[*] Binary protection state of lsattr.e2fsprogs
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function sprintf tear down of lsattr.e2fsprogs
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/bin/lsattr.e2fsprogs @ 0xbcc */
| #include <stdint.h>
|
; (fcn) fcn.00000bcc () | void fcn_00000bcc (int16_t arg1) {
| int32_t var_0h_3;
| int32_t var_0h_4;
| int16_t var_8h;
| int16_t var_18h;
| int16_t var_74h;
| int16_t var_0h_2;
| int16_t var_10h;
| int16_t var_6ch;
| int16_t var_0h;
| int16_t var_4h;
| int16_t var_8h_2;
| int16_t var_ch;
| r0 = arg1;
0x00000bcc blmi 0x12534f4 | __asm ("blmi 0x12534f4");
0x00000bd0 push {r4, r5, r6, lr} |
0x00000bd2 sub sp, 0x10 |
0x00000bd4 add r2, pc | r2 += pc;
0x00000bd6 ldr r6, [pc, 0x120] |
0x00000bd8 mov r1, sp | r1 = sp;
0x00000bda mov r4, r0 | r4 = r0;
0x00000bdc ldr r3, [r2, r3] | r3 = *((r2 + r3));
0x00000bde add r6, pc | r6 = 0x18dc;
0x00000be0 ldr r3, [r3] | r3 = *(r3);
0x00000be2 str r3, [sp, 0xc] | var_ch = r3;
0x00000be4 mov.w r3, 0 | r3 = 0;
0x00000be8 blx 0x878 | fgetflags ();
0x00000bec adds r0, 1 | r0++;
| if (r0 == 1) {
0x00000bee beq 0xc98 | goto label_8;
| }
0x00000bf0 ldr r3, [pc, 0x108] |
0x00000bf2 add r3, pc |
0x00000bf4 ldr r3, [r3] | r3 = *(0x18f2);
0x00000bf6 cmp r3, 0 |
| if (r3 != 0) {
0x00000bf8 bne 0xc64 | goto label_9;
| }
| label_0:
0x00000bfa ldr r3, [pc, 0x104] |
0x00000bfc add r3, pc |
0x00000bfe ldr r3, [r3, 4] | r3 = *(0x1906);
0x00000c00 cmp r3, 0 |
| if (r3 != 0) {
0x00000c02 bne 0xc7e | goto label_10;
| }
| label_1:
0x00000c04 ldr r5, [pc, 0xfc] |
0x00000c06 add r5, pc | r5 = 0x190e;
0x00000c08 ldr r2, [r5, 8] | r2 = *(0x1916);
0x00000c0a lsls r3, r2, 0x1f | r3 = r2 << 0x1f;
| if (r3 < r2) {
0x00000c0c bmi 0xc40 | goto label_11;
| }
0x00000c0e ldr r3, [pc, 0xf8] | r3 = *(0xd0a);
0x00000c10 ldr r1, [sp] | r1 = *(sp);
0x00000c12 ldr r3, [r6, r3] | r3 = *((r6 + r3));
0x00000c14 ldr r0, [r3] | r0 = *(0xd0a);
0x00000c16 blx 0x8cc | print_flags ();
0x00000c1a ldr r1, [pc, 0xf0] |
0x00000c1c mov r2, r4 | r2 = r4;
0x00000c1e movs r0, 1 | r0 = 1;
0x00000c20 add r1, pc | r1 = 0x1932;
0x00000c22 blx 0x920 | printf_chk ();
| do {
0x00000c26 movs r0, 0 | r0 = 0;
| label_2:
0x00000c28 ldr r2, [pc, 0xe4] |
0x00000c2a ldr r3, [pc, 0xc8] | r3 = *(0xcf6);
0x00000c2c add r2, pc | r2 = 0x1940;
0x00000c2e ldr r3, [r2, r3] | r3 = *(0x1940);
0x00000c30 ldr r2, [r3] | r2 = *(0x1940);
