[*] Binary protection state of liblldpctl.so.4.9.1
Full RELRO Canary found NX enabled DSO No RPATH No RUNPATH No Symbols
[*] Function fprintf tear down of liblldpctl.so.4.9.1
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/lib/liblldpctl.so.4.9.1 @ 0x6d78 */
| #include <stdint.h>
|
; (fcn) fcn.00006d78 () | void fcn_00006d78 (int16_t arg1) {
| int16_t var_0h_7;
| int16_t var_8h;
| r0 = arg1;
0x00006d78 stcpl p4, c15, [r0], {0x4f} | __asm ("stcpl p4, c15, [r0], {0x4f}");
0x00006d7c push {r1, r2, r3} |
0x00006d7e push {r4, r5, r6, r7, lr} |
0x00006d80 sub.w ip, sp, ip |
0x00006d84 str.w r0, [ip, 0xfd4] | __asm ("str.w r0, [ip, 0xfd4]");
0x00006d88 ldr r2, [pc, 0xac] |
0x00006d8a sub sp, 0x18 |
0x00006d8c ldr r3, [pc, 0xac] | r3 = *(0x6e3c);
0x00006d8e add r7, sp, 8 | r7 += var_8h;
0x00006d90 add r2, pc | r2 = 0xdbcc;
0x00006d92 ldr r6, [r7, 0x24] | r6 = *((r7 + 0x24));
0x00006d94 ldr r3, [r2, r3] |
0x00006d96 ldr r3, [r3] | r3 = *(0xdbcc);
0x00006d98 str r3, [r7, 0xc] | *((r7 + 0xc)) = r3;
0x00006d9a mov.w r3, 0 | r3 = 0;
0x00006d9e cmp r6, 0 |
| if (r6 == 0) {
0x00006da0 beq 0x6e1c | goto label_1;
| }
0x00006da2 add.w r3, r7, 0x28 | r3 = r7 + 0x28;
0x00006da6 mov r5, r0 | r5 = r0;
0x00006da8 str r3, [r7, 8] | *((r7 + 8)) = r3;
0x00006daa blx 0x24fc | r0 = fcn_000024fc ();
0x00006dae mov r4, r0 | r4 = r0;
0x00006db0 ldr r0, [r0] | r0 = *(r0);
0x00006db2 blx 0x248c | vfprintf_chk ()
0x00006db6 ldr r2, [pc, 0x88] |
0x00006db8 mov r3, r6 | r3 = r6;
0x00006dba str r0, [sp] | *(sp) = r0;
0x00006dbc movs r1, 1 | r1 = 1;
0x00006dbe adds r0, r7, 4 | r0 = r7 + 4;
0x00006dc0 add r2, pc | r2 = 0xdc06;
0x00006dc2 blx 0x2474 | strerror (r0);
0x00006dc6 adds r0, 1 | r0++;
| if (r0 == 1) {
0x00006dc8 beq 0x6dfc | goto label_2;
| }
0x00006dca movs r0, 4 | r0 = 4;
0x00006dcc ldrd r2, r3, [r7, 4] | __asm ("ldrd r2, r3, [r7, 4]");
0x00006dd0 mov r1, r5 | r1 = r5;
0x00006dd2 bl 0x6a4c | fcn_00006a4c (r0, r1, r2, r3);
0x00006dd6 ldr r0, [r7, 4] | r0 = *((r7 + 4));
0x00006dd8 blx 0x23b0 | fcn_000023b0 ();
| do {
| label_0:
0x00006ddc ldr r2, [pc, 0x64] |
0x00006dde ldr r3, [pc, 0x5c] | r3 = *(0x6e3e);
0x00006de0 add r2, pc | r2 = 0xdc28;
0x00006de2 ldr r3, [r2, r3] | r3 = *(0xdc28);
0x00006de4 ldr r2, [r3] | r2 = *(0xdc28);
