[*] Binary protection state of liblttng-ust.so.1.0.0
Full RELRO Canary found NX enabled DSO No RPATH No RUNPATH No Symbols
[*] Function strcpy tear down of liblttng-ust.so.1.0.0
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/lib/liblttng-ust.so.1.0.0 @ 0x3c2e4 */
| #include <stdint.h>
|
; (fcn) fcn.0003c2e4 () | void fcn_0003c2e4 (uint32_t arg1) {
| int32_t var_0h;
| int32_t var_0h_2;
| int16_t var_8h;
| char * src;
| int16_t var_14h;
| char * str;
| int16_t var_2dbh;
| int16_t var_2dch;
| int16_t var_2e4h;
| r0 = arg1;
0x0003c2e4 ldr r2, [pc, 0x140] |
0x0003c2e6 ldr r3, [pc, 0x144] | r3 = *(0x3c42e);
0x0003c2e8 push.w {r4, r5, r6, r7, r8, sb, lr} |
0x0003c2ec sub.w sp, sp, 0x2e4 |
0x0003c2f0 add r2, pc | r2 = 0x7871c;
0x0003c2f2 ldr r3, [r2, r3] |
0x0003c2f4 ldr r3, [r3] | r3 = *(0x7871c);
0x0003c2f6 str r3, [sp, 0x2dc] | var_2dch = r3;
0x0003c2f8 mov.w r3, 0 | r3 = 0;
0x0003c2fc cmp r0, 0 |
| if (r0 == 0) {
0x0003c2fe beq.w 0x3c414 | goto label_5;
| }
0x0003c302 blx 0x6638 | opendir ();
0x0003c306 mov.w r6, -1 | r6 = -1;
0x0003c30a mov r5, r0 | r5 = r0;
| if (r0 == 0) {
0x0003c30c cbz r0, 0x3c36a | goto label_2;
| }
| do {
| label_0:
0x0003c30e mov r0, r5 | r0 = r5;
0x0003c310 blx 0x6c18 | r0 = fcn_00006c18 ();
| if (r0 == 0) {
0x0003c314 cbz r0, 0x3c362 | goto label_6;
| }
| label_1:
0x0003c316 ldrb r3, [r0, 0x12] | r3 = *((r0 + 0x12));
0x0003c318 cmp r3, 4 |
0x0003c31a bne 0x3c30e |
| } while (r3 != 4);
0x0003c31c ldrb r3, [r0, 0x13] | r3 = *((r0 + 0x13));
0x0003c31e cmp r3, 0x63 |
| if (r3 != 0x63) {
0x0003c320 bne 0x3c30e | goto label_0;
| }
0x0003c322 ldrb r3, [r0, 0x14] | r3 = *((r0 + 0x14));
0x0003c324 cmp r3, 0x70 |
| if (r3 != 0x70) {
0x0003c326 bne 0x3c30e | goto label_0;
| }
0x0003c328 ldrb r3, [r0, 0x15] | r3 = *((r0 + 0x15));
0x0003c32a cmp r3, 0x75 |
| if (r3 != 0x75) {
0x0003c32c bne 0x3c30e | goto label_0;
| }
0x0003c32e add.w r4, r0, 0x16 | r4 = r0 + 0x16;
0x0003c332 add r7, sp, 0x10 | r7 += src;
0x0003c334 movs r2, 0xa | r2 = 0xa;
0x0003c336 mov r1, r7 | r1 = r7;
0x0003c338 mov r0, r4 | r0 = r4;
0x0003c33a blx 0x6974 | strcpy (r0, r1)
0x0003c33e mvn r3, 0x80000000 | r3 = ~0x80000000;
0x0003c342 cmp r0, r3 |
| if (r0 == r3) {
0x0003c344 beq 0x3c30e | goto label_0;
| }
0x0003c346 ldr r3, [sp, 0x10] | r3 = src;
0x0003c348 cmp r4, r3 |
| if (r4 == r3) {
0x0003c34a beq 0x3c30e | goto label_0;
| }
0x0003c34c ldrb r3, [r3] | r3 = *(r3);
0x0003c34e cmp r3, 0 |
| if (r3 != 0) {
0x0003c350 bne 0x3c30e | goto label_0;
| }
0x0003c352 cmp r6, r0 |
0x0003c354 it lt |
| if (r6 >= r0) {
0x0003c356 movlt r6, r0 | r6 = r0;
| }
0x0003c358 mov r0, r5 | r0 = r5;
0x0003c35a blx 0x6c18 | r0 = fcn_00006c18 ();
0x0003c35e cmp r0, 0 |
| if (r0 != 0) {
0x0003c360 bne 0x3c316 | goto label_1;
| }
| label_6:
0x0003c362 mov r0, r5 | r0 = r5;
0x0003c364 blx 0x6ab0 | r0 = fcn_00006ab0 ();
0x0003c368 cbnz r0, 0x3c388 |
| while (r3 != 2) {
| label_2:
0x0003c36a ldr r2, [pc, 0xc4] |
0x0003c36c ldr r3, [pc, 0xbc] | r3 = *(0x3c42c);
0x0003c36e add r2, pc | r2 = 0x787a4;