0x00000c32 ldr r3, [sp, 0xc] | r3 = var_ch;
0x00000c34 eors r2, r3 | r2 ^= r3;
0x00000c36 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00000c3a bne 0xcea | goto label_12;
| }
0x00000c3c add sp, 0x10 |
0x00000c3e pop {r4, r5, r6, pc} |
| label_11:
0x00000c40 ldr r1, [pc, 0xd0] |
0x00000c42 mov r2, r4 | r2 = r4;
0x00000c44 movs r0, 1 | r0 = 1;
0x00000c46 add r1, pc | r1 = 0x195e;
0x00000c48 blx 0x920 | printf_chk ();
0x00000c4c ldr r3, [pc, 0xb8] | r3 = *(0xd08);
0x00000c4e ldr r1, [sp] | r1 = *(sp);
0x00000c50 ldr r2, [r5, 8] | r2 = *((r5 + 8));
0x00000c52 ldr r4, [r6, r3] | r4 = *((r6 + r3));
0x00000c54 ldr r0, [r4] | r0 = *(r4);
0x00000c56 blx 0x8cc | print_flags ();
0x00000c5a ldr r1, [r4] | r1 = *(r4);
0x00000c5c movs r0, 0xa | r0 = 0xa;
0x00000c5e blx 0x944 | fputc (r0, r1);
0x00000c62 b 0xc26 |
| } while (1);
| label_9:
0x00000c64 add r1, sp, 8 | r1 += var_8h_2;
0x00000c66 mov r0, r4 | r0 = r4;
0x00000c68 blx 0x860 | fgetproject ();
0x00000c6c adds r0, 1 | r0++;
| if (r0 == 1) {
0x00000c6e beq 0xcb6 | goto label_13;
| }
0x00000c70 ldr r1, [pc, 0xa4] |
0x00000c72 movs r0, 1 | r0 = 1;
0x00000c74 ldr r2, [sp, 8] | r2 = var_8h_2;
0x00000c76 add r1, pc | r1 = 0x1992;
0x00000c78 blx 0x920 | printf_chk ();
0x00000c7c b 0xbfa | goto label_0;
| label_10:
0x00000c7e add r1, sp, 4 | r1 += var_4h;
0x00000c80 mov r0, r4 | r0 = r4;
0x00000c82 blx 0x854 | fgetversion ();
0x00000c86 adds r0, 1 | r0++;
| if (r0 == 1) {
0x00000c88 beq 0xcd0 | goto label_14;
| }
0x00000c8a ldr r1, [pc, 0x90] |
0x00000c8c movs r0, 1 | r0 = 1;
0x00000c8e ldr r2, [sp, 4] | r2 = var_4h;
0x00000c90 add r1, pc | r1 = 0x19b2;
0x00000c92 blx 0x920 | printf_chk ();
0x00000c96 b 0xc04 | goto label_1;
| label_8:
0x00000c98 ldr r3, [pc, 0x84] |
0x00000c9a add r3, pc | r3 = 0x19be;
0x00000c9c ldr r5, [r3] | r5 = *(0x19be);
0x00000c9e blx 0x8fc | errno_location ();
0x00000ca2 ldr r2, [pc, 0x80] |
0x00000ca4 mov r3, r4 | r3 = r4;
0x00000ca6 ldr r1, [r0] | r1 = *(r0);
0x00000ca8 mov r0, r5 | r0 = r5;
0x00000caa add r2, pc | r2 = 0x19d4;
0x00000cac blx 0x890 | com_err ();
| do {
| label_3:
0x00000cb0 mov.w r0, -1 | r0 = -1;
0x00000cb4 b 0xc28 | goto label_2;
| label_13:
0x00000cb6 ldr r3, [pc, 0x70] |
0x00000cb8 add r3, pc | r3 = 0x19e6;
0x00000cba ldr r5, [r3] | r5 = *(0x19e6);
0x00000cbc blx 0x8fc | errno_location ();
0x00000cc0 ldr r2, [pc, 0x68] |
0x00000cc2 mov r3, r4 | r3 = r4;
