[*] Binary protection state of netd_migrate
Full RELRO Canary found NX enabled PIE enabled No RPATH No RUNPATH No Symbols
[*] Function system tear down of netd_migrate
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/libexec/netd_migrate @ 0x5df0 */
| #include <stdint.h>
|
; (fcn) fcn.00005df0 () | void fcn_00005df0 (int16_t arg_188h, int16_t arg_18ch, int16_t arg_28h, uint32_t arg1, uint32_t arg2, int16_t arg3, int16_t arg4) {
| int16_t var_0h;
| r0 = arg1;
| r1 = arg2;
| r2 = arg3;
| r3 = arg4;
| label_0:
0x000025e8 bx pc | return void (*pc)() ();
0x00005df0 push.w {r4, r5, r6, r8, sb, sl, fp, lr} |
0x00005df4 sub sp, 8 |
0x00005df6 ldr.w sb, [sp, 0x28] | sb = *(arg_28h);
0x00005dfa cmp r0, 0 |
| if (arg_28h == ) {
0x00005dfc beq 0x5ec4 | goto label_3;
| }
0x00005dfe mov r4, r1 | r4 = r1;
0x00005e00 cmp r1, 0 |
| if (r1 == 0) {
0x00005e02 beq 0x5ef8 | goto label_4;
| }
0x00005e04 mov r6, r2 | r6 = r2;
0x00005e06 mov r8, r3 | r8 = r3;
0x00005e08 mov r5, r0 | r5 = r0;
0x00005e0a cmp r3, 0 |
| if (r3 != 0) {
0x00005e0c bne 0x5edc | goto label_5;
| }
0x00005e0e blx 0x2928 | r0 = fcn_00002928 ();
0x00005e12 mov sl, r0 | sl = r0;
0x00005e14 mov r2, r6 | r2 = r6;
0x00005e16 mov r0, r5 | r0 = r5;
0x00005e18 movw r1, 0x8041 | r1 = 0x8041;
0x00005e1c str.w r8, [sl] | __asm ("str.w r8, [sl]");
0x00005e20 blx 0x22c4 | r0 = fcn_000022c4 ();
0x00005e24 adds r2, r0, 1 | r2 = r0 + 1;
0x00005e26 mov r5, r0 | r5 = r0;
| if (r2 == r0) {
0x00005e28 beq 0x5e96 | goto label_6;
| }
0x00005e2a ldr.w fp, [pc, 0x118] |
0x00005e2e add fp, pc | fp = 0xbd78;
0x00005e30 add.w r1, fp, 0x188 | r1 += arg_188h;
0x00005e34 blx 0x267c | r0 = fcn_0000267c ();
0x00005e38 mov r6, r0 | r6 = r0;
| if (r0 == 0) {
0x00005e3a cbz r0, 0x5e96 | goto label_6;
| }
0x00005e3c mov r3, r4 | r3 = r4;
0x00005e3e add.w r2, fp, 0x18c | r2 += arg_18ch;
0x00005e42 movs r1, 1 | r1 = 1;
0x00005e44 blx 0x2754 | r0 = fcn_00002754 ();
0x00005e48 cmp r0, 0 |
| if (r0 < 0) {
0x00005e4a blt 0x5f16 | goto label_7;
| }
0x00005e4c mov r0, r6 | r0 = r6;
0x00005e4e blx 0x23e0 | r0 = system (r0)
0x00005e52 cmp r0, 0 |
| if (r0 == 0) {
0x00005e54 beq 0x5f12 | goto label_8;
| }
0x00005e56 blx 0x24d8 | fcn_000024d8 ();
0x00005e5a ldr.w r6, [sl] | r6 = *(sl);
0x00005e5e mov r4, r0 | r4 = r0;
0x00005e60 mov r0, r6 | r0 = r6;
0x00005e62 blx 0x2810 | fcn_00002810 ();
0x00005e66 mov r2, r6 | r2 = r6;
0x00005e68 mov r3, r0 | r3 = r0;
0x00005e6a mov r1, r4 | r1 = r4;
0x00005e6c mov r0, sb | r0 = sb;
0x00005e6e blx 0x27b8 | g_bus_get_sync ();
| do {
| label_1:
0x00005e72 mov r0, r5 | r0 = r5;
0x00005e74 blx 0x26b8 | fcn_000026b8 ();
0x00005e78 adds r0, 1 | r0++;
| if (r0 != 1) {
0x00005e7a bne 0x5ebc | goto label_2;
| }
0x00005e7c ldr.w r0, [sl] | r0 = *(sl);
0x00005e80 blx 0x2810 | fcn_00002810 ();
