[*] Binary protection state of ntpconfd
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function system tear down of ntpconfd
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/sbin/ntpconfd @ 0x6988 */
| #include <stdint.h>
|
; (fcn) fcn.00006988 () | void fcn_00006988 () {
| int16_t var_0h;
| int16_t var_8h;
| int16_t var_ch;
0x00006988 ldr r2, [pc, 0x140] |
0x0000698a movs r0, 0 | r0 = 0;
0x0000698c ldr r3, [pc, 0x140] | r3 = *(0x6ad0);
0x0000698e push {r4, r5, lr} |
0x00006990 sub sp, 0x14 |
0x00006992 add r2, pc | r2 = 0xd462;
0x00006994 ldr r5, [pc, 0x13c] |
0x00006996 ldr r3, [r2, r3] |
0x00006998 add r5, pc | r5 = 0xd470;
0x0000699a ldr r3, [r3] | r3 = *(0xd462);
0x0000699c str r3, [sp, 0xc] | var_ch = r3;
0x0000699e mov.w r3, 0 | r3 = 0;
0x000069a2 str r0, [sp, 8] | var_8h = r0;
0x000069a4 str r0, [r5, 0x30] | *((r5 + 0x30)) = r0;
0x000069a6 bl 0x63e0 | r0 = fcn_000063e0 (r0);
| if (r0 != 0) {
0x000069aa cbnz r0, 0x6a00 | goto label_2;
| }
0x000069ac ldr r3, [r5, 0x28] | r3 = *((r5 + 0x28));
0x000069ae cbnz r3, 0x69d0 |
| while (1) {
| label_0:
0x000069b0 ldr r0, [sp, 8] | r0 = var_8h;
| if (r0 != 0) {
0x000069b2 cbz r0, 0x69b8 |
0x000069b4 blx 0x1a60 | g_error_free ();
| }
0x000069b8 ldr r2, [pc, 0x11c] |
0x000069ba ldr r3, [pc, 0x114] | r3 = *(0x6ad2);
0x000069bc add r2, pc | r2 = 0xd498;
0x000069be ldr r3, [r2, r3] | r3 = *(0xd498);
0x000069c0 ldr r2, [r3] | r2 = *(0xd498);
0x000069c2 ldr r3, [sp, 0xc] | r3 = var_ch;
0x000069c4 eors r2, r3 | r2 ^= r3;
0x000069c6 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x000069ca bne 0x6ac6 | goto label_3;
| }
0x000069cc add sp, 0x14 |
0x000069ce pop {r4, r5, pc} |
0x000069d0 mov r4, r0 | r4 = r0;
0x000069d2 ldr r0, [r5, 0x24] | r0 = *((r5 + 0x24));
0x000069d4 cmp r0, 0 |
| if (r0 != 0) {
0x000069d6 bne 0x6a82 | goto label_4;
| }
| label_1:
0x000069d8 ldr r0, [pc, 0x100] |
0x000069da add r1, sp, 8 | r1 += var_8h;
0x000069dc add r0, pc | r0 = 0xd4bc;
0x000069de blx 0x1b24 | r0 = fcn_00001b24 ();
0x000069e2 cmp r0, 0 |
| if (r0 == 0) {
0x000069e4 beq 0x6a6a | goto label_5;
| }
0x000069e6 ldr r4, [pc, 0xf8] |
0x000069e8 add r4, pc | r4 = 0xd4ce;
0x000069ea ldr r0, [r4, 0x2c] | r0 = *(0xd4fa);
| if (r0 != 0) {
0x000069ec cbz r0, 0x69f6 |
0x000069ee blx 0x1f44 | fcn_00001f44 ();
0x000069f2 movs r3, 0 | r3 = 0;
0x000069f4 str r3, [r4, 0x2c] | *((r4 + 0x2c)) = r3;
| }
0x000069f6 ldr r3, [pc, 0xec] |
0x000069f8 movs r2, 0 | r2 = 0;
0x000069fa add r3, pc | r3 = 0xd4e4;
0x000069fc str r2, [r3, 0x28] | *((r3 + 0x28)) = r2;
0x000069fe b 0x69b0 |
| }
| label_2:
0x00006a00 bl 0x670c | fcn_0000670c ();
0x00006a04 ldr r3, [r5, 0x28] | r3 = *((r5 + 0x28));
| if (r3 == 0) {
0x00006a06 cbz r3, 0x6a38 | goto label_6;
| }
0x00006a08 ldr r0, [pc, 0xdc] |
0x00006a0a add r1, sp, 8 | r1 += var_8h;
0x00006a0c add r0, pc | r0 = "%sFailed to stop NTP service: %s";
0x00006a0e blx 0x1a18 | r0 = policykit_system_reload_or_try_restart_service ()
0x00006a12 cmp r0, 0 |