0x00000cc4 ldr r1, [r0] | r1 = *(r0);
0x00000cc6 mov r0, r5 | r0 = r5;
0x00000cc8 add r2, pc | r2 = 0x19f8;
0x00000cca blx 0x890 | com_err ();
0x00000cce b 0xcb0 |
| } while (1);
| label_14:
0x00000cd0 ldr r3, [pc, 0x5c] |
0x00000cd2 add r3, pc | r3 = 0x1a06;
0x00000cd4 ldr r5, [r3] | r5 = *(0x1a06);
0x00000cd6 blx 0x8fc | errno_location ();
0x00000cda ldr r2, [pc, 0x58] |
0x00000cdc mov r3, r4 | r3 = r4;
0x00000cde ldr r1, [r0] | r1 = *(r0);
0x00000ce0 mov r0, r5 | r0 = r5;
0x00000ce2 add r2, pc | r2 = 0x1a1c;
0x00000ce4 blx 0x890 | com_err ();
0x00000ce8 b 0xcb0 | goto label_3;
| label_12:
0x00000cea blx 0x884 | stack_chk_fail ();
0x00000cee nop |
0x00000cf0 movs r3, 0x94 | r3 = 0x94;
0x00000cf2 movs r0, r0 |
0x00000cf4 lsls r0, r7, 1 | r0 = r7 << 1;
0x00000cf6 movs r0, r0 |
0x00000cf8 movs r3, 0x8a | r3 = 0x8a;
0x00000cfa movs r0, r0 |
0x00000cfc movs r4, 0x1a | r4 = 0x1a;
0x00000cfe movs r0, r0 |
0x00000d00 movs r4, 0x10 | r4 = 0x10;
0x00000d02 movs r0, r0 |
0x00000d04 movs r4, 6 | r4 = 6;
0x00000d06 movs r0, r0 |
0x00000d08 lsls r0, r1, 2 | r0 = r1 << 2;
0x00000d0a movs r0, r0 |
0x00000d0c lsls r0, r4, 0x10 | r0 = r4 << 0x10;
0x00000d0e movs r0, r0 |
0x00000d10 movs r3, 0x3c | r3 = 0x3c;
0x00000d12 movs r0, r0 |
0x00000d14 lsls r2, r6, 0xf | r2 = r6 << 0xf;
0x00000d16 movs r0, r0 |
0x00000d18 lsls r6, r2, 0xe | r6 = r2 << 0xe;
0x00000d1a movs r0, r0 |
0x00000d1c lsls r0, r4, 0xe | r0 = r4 << 0xe;
0x00000d1e movs r0, r0 |
0x00000d20 movs r3, 0x6a | r3 = 0x6a;
0x00000d22 movs r0, r0 |
0x00000d24 lsls r2, r5, 0xc | r2 = r5 << 0xc;
0x00000d26 movs r0, r0 |
0x00000d28 movs r3, 0x4c | r3 = 0x4c;
0x00000d2a movs r0, r0 |
0x00000d2c lsls r0, r5, 0xc | r0 = r5 << 0xc;
0x00000d2e movs r0, r0 |
0x00000d30 movs r3, 0x32 | r3 = 0x32;
0x00000d32 movs r0, r0 |
0x00000d34 lsls r2, r6, 0xc | r2 = r6 << 0xc;
0x00000d36 movs r0, r0 |
0x00000d38 ldr r2, [pc, 0x80] |
0x00000d3a ldr r3, [pc, 0x84] | r3 = *(0xdc2);
0x00000d3c push {r4, r5, r6, lr} |
0x00000d3e sub sp, 0x70 |
0x00000d40 add r2, pc | r2 = 0x1b00;
0x00000d42 mov r1, sp | r1 = sp;
0x00000d44 mov r5, r0 | r5 = r0;
0x00000d46 ldr r3, [r2, r3] |
0x00000d48 ldr r3, [r3] | r3 = *(0x1b00);
0x00000d4a str r3, [sp, 0x6c] | var_6ch = r3;
0x00000d4c mov.w r3, 0 | r3 = 0;
0x00000d50 blx 0x86c | r0 = lstat64 ();
0x00000d54 adds r3, r0, 1 | r3 = r0 + 1;
| if (r3 == r0) {
0x00000d56 beq 0xd9c | goto label_15;
