000028bc ldr r1, [sp, 0x24] | r1 = var_24h;
0x000028be blx 0xda4 | fcn_00000da4 ();
0x000028c2 ldr r3, [r6, 0x30] | r3 = *((r6 + 0x30));
0x000028c4 ldr r3, [r3, 4] | r3 = *((r3 + 4));
0x000028c6 str r3, [r6, 0x30] | *((r6 + 0x30)) = r3;
0x000028c8 ldr r3, [r6, 0x34] | r3 = *((r6 + 0x34));
0x000028ca subs r3, 1 | r3--;
0x000028cc str r3, [r6, 0x34] | *((r6 + 0x34)) = r3;
0x000028ce b 0x27f0 | goto label_5;
| label_27:
0x000028d0 ldr r3, [r6, 0x30] | r3 = *((r6 + 0x30));
0x000028d2 ldr.w sb, [r3] | sb = *(r3);
0x000028d6 add.w r3, r4, 0x1000 | r3 = r4 + 0x1000;
0x000028da adds r3, 0x10 | r3 += 0x10;
0x000028dc cmp sb, r3 |
| if (sb == r3) {
0x000028de beq.w 0x279c | goto label_7;
| }
| label_12:
0x000028e2 ldr.w r0, [sb, 0x18] | r0 = *((sb + 0x18));
0x000028e6 str.w sb, [r6, 0x30] | __asm ("str.w sb, [r6, 0x30]");
0x000028ea blx 0xcc8 | telldir ();
0x000028ee ldr r3, [r6, 0x30] | r3 = *((r6 + 0x30));
0x000028f0 str.w r0, [sb, 0x1c] | __asm ("str.w r0, [sb, 0x1c]");
0x000028f4 ldr r0, [r3, 0x18] | r0 = *((r3 + 0x18));
0x000028f6 blx 0xeb8 | fcn_00000eb8 ();
0x000028fa ldr r3, [r6, 0x34] | r3 = *((r6 + 0x34));
0x000028fc movs r1, 0 | r1 = 0;
0x000028fe ldr r2, [r6, 0x30] | r2 = *((r6 + 0x30));
0x00002900 adds r3, 1 | r3++;
0x00002902 str r1, [r2, 0x18] | *((r2 + 0x18)) = r1;
0x00002904 str r3, [r6, 0x34] | *((r6 + 0x34)) = r3;
0x00002906 b 0x279c | goto label_7;
| label_26:
0x00002908 ldr r2, [pc, 0xfc] |
0x0000290a ldr r3, [pc, 0xf0] | r3 = *(0x29fe);
0x0000290c add r2, pc | r2 = 0x5318;
0x0000290e ldr r3, [r2, r3] | r3 = *(0x5318);
0x00002910 ldr r2, [r3] | r2 = *(0x5318);
0x00002912 ldr r3, [sp, 0x2c] | r3 = var_2ch;
0x00002914 eors r2, r3 | r2 ^= r3;
0x00002916 mov.w r3, 0 | r3 = 0;
0x0000291a itt eq |
| if (r2 == r3) {
0x0000291c ldrdeq r7, r3, [r6, 4] | __asm ("ldrdeq r7, r3, [r6, 4]");
| }
| if (r2 != r3) {
0x00002920 orr r2, r5, 0x600 | r2 = r5 | 0x600;
| goto label_34;
| }
| if (r2 == r3) {
| label_34:
0x00002924 beq.w 0x26e0 | goto label_8;
| }
| label_16:
0x00002928 blx 0xd04 | stack_chk_fail ();
| label_29:
0x0000292c mov r1, r8 | r1 = r8;
0x0000292e mov r0, r4 | r0 = r4;
0x00002930 blx 0xd10 | stat64 ();
0x00002934 ldr.w r8, [sp, 0x20] | r8 = var_20h;
| if (r0 != 0) {
0x00002938 cbnz r0, 0x2992 | goto label_35;
| }
0x0000293a ldr r0, [r6, 0x14] | r0 = *((r6 + 0x14));
0x0000293c add.w r3, r4, 0x10a0 | r3 = r4 + 0x10a0;
0x00002940 add.w r2, r4, 0x1040 | r2 = r4 + 0x1040;
0x00002944 add.w r7, r4, 0x1000 | r7 = r4 + 0x1000;
0x00002948 ldrd sl, sb, [r3, -0x8] | __asm ("ldrd sl, sb, [r3, -0x8]");
0x0000294c adds r7, 0x10 | r7 += 0x10;
0x0000294e ldrd r1, lr, [r2, -0x8] | __asm ("ldrd r1, lr, [r2, -0x8]");
0x00002952 cmp r7, r0 |
0x00002954 ldr.w r8, [sp, 0x20] | r8 = var_20h;
0x00002958 strd sl, sb, [sp, 0x18] | __asm ("strd sl, sb, [var_18h]");