| if (r0 == 0) {
0x00006a14 beq 0x6a9c | goto label_7;
| }
0x00006a16 ldr r4, [pc, 0xd4] |
0x00006a18 add r4, pc | r4 = 0xd50a;
0x00006a1a ldr r3, [r4, 0x1c] | r3 = *(0xd526);
0x00006a1c cmp r3, 0 |
| if (r3 == 0) {
0x00006a1e beq 0x69b0 | goto label_0;
| }
0x00006a20 ldr r5, [r4, 0x2c] | r5 = *((r4 + 0x2c));
0x00006a22 cmp r5, 0 |
| if (r5 != 0) {
0x00006a24 bne 0x69b0 | goto label_0;
| }
0x00006a26 ldr r1, [pc, 0xc8] |
0x00006a28 mov r2, r5 | r2 = r5;
0x00006a2a movs r0, 0xf | r0 = 0xf;
0x00006a2c add r1, pc | r1 = 0xd522;
0x00006a2e blx 0x1d78 | g_dbus_connection_new_for_address_finish ();
0x00006a32 strd r0, r5, [r4, 0x2c] | __asm ("strd r0, r5, [r4, 0x2c]");
0x00006a36 b 0x69b0 | goto label_0;
| label_6:
0x00006a38 ldr r0, [pc, 0xb8] |
0x00006a3a add r1, sp, 8 | r1 += var_8h;
0x00006a3c add r0, pc | r0 = 0xd534;
0x00006a3e blx 0x1e48 | r0 = fcn_00001e48 ();
0x00006a42 mov r4, r0 | r4 = r0;
| if (r0 != 0) {
0x00006a44 cbnz r0, 0x6a8a | goto label_8;
| }
0x00006a46 ldr r2, [sp, 8] | r2 = var_8h;
0x00006a48 mov.w r1, 0x100 | r1 = 0x100;
0x00006a4c ldr r3, [pc, 0xa8] |
0x00006a4e ldr r2, [r2, 8] | r2 = *((r2 + 8));
0x00006a50 add r3, pc | r3 = 0xd54c;
0x00006a52 str r2, [sp] | *(sp) = r2;
0x00006a54 ldr r2, [pc, 0xa4] |
0x00006a56 add r2, pc | r2 = 0xd556;
0x00006a58 blx 0x1b00 | fcn_00001b00 ();
0x00006a5c ldr r0, [r5, 0x2c] | r0 = *((r5 + 0x2c));
0x00006a5e cmp r0, 0 |
| if (r0 == 0) {
0x00006a60 beq 0x69b0 | goto label_0;
| }
0x00006a62 blx 0x1f44 | fcn_00001f44 ();
0x00006a66 str r4, [r5, 0x2c] | *((r5 + 0x2c)) = r4;
0x00006a68 b 0x69b0 | goto label_0;
| label_5:
0x00006a6a ldr r4, [sp, 8] | r4 = var_8h;
0x00006a6c mov.w r1, 0x100 | r1 = 0x100;
0x00006a70 ldr r3, [pc, 0x8c] |
0x00006a72 ldr r2, [pc, 0x90] |
0x00006a74 ldr r4, [r4, 8] | r4 = *((r4 + 8));
0x00006a76 add r3, pc | r3 = 0xd57a;
0x00006a78 add r2, pc | r2 = 0xd582;
0x00006a7a str r4, [sp] | *(sp) = r4;
0x00006a7c blx 0x1b00 | fcn_00001b00 ();
0x00006a80 b 0x69b0 | goto label_0;
| label_4:
0x00006a82 blx 0x1f44 | fcn_00001f44 ();
0x00006a86 str r4, [r5, 0x24] | *((r5 + 0x24)) = r4;
0x00006a88 b 0x69d8 | goto label_1;
| label_8:
0x00006a8a ldr r3, [r5, 0x1c] | r3 = *((r5 + 0x1c));
| if (r3 == 0) {
0x00006a8c cbz r3, 0x6a92 | goto label_9;
| }
0x00006a8e ldr r4, [r5, 0x2c] | r4 = *((r5 + 0x2c));
0x00006a90 cbz r4, 0x6ab4 |
| while (1) {
| label_9:
0x00006a92 ldr r3, [pc, 0x74] |
0x00006a94 movs r2, 1 | r2 = 1;
0x00006a96 add r3, pc | r3 = 0xd5a4;
0x00006a98 str r2, [r3, 0x28] | *((r3 + 0x28)) = r2;
0x00006a9a b 0x69b0 | goto label_0;
| label_7:
0x00006a9c ldr r4, [sp, 8] | r4 = var_8h;
0x00006a9e mov.w r1, 0x100 | r1 = 0x100;
0x00006aa2 ldr r3, [pc, 0x68] |
0x00006aa4 ldr r2, [pc, 0x68] |
0x00006aa6 ldr r4, [r4, 8] | r4 = *((r4 + 8));
0x00006aa8 add r3, pc | r3 = 0xd5ba;
0x00006aaa add r2, pc | r2 = 0xd5be;
0x00006aac str r4, [sp] | *(sp) = r4;
0x00006aae blx 0x1b00 | fcn_00001b00 ();
0x00006ab0 invalid |
0x00006ab4 ldr r1, [pc, 0x5c] |