| }
0x00000d58 ldr r3, [sp, 0x10] | r3 = var_10h;
0x00000d5a and r3, r3, 0xf000 | r3 &= 0xf000;
0x00000d5e cmp.w r3, 0x4000 |
| if (r3 == 0x4000) {
0x00000d62 bne 0xd6c |
0x00000d64 ldr r3, [pc, 0x5c] |
0x00000d66 add r3, pc | r3 = 0x1b2e;
0x00000d68 ldr r2, [r3, 0xc] | r2 = *(0x1b3a);
| if (r2 == 0) {
0x00000d6a cbz r2, 0xd8e | goto label_16;
| }
| }
0x00000d6c mov r0, r5 | r0 = r5;
0x00000d6e bl 0xbcc | r0 = fcn_00000bcc (r0);
0x00000d72 mov r4, r0 | r4 = r0;
| do {
| label_4:
0x00000d74 ldr r2, [pc, 0x50] |
0x00000d76 ldr r3, [pc, 0x48] | r3 = *(0xdc2);
0x00000d78 add r2, pc | r2 = 0x1b44;
0x00000d7a ldr r3, [r2, r3] | r3 = *(0x1b44);
0x00000d7c ldr r2, [r3] | r2 = *(0x1b44);
0x00000d7e ldr r3, [sp, 0x6c] | r3 = var_6ch;
0x00000d80 eors r2, r3 | r2 ^= r3;
0x00000d82 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00000d86 bne 0xdb8 | goto label_17;
| }
0x00000d88 mov r0, r4 | r0 = r4;
0x00000d8a add sp, 0x70 |
0x00000d8c pop {r4, r5, r6, pc} |
| label_16:
0x00000d8e ldr r1, [pc, 0x3c] |
0x00000d90 mov r0, r5 | r0 = r5;
0x00000d92 add r1, pc | r1 = 0x1b64;
0x00000d94 blx 0x938 | r0 = iterate_on_dir ();
0x00000d98 mov r4, r0 | r4 = r0;
0x00000d9a b 0xd74 |
| } while (1);
| label_15:
0x00000d9c ldr r3, [pc, 0x30] |
0x00000d9e mov r4, r0 | r4 = r0;
0x00000da0 add r3, pc | r3 = 0x1b74;
0x00000da2 ldr r6, [r3] | r6 = *(0x1b74);
0x00000da4 blx 0x8fc | errno_location ();
0x00000da8 ldr r2, [pc, 0x28] |
0x00000daa mov r3, r5 | r3 = r5;
0x00000dac ldr r1, [r0] | r1 = *(r0);
0x00000dae mov r0, r6 | r0 = r6;
0x00000db0 add r2, pc | r2 = 0x1b88;
0x00000db2 blx 0x890 | com_err ();
0x00000db6 b 0xd74 | goto label_4;
| label_17:
0x00000db8 blx 0x884 | stack_chk_fail ();
0x00000dbc movs r2, 0x28 | r2 = 0x28;
0x00000dbe movs r0, r0 |
0x00000dc0 lsls r0, r7, 1 | r0 = r7 << 1;
0x00000dc2 movs r0, r0 |
0x00000dc4 movs r2, 0xa6 | r2 = 0xa6;
0x00000dc6 movs r0, r0 |
0x00000dc8 movs r1, 0xf0 | r1 = 0xf0;
0x00000dca movs r0, r0 |
0x00000dcc lsls r3, r0, 1 | r3 = r0 << 1;
0x00000dce movs r0, r0 |
0x00000dd0 movs r2, 0x64 | r2 = 0x64;
0x00000dd2 movs r0, r0 |
0x00000dd4 lsls r0, r3, 0xa | r0 = r3 << 0xa;
0x00000dd6 movs r0, r0 |
0x00000dd8 ldr r2, [pc, 0x130] |
0x00000dda ldr r3, [pc, 0x134] | r3 = *(0xf12);
0x00000ddc push.w {r4, r5, r6, r7, r8, sb, lr} |
0x00000de0 add.w r8, r1, 0xb | r8 = r1 + 0xb;
0x00000de4 add r2, pc | r2 = 0x1cf4;