0x00005e84 ldr r1, [pc, 0xc0] |
0x00005e86 mov r2, r0 | r2 = r0;
0x00005e88 movs r0, 3 | r0 = 3;
0x00005e8a add r1, pc |
0x00005e8c add.w r1, r1, 0x190 | r1 = 0xbf66;
0x00005e90 bl 0x48c4 | fcn_000048c4 (r0);
0x00005e94 b 0x5ebc | goto label_2;
| label_6:
0x00005e96 blx 0x24d8 | fcn_000024d8 ();
0x00005e9a ldr.w r6, [sl] | r6 = *(sl);
0x00005e9e mov r4, r0 | r4 = r0;
0x00005ea0 mov r0, r6 | r0 = r6;
0x00005ea2 blx 0x2810 | fcn_00002810 ();
0x00005ea6 mov r2, r6 | r2 = r6;
0x00005ea8 mov r3, r0 | r3 = r0;
0x00005eaa mov r1, r4 | r1 = r4;
0x00005eac mov r0, sb | r0 = sb;
0x00005eae blx 0x27b8 | g_bus_get_sync ();
0x00005eb2 movs r3, 0 | r3 = 0;
0x00005eb4 str.w r3, [sl] | __asm ("str.w r3, [sl]");
0x00005eb8 adds r3, r5, 1 | r3 = r5 + 1;
0x00005eba bne 0x5e72 |
| } while (r3 != r5);
| label_2:
0x00005ebc movs r0, 0 | r0 = 0;
| do {
0x00005ebe add sp, 8 |
0x00005ec0 pop.w {r4, r5, r6, r8, sb, sl, fp, pc} |
| label_3:
0x00005ec4 ldr r1, [pc, 0x84] |
0x00005ec6 movw r2, 0x1cb | r2 = 0x1cb;
0x00005eca add r1, pc | r1 = 0xbe1a;
0x00005ecc add.w r4, r1, 0x168 | r4 = r1 + 0x168;
0x00005ed0 add.w r3, r1, 0x148 | r3 = r1 + 0x148;
0x00005ed4 str r4, [sp] | *(sp) = r4;
0x00005ed6 adds r1, 0x74 | r1 += 0x74;
0x00005ed8 blx 0x24f0 | fcn_000024f0 ();
| label_5:
0x00005edc mov r0, r1 | r0 = r1;
0x00005ede blx 0x25c4 | fcn_000025c4 ();
0x00005ee2 mov r3, r6 | r3 = r6;
0x00005ee4 mov r2, r0 | r2 = r0;
0x00005ee6 mov r1, r4 | r1 = r4;
0x00005ee8 mov r0, r5 | r0 = r5;
0x00005eea str.w sb, [sp, 0x28] | __asm ("str.w sb, [arg_28h]");
0x00005eee add sp, 8 |
0x00005ef0 pop.w {r4, r5, r6, r8, sb, sl, fp, lr} |
0x00005ef4 b.w 0x25e8 | goto label_0;
| label_4:
0x00005ef8 ldr r1, [pc, 0x54] |
0x00005efa mov r0, r4 | r0 = r4;
0x00005efc mov.w r2, 0x1cc | r2 = 0x1cc;
0x00005f00 add r1, pc | r1 = 0xbe54;
0x00005f02 add.w r4, r1, 0x178 | r4 = r1 + 0x178;
0x00005f06 add.w r3, r1, 0x148 | r3 = r1 + 0x148;
0x00005f0a str r4, [sp] | *(sp) = r4;
0x00005f0c adds r1, 0x74 | r1 += 0x74;
0x00005f0e blx 0x24f0 | fcn_000024f0 ();
| label_8:
0x00005f12 movs r0, 1 | r0 = 1;
0x00005f14 b 0x5ebe |
| } while (1);
| label_7:
0x00005f16 blx 0x24d8 | fcn_000024d8 ();
0x00005f1a ldr.w fp, [sl] | fp = *(sl);
0x00005f1e mov r4, r0 | r4 = r0;
0x00005f20 mov r0, fp | r0 = fp;
0x00005f22 blx 0x2810 | fcn_00002810 ();
0x00005f26 mov r2, fp | r2 = fp;
0x00005f28 mov r3, r0 | r3 = r0;
0x00005f2a mov r1, r4 | r1 = r4;
0x00005f2c mov r0, sb | r0 = sb;
0x00005f2e blx 0x27b8 | g_bus_get_sync ();
0x00005f32 mov r0, r6 | r0 = r6;
0x00005f34 str.w r8, [sl] | __asm ("str.w r8, [sl]");
0x00005f38 blx 0x23e0 | r0 = system (r0)
0x00005f3c cmp r0, 0 |
| if (r0 != 0) {
0x00005f3e bne 0x5e72 | goto label_1;
| }
0x00005f40 b 0x5ebc | goto label_2;
| }
[*] Function system used 3 times netd_migrate
