[*] Binary protection state of libpaho-mqtt3as.so.1.3.11
Full RELRO Canary found NX enabled DSO No RPATH No RUNPATH No Symbols
[*] Function printf tear down of libpaho-mqtt3as.so.1.3.11
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/lib/libpaho-mqtt3as.so.1.3.11 @ 0x18d18 */
| #include <stdint.h>
|
; (fcn) fcn.00018d18 () | void fcn_00018d18 (int16_t arg_308h) {
| int16_t var_4h;
| int32_t var_0h;
| int32_t var_0h_2;
| int16_t var_ch;
| int16_t var_10h;
| int16_t var_14h;
| if (? < ?) {
0x00018d18 andhs r4, r3, 80, 16 | r4 = r3 & (80 16);
| }
0x00018d1c ldr r3, [pc, 0x140] |
0x00018d1e movw r1, 0x1c1 | r1 = 0x1c1;
0x00018d22 push {r4, r5, r6, r7, lr} |
0x00018d24 movs r4, 0 | r4 = 0;
0x00018d26 ldr r6, [pc, 0x13c] |
0x00018d28 add r0, pc | r0 += pc;
0x00018d2a sub sp, 0x1c |
0x00018d2c ldr r3, [r0, r3] | r3 = *((r0 + r3));
0x00018d2e add r7, sp, 0x10 | r7 += var_10h;
0x00018d30 add r6, pc | r6 = 0x31b9a;
0x00018d32 add.w r0, r6, 0x58 | r0 = r6 + 0x58;
0x00018d36 ldr r3, [r3] | r3 = *(0x18e60);
0x00018d38 str r3, [sp, 0x14] | var_14h = r3;
0x00018d3a mov.w r3, 0 | r3 = 0;
0x00018d3e str r4, [sp, 0xc] | var_ch = r4;
0x00018d40 bl 0x10290 | fcn_00010290 (r0, r1, r2);
0x00018d44 ldr r3, [pc, 0x120] |
0x00018d46 add r3, pc |
0x00018d48 ldr r3, [r3] | r3 = imp.__stack_chk_guard;
0x00018d4a cmp r3, 0 |
| if (r3 != 0) {
0x00018d4c beq 0x18dda |
0x00018d4e mov r2, r4 | r2 = r4;
0x00018d50 movs r1, 0 | r1 = 0;
0x00018d52 movs r0, 0 | r0 = 0;
0x00018d54 blx 0x324c | r0 = vsnprintf_chk ()
0x00018d58 mov r3, r0 | r3 = r0;
0x00018d5a movs r1, 0 | r1 = 0;
0x00018d5c cmp r3, 1 |
0x00018d5e mov r2, r4 | r2 = r4;
0x00018d60 it ne |
| if (r3 == 1) {
0x00018d62 movne r3, -1 | r3 = -1;
| }
0x00018d66 movs r0, 2 | r0 = 2;
0x00018d68 str r3, [sp, 0xc] | var_ch = r3;
0x00018d6a blx 0x3030 | OPENSSL_init_crypto ();
0x00018d6e movs r0, 2 | r0 = 2;
0x00018d70 mov r2, r4 | r2 = r4;
0x00018d72 movs r1, 0 | r1 = 0;
0x00018d74 movt r0, 0x20 | r0 = (r0 & 0xFFFF) | 0x200000;
0x00018d78 blx 0x324c | vsnprintf_chk ()
0x00018d7c mov r2, r4 | r2 = r4;
0x00018d7e movs r1, 0 | r1 = 0;
0x00018d80 movs r0, 0xc | r0 = 0xc;
0x00018d82 blx 0x3030 | OPENSSL_init_crypto ();
0x00018d86 ldr r0, [pc, 0xe4] |
0x00018d88 movs r2, 0x18 | r2 = 0x18;
0x00018d8a movw r1, 0x1d3 | r1 = 0x1d3;
0x00018d8e add r0, pc | r0 = 0x31c00;
0x00018d90 bl 0x10798 | fcn_00010798 (r0, r1, r2);
0x00018d94 ldr r3, [pc, 0xd8] |
0x00018d96 mov r5, r0 | r5 = r0;
0x00018d98 add r3, pc | r3 = 0x31c0c;
0x00018d9a str.w r0, [r3, 0x94] | __asm ("str.w r0, [r3, 0x94]");
0x00018d9e cmp r0, 0 |
| if (r0 == 0) {
0x00018da0 beq 0x18e50 | goto label_0;
| }
0x00018da2 adds r6, 0x30 | r6 += 0x30;
0x00018da4 movs r2, 3 | r2 = 3;
0x00018da6 str r4, [r0] | *(r0) = r4;
0x00018da8 mov.w r1, 0x15c | r1 = 0x15c;
0x00018dac str r4, [r0, 4] | *((r0 + 4)) = r4;
0x00018dae add r7, sp, 0x10 | r7 += var_10h;
0x00018db0 str r4, [r0, 8] | *((r0 + 8)) = r4;
0x00018db2 str r4, [r0, 0xc] | *((r0 + 0xc)) = r4;
0x00018db4 str r4, [r0, 0x10] | *((r0 + 0x10)) = r4;
0x00018db6 str r4, [r0, 0x14] | *((r0 + 0x14)) = r4;
0x00018db8 mov r0, r6 | r0 = r6;
0x00018dba str r4, [sp, 0x10] | var_10h = r4;
0x00018dbc bl 0x10290 | fcn_00010290 (r0, r1, r2);
0x00018dc0 mov r1, r4 | r1 = r4;
0x00018dc2 mov r0, r5 | r0 = r5;
0x00018dc4 blx 0x304c | r0 = fcn_0000304c ();