0x00000de6 sub sp, 0x7c |
0x00000de8 mov r6, r1 | r6 = r1;
0x00000dea mov r7, r0 | r7 = r0;
0x00000dec ldr r3, [r2, r3] |
0x00000dee ldr.w sb, [pc, 0x124] | sb = *(0x00000f14);
0x00000df2 ldr r3, [r3] | r3 = *(0x1cf4);
0x00000df4 str r3, [sp, 0x74] | var_74h = r3;
0x00000df6 mov.w r3, 0 | r3 = 0;
0x00000dfa blx 0x8e4 | r0 = strlen (r0);
0x00000dfe mov r5, r0 | r5 = r0;
0x00000e00 mov r0, r8 | r0 = r8;
0x00000e02 blx 0x8e4 | strlen (r0);
0x00000e06 add r0, r5 | r0 += r5;
0x00000e08 add sb, pc | sb += pc;
0x00000e0a adds r0, 2 | r0 += 2;
0x00000e0c blx 0x8b4 | r0 = malloc (r0);
0x00000e10 cmp r0, 0 |
| if (r0 == 0) {
0x00000e12 beq 0xef2 | goto label_18;
| }
0x00000e14 mov r4, r0 | r4 = r0;
| if (r5 != 0) {
0x00000e16 cbz r5, 0xe22 |
0x00000e18 add r5, r7 | r5 += r7;
0x00000e1a ldrb r3, [r5, -0x1] | r3 = *((r5 - 0x1));
0x00000e1e cmp r3, 0x2f |
| if (r3 == 0x2f) {
0x00000e20 beq 0xeda | goto label_19;
| }
| }
0x00000e22 ldr r3, [pc, 0xf4] |
0x00000e24 mov.w r2, -1 | r2 = -1;
0x00000e28 movs r1, 1 | r1 = 1;
0x00000e2a mov r0, r4 | r0 = r4;
0x00000e2c strd r7, r8, [sp] | __asm ("strd r7, r8, [sp]");
0x00000e30 add r3, pc | r3 = 0x1d4e;
0x00000e32 blx 0x908 | sprintf_chk ()
| label_6:
0x00000e36 add r1, sp, 8 | r1 += var_8h;
0x00000e38 mov r0, r4 | r0 = r4;
0x00000e3a blx 0x86c | lstat64 ();
0x00000e3e adds r0, 1 | r0++;
| if (r0 == 1) {
0x00000e40 beq 0xed2 | goto label_20;
| }
0x00000e42 ldrb r3, [r6, 0xb] | r3 = *((r6 + 0xb));
0x00000e44 cmp r3, 0x2e |
| if (r3 != 0x2e) {
0x00000e46 bne 0xe72 | goto label_21;
| }
0x00000e48 ldr r3, [pc, 0xd0] |
0x00000e4a add r3, pc |
0x00000e4c ldr r3, [r3, 0x10] | r3 = *(0x1d7a);
0x00000e4e cbnz r3, 0xe72 |
| while (r3 != 0x4000) {
| label_5:
0x00000e50 mov r0, r4 | r0 = r4;
0x00000e52 blx 0x848 | free (r0);
0x00000e56 movs r0, 0 | r0 = 0;
| label_7:
0x00000e58 ldr r2, [pc, 0xc4] |
0x00000e5a ldr r3, [pc, 0xb4] | r3 = *(0xf12);
0x00000e5c add r2, pc | r2 = 0x1d80;
0x00000e5e ldr r3, [r2, r3] | r3 = *(0x1d80);
0x00000e60 ldr r2, [r3] | r2 = *(0x1d80);
0x00000e62 ldr r3, [sp, 0x74] | r3 = var_74h;
0x00000e64 eors r2, r3 | r2 ^= r3;
0x00000e66 mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00000e6a bne 0xeee | goto label_22;
| }
0x00000e6c add sp, 0x7c |
0x00000e6e pop.w {r4, r5, r6, r7, r8, sb, pc} |
| label_21:
0x00000e72 mov r0, r4 | r0 = r4;
0x00000e74 bl 0xbcc | fcn_00000bcc (r0);