0x00006ab6 mov r2, r4 | r2 = r4;
0x00006ab8 movs r0, 0xf | r0 = 0xf;
0x00006aba add r1, pc | r1 = 0xd5d2;
0x00006abc blx 0x1d78 | g_dbus_connection_new_for_address_finish ();
0x00006ac0 strd r0, r4, [r5, 0x2c] | __asm ("strd r0, r4, [r5, 0x2c]");
0x00006ac4 b 0x6a92 |
| }
| label_3:
0x00006ac6 blx 0x1d1c | fcn_00001d1c ();
0x00006aca nop |
0x00006acc strh r2, [r5, 0x22] | *((r5 + 0x22)) = r2;
0x00006ace movs r0, r0 |
0x00006ad0 lsls r4, r3, 7 | r4 = r3 << 7;
0x00006ad2 movs r0, r0 |
0x00006ad4 strh r4, [r3, 0x38] | *((r3 + 0x38)) = r4;
0x00006ad6 movs r0, r0 |
0x00006ad8 strh r0, [r0, 0x22] | *((r0 + 0x22)) = r0;
0x00006ada movs r0, r0 |
0x00006adc ldr r0, [r2, 0x30] | r0 = *((r2 + 0x30));
0x00006ade movs r0, r0 |
0x00006ae0 strh r4, [r1, 0x36] | *((r1 + 0x36)) = r4;
0x00006ae2 movs r0, r0 |
0x00006ae4 strh r2, [r7, 0x34] | *((r7 + 0x34)) = r2;
0x00006ae6 movs r0, r0 |
0x00006ae8 ldr r0, [r4, 0x2c] | r0 = *((r4 + 0x2c));
0x00006aea movs r0, r0 |
0x00006aec strh r4, [r3, 0x34] | *((r3 + 0x34)) = r4;
0x00006aee movs r0, r0 |
0x00006af0 lsls r1, r1, 5 | r1 <<= 5;
0x00006af2 movs r0, r0 |
0x00006af4 ldr r0, [r6, 0x28] | r0 = *((r6 + 0x28));
0x00006af6 movs r0, r0 |
0x00006af8 ldr r0, [r2, 0x28] | r0 = *((r2 + 0x28));
0x00006afa movs r0, r0 |
0x00006afc ldr r6, [r0, 0x34] | r6 = *((r0 + 0x34));
0x00006afe movs r0, r0 |
0x00006b00 ldr r2, [r5, 0x24] | r2 = *((r5 + 0x24));
0x00006b02 movs r0, r0 |
0x00006b04 ldr r4, [r7, 0x24] | r4 = *((r7 + 0x24));
0x00006b06 movs r0, r0 |
0x00006b08 strh r6, [r3, 0x30] | *((r3 + 0x30)) = r6;
0x00006b0a movs r0, r0 |
0x00006b0c ldr r0, [r7, 0x20] | r0 = *((r7 + 0x20));
0x00006b0e movs r0, r0 |
0x00006b10 ldr r6, [r1, 0x2c] | r6 = *((r1 + 0x2c));
0x00006b12 movs r0, r0 |
0x00006b14 lsls r3, r7, 2 | r3 = r7 << 2;
0x00006b16 movs r0, r0 |
0x00006b18 push {lr} |
0x00006b1a sub sp, 0xc |
0x00006b1c bl 0x8244 | fcn_00008244 ();
0x00006b20 vldr d16, [pc, 0x3c] | __asm ("vldr d16, [0x00006b64]");
0x00006b24 vcmpe.f64 d0, d16 | __asm ("vcmpe.f64 d0, d16");
0x00006b28 vmrs apsr_nzcv, fpscr | __asm ("vmrs apsr_nzcv, fpscr");
| if (r0 <= r0) {
0x00006b2c bgt 0x6b3c |
0x00006b2e vldr d16, [pc, 0x38] | __asm ("vldr d16, [0x00006b6c]");
0x00006b32 vcmpe.f64 d0, d16 | __asm ("vcmpe.f64 d0, d16");
0x00006b36 vmrs apsr_nzcv, fpscr | __asm ("vmrs apsr_nzcv, fpscr");
| if (r0 >= r0) {
0x00006b3a bpl 0x6b58 | goto label_10;
| }
| }
0x00006b3c ldr r3, [pc, 0x30] |
0x00006b3e movs r1, 0x10 | r1 = 0x10;
0x00006b40 ldr r2, [pc, 0x30] |
0x00006b42 movs r0, 0 | r0 = 0;
0x00006b44 vstr d0, [sp] | __asm ("vstr d0, [sp]");
0x00006b46 lsrs r0, r0, 0xc | r0 >>= 0xc;
0x00006b48 add r3, pc | r3 = 0xd6bc;
0x00006b4a add r2, pc | r2 = 0xd6c2;
0x00006b4c blx 0x1b00 | fcn_00001b00 ();
0x00006b50 bl 0x8344 | fcn_00008344 ();
0x00006b54 bl 0x6988 | fcn_00006988 ();
| label_10:
0x00006b58 movs r0, 1 | r0 = 1;
0x00006b5a add sp, 0xc |
0x00006b5c ldr pc, [sp], 4 | pc = *(sp);
| sp += 4;
| }
[*] Function system used 2 times ntpconfd