0x00018dc8 mov r1, r0 | r1 = r0;
0x00018dca movs r3, 3 | r3 = 3;
0x00018dcc str r1, [sp, 0x10] | var_10h = r1;
0x00018dce mov r2, r7 | r2 = r7;
0x00018dd0 mov r0, r6 | r0 = r6;
0x00018dd2 mov.w r1, 0x162 | r1 = 0x162;
0x00018dd6 bl 0x10330 | fcn_00010330 (r0, r1, r2, r3);
| }
0x00018dda ldr r4, [pc, 0x98] |
0x00018ddc movs r5, 0 | r5 = 0;
0x00018dde ldr r6, [pc, 0x98] |
0x00018de0 movs r2, 3 | r2 = 3;
0x00018de2 mov.w r1, 0x15c | r1 = 0x15c;
0x00018de6 str r5, [sp, 0x10] | var_10h = r5;
0x00018de8 add r4, pc | r4 = 0x31c62;
0x00018dea adds r4, 0x30 | r4 += 0x30;
0x00018dec add r6, pc | r6 = 0x31c6a;
0x00018dee mov r0, r4 | r0 = r4;
0x00018df0 bl 0x10290 | fcn_00010290 (r0, r1, r2);
0x00018df4 mov r1, r5 | r1 = r5;
0x00018df6 add.w r0, r6, 0x98 | r0 = r6 + 0x98;
0x00018dfa blx 0x304c | r0 = fcn_0000304c ();
0x00018dfe mov r3, r0 | r3 = r0;
0x00018e00 mov r2, r7 | r2 = r7;
0x00018e02 mov r0, r4 | r0 = r4;
0x00018e04 mov.w r1, 0x162 | r1 = 0x162;
0x00018e08 str r3, [sp, 0x10] | var_10h = r3;
0x00018e0a movs r3, 3 | r3 = 3;
0x00018e0c bl 0x10330 | fcn_00010330 (r0, r1, r2, r3);
0x00018e10 ldr r2, [pc, 0x68] |
0x00018e12 mov r3, r5 | r3 = r5;
0x00018e14 mov r1, r5 | r1 = r5;
0x00018e16 mov r0, r5 | r0 = r5;
0x00018e18 strd r5, r5, [sp] | __asm ("strd r5, r5, [sp]");
0x00018e1c add r2, pc | r2 = 0x31c9c;
0x00018e1e blx 0x31e0 | closedir ();
0x00018e22 str r0, [r6] | *(r6) = r0;
| do {
0x00018e24 ldr r0, [pc, 0x58] |
0x00018e26 movs r3, 3 | r3 = 3;
0x00018e28 add r2, sp, 0xc | r2 += var_ch;
0x00018e2a movw r1, 0x1ef | r1 = 0x1ef;
0x00018e2e add r0, pc | r0 = 0x31cb2;
0x00018e30 adds r0, 0x58 | r0 += 0x58;
0x00018e32 bl 0x10330 | fcn_00010330 (r0, r1, r2, r3);
0x00018e36 ldr r2, [pc, 0x4c] |
0x00018e38 ldr r3, [pc, 0x24] | r3 = *(0x18e60);
0x00018e3a ldr r0, [sp, 0xc] | r0 = var_ch;
0x00018e3c add r2, pc | r2 = 0x31cc6;
0x00018e3e ldr r3, [r2, r3] | r3 = imp.__stack_chk_guard;
0x00018e40 ldr r2, [r3] | r2 = imp.__stack_chk_guard;
0x00018e42 ldr r3, [sp, 0x14] | r3 = var_14h;
0x00018e44 eors r2, r3 | r2 ^= r3;
0x00018e46 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00018e4a bne 0x18e58 | goto label_1;
| }
0x00018e4c add sp, 0x1c |
0x00018e4e pop {r4, r5, r6, r7, pc} |
| label_0:
0x00018e50 mov.w r3, -1 | r3 = -1;
0x00018e54 str r3, [sp, 0xc] | var_ch = r3;
0x00018e56 b 0x18e24 |
| } while (1);
| label_1:
0x00018e58 blx 0x347c | fcn_0000347c ();
0x00018e5c ldrh r0, [r3, 0x3a] | r0 = *((r3 + 0x3a));
0x00018e5e movs r0, r0 |
0x00018e60 lsls r4, r4, 0xb | r4 <<= 0xb;
0x00018e62 movs r0, r0 |
0x00018e64 str r0, [r4, 0x64] | *((r4 + 0x64)) = r0;
0x00018e66 movs r0, r0 |
0x00018e68 str r4, [sp, 0x308] | *(arg_308h) = r4;
0x00018e6a movs r0, r0 |
0x00018e6c ldrh r2, [r3, r7] | r2 = *((r3 + r7));
0x00018e6e movs r0, r0 |
0x00018e70 ldr r4, [r6, 0x74] | r4 = *((r6 + 0x74));
0x00018e72 movs r0, r1 | r0 = r1;
0x00018e74 str r0, [r5, 0x58] | *((r5 + 0x58)) = r0;
0x00018e76 movs r0, r0 |
0x00018e78 ldr r0, [r4, 0x70] | r0 = *((r4 + 0x70));
0x00018e7a movs r0, r1 | r0 = r1;
0x00018e7c ldrh r4, [r0, r6] | r4 = *((r0 + r6));
0x00018e7e movs r0, r0 |
0x00018e80 str r2, [r4, 0x54] | *((r4 + 0x54)) = r2;
0x00018e82 movs r0, r0 |
0x00018e84 ldrh r4, [r0, 0x32] | r4 = *((r0 + 0x32));
0x00018e86 movs r0, r0 |
| }
[*] Function printf used 3 times libpaho-mqtt3as.so.1.3.11