0x00000e78 ldr r3, [sp, 0x18] | r3 = var_18h;
0x00000e7a and r3, r3, 0xf000 | r3 &= 0xf000;
0x00000e7e cmp.w r3, 0x4000 |
0x00000e82 bne 0xe50 |
| }
0x00000e84 ldr r3, [pc, 0x9c] |
0x00000e86 add r3, pc |
0x00000e88 ldr r3, [r3, 0x14] | r3 = *(0x1dc2);
0x00000e8a cmp r3, 0 |
| if (r3 == 0) {
0x00000e8c beq 0xe50 | goto label_5;
| }
0x00000e8e ldrb r3, [r6, 0xb] | r3 = *((r6 + 0xb));
0x00000e90 cmp r3, 0x2e |
| if (r3 != 0x2e) {
0x00000e92 bne 0xe9c | goto label_23;
| }
0x00000e94 ldrb.w r3, [r8, 1] | r3 = *((r8 + 1));
0x00000e98 cmp r3, 0 |
| if (r3 == 0) {
0x00000e9a beq 0xe50 | goto label_5;
| }
| label_23:
0x00000e9c ldrb r3, [r6, 0xb] | r3 = *((r6 + 0xb));
0x00000e9e cmp r3, 0x2e |
| if (r3 != 0x2e) {
0x00000ea0 bne 0xeb2 | goto label_24;
| }
0x00000ea2 ldrb.w r3, [r8, 1] | r3 = *((r8 + 1));
0x00000ea6 cmp r3, 0x2e |
| if (r3 != 0x2e) {
0x00000ea8 bne 0xeb2 | goto label_24;
| }
0x00000eaa ldrb.w r3, [r8, 2] | r3 = *((r8 + 2));
0x00000eae cmp r3, 0 |
| if (r3 == 0) {
0x00000eb0 beq 0xe50 | goto label_5;
| }
| label_24:
0x00000eb2 ldr r1, [pc, 0x74] |
0x00000eb4 mov r2, r4 | r2 = r4;
0x00000eb6 movs r0, 1 | r0 = 1;
0x00000eb8 add r1, pc | r1 = 0x1de6;
0x00000eba blx 0x920 | printf_chk ();
0x00000ebe ldr r1, [pc, 0x6c] |
0x00000ec0 movs r2, 0 | r2 = 0;
0x00000ec2 mov r0, r4 | r0 = r4;
0x00000ec4 add r1, pc | r1 = 0x1df6;
0x00000ec6 blx 0x938 | iterate_on_dir ();
0x00000eca movs r0, 0xa | r0 = 0xa;
0x00000ecc blx 0x914 | putchar (r0);
0x00000ed0 b 0xe50 | goto label_5;
| label_20:
0x00000ed2 mov r0, r4 | r0 = r4;
0x00000ed4 blx 0x89c | perror (r0);
0x00000ed8 b 0xe50 | goto label_5;
| label_19:
0x00000eda ldr r3, [pc, 0x54] |
0x00000edc mov.w r2, -1 | r2 = -1;
0x00000ee0 movs r1, 1 | r1 = 1;
0x00000ee2 strd r7, r8, [sp] | __asm ("strd r7, r8, [sp]");
0x00000ee6 add r3, pc | r3 = 0x1e1c;
0x00000ee8 blx 0x908 | sprintf_chk ()
0x00000eec b 0xe36 | goto label_6;
| label_22:
0x00000eee blx 0x884 | stack_chk_fail ();
| label_18:
0x00000ef2 ldr r3, [pc, 0x40] |
0x00000ef4 movs r2, 0x33 | r2 = 0x33;
0x00000ef6 ldr r0, [pc, 0x40] |
0x00000ef8 movs r1, 1 | r1 = 1;
0x00000efa ldr.w r3, [sb, r3] | r3 = *((sb + r3));
0x00000efe add r0, pc | r0 = 0x1e3c;
0x00000f00 ldr r3, [r3] | r3 = *(0xf36);
0x00000f02 blx 0x8a8 | fwrite (r0, r1, r2, r3);
0x00000f06 mov.w r0, -1 | r0 = -1;
0x00000f0a b 0xe58 | goto label_7;
| }
[*] Function sprintf used 3 times lsattr.e2fsprogs