0x0000295c strd r1, lr, [sp, 0x10] | __asm ("strd r1, lr, [var_10h]");
0x00002960 mov r3, r8 | r3 = r8;
| if (r7 == r0) {
0x00002962 beq.w 0x27bc | goto label_9;
| }
0x00002966 mov r2, r0 | r2 = r0;
0x00002968 mov ip, r0 |
0x0000296a str.w r8, [sp] | __asm ("str.w r8, [sp]");
0x0000296e b 0x2976 |
| while (lr != r3) {
| label_10:
0x00002970 ldr r2, [r2, 4] | r2 = *((r2 + 4));
0x00002972 cmp r7, r2 |
| if (r7 == r2) {
0x00002974 beq 0x2998 | goto label_36;
| }
0x00002976 ldrd r0, r3, [r2, 8] | __asm ("ldrd r0, r3, [r2, 8]");
0x0000297a cmp lr, r3 |
0x0000297c it eq |
| if (lr == r3) {
0x0000297e cmpeq r1, r0 | __asm ("cmpeq r1, r0");
| }
0x00002980 bne 0x2970 |
| }
0x00002982 ldrd r0, r3, [r2, 0x10] | __asm ("ldrd r0, r3, [r2, 0x10]");
0x00002986 cmp sb, r3 |
0x00002988 it eq |
| if (sb != r3) {
0x0000298a cmpeq sl, r0 | __asm ("cmpeq sl, r0");
| goto label_37;
| }
| if (sb != r3) {
| label_37:
0x0000298c bne 0x2970 | goto label_10;
| }
0x0000298e ldr.w r8, [sp] | r8 = *(sp);
| label_35:
0x00002992 str.w fp, [sp] | __asm ("str.w fp, [sp]");
0x00002996 b 0x2810 | goto label_11;
| label_36:
0x00002998 mov r3, r8 | r3 = r8;
0x0000299a mov r0, ip | r0 = ip;
0x0000299c b 0x27bc | goto label_9;
| label_33:
0x0000299e ldr r5, [sp] | r5 = *(sp);
0x000029a0 mov r0, r4 | r0 = r4;
0x000029a2 ldrd r4, r3, [r6, 4] | __asm ("ldrd r4, r3, [r6, 4]");
0x000029a6 orr r2, r5, 0x400 | r2 = r5 | 0x400;
0x000029aa blx r4 | uint32_t (*r4)(uint32_t, uint32_t) (r0, r2);
0x000029ac mov r3, r7 | r3 = r7;
0x000029ae add r3, r0 | r3 += r0;
0x000029b0 str r3, [sp] | *(sp) = r3;
0x000029b2 b 0x2678 | goto label_4;
| label_28:
0x000029b4 str r0, [sp, 4] | var_4h = r0;
0x000029b6 blx 0xe1c | r0 = fcn_00000e1c ();
0x000029ba ldr r2, [r0] | r2 = *(r0);
0x000029bc cmp r2, 0x17 |
| if (r2 == 0x17) {
0x000029be bne 0x29d6 |
0x000029c0 ldr r2, [r6, 0x30] | r2 = *((r6 + 0x30));
0x000029c2 ldr.w sb, [r2] | sb = *(r2);
0x000029c6 add.w r2, r4, 0x1000 | r2 = r4 + 0x1000;
0x000029ca adds r2, 0x10 | r2 += 0x10;
0x000029cc cmp sb, r2 |
| if (sb == r2) {
0x000029ce beq 0x29e2 | goto label_38;
| }
0x000029d0 ldr r3, [sp, 4] | r3 = var_4h;
0x000029d2 str r3, [r6, 0x34] | *((r6 + 0x34)) = r3;
0x000029d4 b 0x28e2 | goto label_12;
| }
0x000029d6 cmp r2, 0x14 |
| if (r2 == 0x14) {
0x000029d8 beq.w 0x26ba | goto label_0;
| }
0x000029dc cmp r2, 2 |
| if (r2 == 2) {
0x000029de beq.w 0x26ba | goto label_0;
| }
| label_38:
0x000029e2 ldrd r7, r3, [r6, 4] | __asm ("ldrd r7, r3, [r6, 4]");
0x000029e6 orr r2, r5, 0x400 | r2 = r5 | 0x400;
0x000029ea mov r0, r4 | r0 = r4;
0x000029ec movs r1, 0 | r1 = 0;
0x000029ee blx r7 | r0 = uint32_t (*r7)(uint32_t, uint32_t, uint32_t) (r0, r1, r2);
0x000029f0 add.w r3, fp, r0 | r3 = fp + r0;
0x000029f4 str r3, [sp] | *(sp) = r3;
0x000029f6 b 0x2678 | goto label_4;
| }
[*] Function strcpy used 2 times getfacl
