[*] Binary protection state of libbasicfuncs.so
Full RELRO Canary found NX enabled DSO No RPATH No RUNPATH No Symbols
[*] Function printf tear down of libbasicfuncs.so
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/lib/syslog-ng/libbasicfuncs.so @ 0x576c */
| #include <stdint.h>
|
; (fcn) sym.tf_context_lookup_call () | void tf_context_lookup_call (int16_t arg_30h, int16_t arg2, int16_t arg3, int16_t arg4) {
| int16_t var_4h;
| r1 = arg2;
| r2 = arg3;
| r3 = arg4;
0x0000576c svcmi 0xf0e92d | __asm ("svcmi 0xf0e92d");
0x00005770 sub sp, 0xc |
0x00005772 ldr r4, [sp, 0x30] | r4 = *(arg_30h);
0x00005774 movs r0, 0x40 | r0 = 0x40;
0x00005776 mov sb, r2 | sb = r2;
0x00005778 mov r6, r3 | r6 = r3;
0x0000577a mov r5, r1 | r5 = r1;
0x0000577c blx 0x3568 | g_mutex_lock ();
0x00005780 movs r3, 7 | r3 = 7;
0x00005782 mov fp, r0 |
0x00005784 strb r3, [r4] | *(r4) = r3;
0x00005786 ldr.w r3, [sb, 4] | r3 = *((sb + 4));
0x0000578a cmp r3, 0 |
| if (r3 <= 0) {
0x0000578c ble 0x582e | goto label_2;
| }
0x0000578e ldr.w r8, [pc, 0xbc] |
0x00005792 mov.w sl, 0 | sl = 0;
0x00005796 movs r4, 1 | r4 = 1;
0x00005798 str.w sl, [sp, 4] | __asm ("str.w sl, [var_4h]");
0x0000579c add r8, pc | r8 = 0xafee;
0x0000579e b 0x57ac |
| while (r0 == 0) {
| label_0:
0x000057a0 ldr.w r3, [sb, 4] | r3 = *((sb + 4));
0x000057a4 add.w sl, sl, 1 | sl++;
0x000057a8 cmp r3, sl |
| if (r3 <= sl) {
0x000057aa ble 0x582e | goto label_2;
| }
0x000057ac ldr.w r3, [sb] | r3 = *(sb);
0x000057b0 ldr r0, [r5, 8] | r0 = *((r5 + 8));
0x000057b2 ldr.w r7, [r3, sl, lsl 2] | offset_0 = sl << 2;
| r7 = *((r3 + offset_0));
0x000057b6 mov r1, r7 | r1 = r7;
0x000057b8 blx 0x3748 | r0 = g_option_context_set_main_group ();
0x000057bc cmp r0, 0 |
0x000057be beq 0x57a0 |
| }
0x000057c0 ldr r3, [r5] | r3 = *(r5);
0x000057c2 ldr r2, [sp, 4] | r2 = var_4h;
0x000057c4 cmp r3, 0 |
0x000057c6 add.w r2, r2, 1 | r2++;
0x000057ca str r2, [sp, 4] | var_4h = r2;
| if (r3 <= 0) {
0x000057cc ble 0x5818 | goto label_3;
| }
| if (r4 == 0) {
0x000057ce cbz r4, 0x57f8 | goto label_4;
| }
0x000057d0 movs r4, 0 | r4 = 0;
| do {
| label_1:
0x000057d2 ldr r0, [r5, 4] | r0 = *((r5 + 4));
0x000057d4 mov r1, r7 | r1 = r7;
0x000057d6 ldr.w r2, [sb, 8] | r2 = *((sb + 8));
0x000057da mov r3, fp | r3 = fp;
0x000057dc ldr.w r0, [r0, r4, lsl 2] | offset_1 = r4 << 2;
| r0 = *((r0 + offset_1));
0x000057e0 adds r4, 1 | r4++;
0x000057e2 blx 0x3508 | g_string_printf ()