0x0003c370 ldr r3, [r2, r3] | r3 = *(0x787a4);
0x0003c372 ldr r2, [r3] | r2 = *(0x787a4);
0x0003c374 ldr r3, [sp, 0x2dc] | r3 = var_2dch;
0x0003c376 eors r2, r3 | r2 ^= r3;
0x0003c378 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x0003c37c bne 0x3c410 | goto label_7;
| }
0x0003c37e mov r0, r6 | r0 = r6;
0x0003c380 add.w sp, sp, 0x2e4 |
0x0003c384 pop.w {r4, r5, r6, r7, r8, sb, pc} |
0x0003c386 strh r0, [r6, 0x1e] | *((r6 + 0x1e)) = r0;
0x0003c388 ldr r4, [pc, 0xa8] |
0x0003c38a add r4, pc | r4 = 0x787c2;
0x0003c38c ldr r3, [r4] | r3 = *(0x787c2);
| if (r3 == 0) {
0x0003c38e cbz r3, 0x3c3fe | goto label_8;
| }
| label_3:
0x0003c390 cmp r3, 2 |
0x0003c392 bne 0x3c36a |
| }
0x0003c394 blx 0x6ccc | fcn_00006ccc ();
0x0003c398 movs r2, 0xc8 | r2 = 0xc8;
0x0003c39a mov r4, r0 | r4 = r0;
0x0003c39c add r1, sp, 0x14 | r1 += var_14h;
0x0003c39e ldr r0, [r0] | r0 = *(r0);
0x0003c3a0 blx 0x67c0 | r0 = fcn_000067c0 ();
0x0003c3a4 mov r7, r0 | r7 = r0;
0x0003c3a6 ldr.w r8, [pc, 0x90] |
0x0003c3aa add r8, pc | r8 = 0x787e8;
0x0003c3ac ldr.w r5, [r8] | r5 = *(0x787e8);
| if (r5 == 0) {
0x0003c3b0 cbz r5, 0x3c406 | goto label_9;
| }
| label_4:
0x0003c3b2 cmp r5, 2 |
| if (r5 != 2) {
0x0003c3b4 bne 0x3c36a | goto label_2;
| }
0x0003c3b6 ldr.w r8, [r4] | r8 = *(r4);
0x0003c3ba blx 0x6ba0 | r0 = fcn_00006ba0 ();
0x0003c3be mov sb, r0 | sb = r0;
0x0003c3c0 blx 0x6a74 | fcn_00006a74 ();
0x0003c3c4 ldr r2, [pc, 0x74] |
0x0003c3c6 mov.w r1, 0x200 | r1 = 0x200;
0x0003c3ca strd r0, r7, [sp] | __asm ("strd r0, r7, [sp]");
0x0003c3ce add r7, sp, 0xdc | r7 += str;
0x0003c3d0 mov r3, sb | r3 = sb;
0x0003c3d2 mov r0, r7 | r0 = r7;
0x0003c3d4 add r2, pc | r2 = 0x78814;
0x0003c3d6 adds r2, 0x1c | r2 += 0x1c;
0x0003c3d8 str r2, [sp, 8] | var_8h = r2;
0x0003c3da ldr r2, [pc, 0x64] |
0x0003c3dc add r2, pc | r2 = 0x78822;
0x0003c3de bl 0x3d290 | fcn_0003d290 (r0, r1);
0x0003c3e2 movs r3, 0 | r3 = 0;
0x0003c3e4 mov r0, r7 | r0 = r7;
0x0003c3e6 strb.w r3, [sp, 0x2db] | var_2dbh = r3;
0x0003c3ea blx 0x692c | strtoul (r0, r1, r2);
0x0003c3ee mov r1, r7 | r1 = r7;
0x0003c3f0 mov r2, r0 | r2 = r0;
0x0003c3f2 mov r0, r5 | r0 = r5;
0x0003c3f4 bl 0x3c908 | fcn_0003c908 (r0, r1, r2);
0x0003c3f8 str.w r8, [r4] | __asm ("str.w r8, [r4]");
0x0003c3fc b 0x3c36a | goto label_2;
| label_8:
0x0003c3fe bl 0x3c29c | fcn_0003c29c ();
0x0003c402 ldr r3, [r4] | r3 = *(r4);
0x0003c404 b 0x3c390 | goto label_3;
| label_9:
0x0003c406 bl 0x3c29c | fcn_0003c29c ();
0x0003c40a ldr.w r5, [r8] | r5 = *(r8);
0x0003c40e b 0x3c3b2 | goto label_4;
| label_7:
0x0003c410 blx 0x6b10 | fcn_00006b10 ();
| label_5:
0x0003c414 ldr r3, [pc, 0x2c] |
0x0003c416 movs r2, 0x33 | r2 = 0x33;
0x0003c418 ldr r1, [pc, 0x2c] |
0x0003c41a ldr r0, [pc, 0x30] |
0x0003c41c add r3, pc | r3 = 0x78864;
0x0003c41e add r1, pc | r1 = 0x7886a;
0x0003c420 add r0, pc | r0 = 0x78872;
0x0003c422 blx 0x67d8 | fcn_000067d8 ();
0x0003c426 nop |
0x0003c428 invalid |
| }
[*] Function strcpy used 2 times liblttng-ust.so.1.0.0