0x000057e6 mov r3, r8 | r3 = r8;
0x000057e8 ldrd r1, r2, [fp] | __asm ("ldrd r1, r2, [fp]");
0x000057ec mov r0, r6 | r0 = r6;
0x000057ee blx 0x35e4 | fcn_000035e4 ();
0x000057f2 ldr r3, [r5] | r3 = *(r5);
0x000057f4 cmp r3, r4 |
| if (r3 <= r4) {
0x000057f6 ble 0x5816 | goto label_5;
| }
| label_4:
0x000057f8 ldrd r3, r1, [r6, 4] | __asm ("ldrd r3, r1, [r6, 4]");
0x000057fc adds r2, r3, 1 | r2 = r3 + 1;
0x000057fe cmp r2, r1 |
| if (r2 >= r1) {
0x00005800 bhs 0x583c | goto label_6;
| }
0x00005802 str r2, [r6, 4] | *((r6 + 4)) = r2;
0x00005804 mov.w r1, 0x2c | r1 = 0x2c;
0x00005808 ldr r2, [r6] | r2 = *(r6);
0x0000580a strb r1, [r2, r3] | *((r2 + r3)) = r1;
0x0000580c movs r1, 0 | r1 = 0;
0x0000580e ldrd r2, r3, [r6] | __asm ("ldrd r2, r3, [r6]");
0x00005812 strb r1, [r2, r3] | *((r2 + r3)) = r1;
0x00005814 b 0x57d2 |
| } while (1);
| label_5:
0x00005816 movs r4, 0 | r4 = 0;
| label_3:
0x00005818 ldr r2, [sp, 4] | r2 = var_4h;
0x0000581a ldr r3, [r5, 0xc] | r3 = *((r5 + 0xc));
0x0000581c cmp r3, r2 |
0x0000581e ite gt |
| if (r3 <= r2) {
0x00005820 movgt r2, 0 | r2 = 0;
| }
| if (r3 > r2) {
0x00005822 movle r2, 1 | r2 = 1;
| }
0x00005824 cmp r3, 0 |
0x00005826 it eq |
| if (r3 != 0) {
0x00005828 moveq r2, 0 | r2 = 0;
| }
0x0000582a cmp r2, 0 |
| if (r2 == 0) {
0x0000582c beq 0x57a0 | goto label_0;
| }
| label_2:
0x0000582e movs r1, 1 | r1 = 1;
0x00005830 mov r0, fp | r0 = fp;
0x00005832 add sp, 0xc |
0x00005834 pop.w {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x00005838 b.w 0x36b8 | void (*0x36b8)() ();
| label_6:
0x0000583c movs r2, 0x2c | r2 = 0x2c;
0x0000583e mov.w r1, -1 | r1 = -1;
0x00005842 mov r0, r6 | r0 = r6;
0x00005844 blx 0x34bc | fcn_000034bc ();
0x00005848 b 0x57d2 | goto label_1;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/lib/syslog-ng/libbasicfuncs.so @ 0x555c */
| #include <stdint.h>
|
; (fcn) sym.tf_context_values_call () | void tf_context_values_call (int16_t arg_28h, int16_t arg2, int16_t arg3, int16_t arg4) {
| r1 = arg2;
| r2 = arg3;
| r3 = arg4;
0x0000555c push.w {r3, r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x00005560 movs r0, 0x40 | r0 = 0x40;
0x00005562 ldr r4, [sp, 0x28] | r4 = *(arg_28h);
0x00005564 mov r7, r2 | r7 = r2;
0x00005566 mov r5, r3 | r5 = r3;
0x00005568 mov r6, r1 | r6 = r1;
0x0000556a blx 0x3568 | g_mutex_lock ();
0x0000556e movs r3, 7 | r3 = 7;
0x00005570 mov fp, r0 |
0x00005572 strb r3, [r4] | *(r4) = r3;
0x00005574 ldr r2, [r7, 4] | r2 = *((r7 + 4));
0x00005576 cmp r2, 0 |
| if (r2 <= 0) {
0x00005578 ble 0x55e4 | goto label_2;
| }
0x0000557a ldr.w sb, [pc, 0x84] |
0x0000557e mov.w sl, 0 | sl = 0;
0x00005582 ldr r3, [r6] | r3 = *(r6);
0x00005584 movs r4, 1 | r4 = 1;
0x00005586 add sb, pc | sb = 0xab8c;
| label_0:
0x00005588 ldr r1, [r7] | r1 = *(r7);
0x0000558a cmp r3, 0 |
0x0000558c ldr.w r8, [r1, sl, lsl 2] | offset_0 = sl << 2;
| r8 = *((r1 + offset_0));
| if (r3 <= 0) {
0x00005590 ble 0x55dc | goto label_3;
| }
| if (r4 == 0) {
0x00005592 cbz r4, 0x55ba | goto label_4;
| }
0x00005594 movs r4, 0 | r4 = 0;
| do {
| label_1:
0x00005596 ldr r0, [r6, 4] | r0 = *((r6 + 4));
0x00005598 mov r1, r8 | r1 = r8;
0x0000559a ldr r2, [r7, 8] | r2 = *((r7 + 8));
0x0000559c mov r3, fp | r3 = fp;
0x0000559e ldr.w r0, [r0, r4, lsl 2] | offset_1 = r4 << 2;
| r0 = *((r0 + offset_1));
0x000055a2 adds r4, 1 | r4++;
0x000055a4 blx 0x3508 | g_string_printf ()
0x000055a8 mov r3, sb | r3 = sb;
0x000055aa ldrd r1, r2, [fp] | __asm ("ldrd r1, r2, [fp]");
0x000055ae mov r0, r5 | r0 = r5;
0x000055b0 blx 0x35e4 | fcn_000035e4 ();
0x000055b4 ldr r3, [r6] | r3 = *(r6);
0x000055b6 cmp r3, r4 |
| if (r3 <= r4) {
0x000055b8 ble 0x55d8 | goto label_5;
| }
| label_4:
0x000055ba ldrd r3, r1, [r5, 4] | __asm ("ldrd r3, r1, [r5, 4]");
0x000055be adds r2, r3, 1 | r2 = r3 + 1;
0x000055c0 cmp r2, r1 |
| if (r2 >= r1) {
0x000055c2 bhs 0x55f0 | goto label_6;
| }
0x000055c4 ldr r0, [r5] | r0 = *(r5);
0x000055c6 movs r1, 0 | r1 = 0;
0x000055c8 str r2, [r5, 4] | *((r5 + 4)) = r2;
0x000055ca mov.w r2, 0x2c | r2 = 0x2c;
0x000055ce strb r2, [r0, r3] | *((r0 + r3)) = r2;
0x000055d0 ldrd r2, r3, [r5] | __asm ("ldrd r2, r3, [r5]");
0x000055d4 strb r1, [r2, r3] | *((r2 + r3)) = r1;
0x000055d6 b 0x5596 |
| } while (1);
| label_5:
0x000055d8 ldr r2, [r7, 4] | r2 = *((r7 + 4));
0x000055da movs r4, 0 | r4 = 0;
| label_3:
0x000055dc add.w sl, sl, 1 | sl++;
0x000055e0 cmp r2, sl |
| if (r2 > sl) {
0x000055e2 bgt 0x5588 | goto label_0;
| }
| label_2:
0x000055e4 mov r0, fp | r0 = fp;
0x000055e6 movs r1, 1 | r1 = 1;
0x000055e8 pop.w {r3, r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x000055ec b.w 0x36b8 | void (*0x36b8)() ();
| label_6:
0x000055f0 movs r2, 0x2c | r2 = 0x2c;
0x000055f2 mov.w r1, -1 | r1 = -1;
0x000055f6 mov r0, r5 | r0 = r5;
0x000055f8 blx 0x34bc | fcn_000034bc ();
0x000055fc b 0x5596 | goto label_1;
| }
[*] Function printf used 3 times libbasicfuncs.so