0x00006de6 ldr r3, [r7, 0xc] | r3 = *((r7 + 0xc));
0x00006de8 eors r2, r3 | r2 ^= r3;
0x00006dea mov.w r3, 0 | r3 = 0;
| if (r2 != r3) {
0x00006dee bne 0x6e34 | goto label_3;
| }
0x00006df0 adds r7, 0x10 | r7 += 0x10;
0x00006df2 mov sp, r7 |
0x00006df4 pop.w {r4, r5, r6, r7, lr} |
0x00006df8 add sp, 0xc |
0x00006dfa bx lr | return;
| label_2:
0x00006dfc mov r1, r5 | r1 = r5;
0x00006dfe mov r2, r6 | r2 = r6;
0x00006e00 ldr r3, [r7, 8] | r3 = *((r7 + 8));
0x00006e02 movs r0, 4 | r0 = 4;
0x00006e04 bl 0x6a4c | fcn_00006a4c (r0, r1, r2, r3);
0x00006e08 ldr r0, [r4] | r0 = *(r4);
0x00006e0a blx 0x248c | vfprintf_chk ()
0x00006e0e ldr r1, [pc, 0x38] |
0x00006e10 mov r2, r0 | r2 = r0;
0x00006e12 movs r0, 4 | r0 = 4;
0x00006e14 add r1, pc | r1 = 0xdc62;
0x00006e16 bl 0x6c64 | fcn_00006c64 (r0, r1);
0x00006e1a b 0x6ddc |
| } while (1);
| label_1:
0x00006e1c blx 0x24fc | r0 = fcn_000024fc ();
0x00006e20 ldr r0, [r0] | r0 = *(r0);
0x00006e22 blx 0x248c | vfprintf_chk ()
0x00006e26 ldr r1, [pc, 0x24] |
0x00006e28 mov r2, r0 | r2 = r0;
0x00006e2a movs r0, 4 | r0 = 4;
0x00006e2c add r1, pc | r1 = 0xdc7e;
0x00006e2e bl 0x6c64 | fcn_00006c64 (r0, r1);
0x00006e32 b 0x6ddc | goto label_0;
| label_3:
0x00006e34 blx 0x23f0 | unlink (r0);
0x00006e38 strh r4, [r4, 8] | *((r4 + 8)) = r4;
0x00006e3a movs r0, r0 |
0x00006e3c lsls r4, r0, 4 | r4 = r0 << 4;
0x00006e3e movs r0, r0 |
0x00006e40 ldrh r4, [r6, r3] | r4 = *((r6 + r3));
0x00006e42 movs r0, r0 |
0x00006e44 strh r4, [r2, 6] | *((r2 + 6)) = r4;
0x00006e46 movs r0, r0 |
0x00006e48 ldrh r4, [r4, r2] | r4 = *((r4 + r2));
0x00006e4a movs r0, r0 |
0x00006e4c ldrh r4, [r1, r2] | r4 = *((r1 + r2));
0x00006e4e movs r0, r0 |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/rootfs.img_unblob_extracted/rootfs.img_extract/0-80367616.squashfs_v4_le_extract/usr/lib/liblldpctl.so.4.9.1 @ 0x6f44 */
| #include <stdint.h>
|
; (fcn) fcn.00006f44 () | void fcn_00006f44 (int16_t arg_3e0h, int16_t arg1) {
| int16_t var_0h_5;
| int16_t var_0h;
| int16_t var_0h_6;
| int16_t var_8h_2;
| r0 = arg1;
0x00006f44 stcpl p4, c15, [r0], {0x4f} | __asm ("stcpl p4, c15, [r0], {0x4f}");
0x00006f48 push {r1, r2, r3} |
0x00006f4a push.w {r4, r5, r6, r7, r8, lr} |
0x00006f4e sub.w ip, sp, ip |
0x00006f52 str.w r0, [ip, 0xfdc] | __asm ("str.w r0, [ip, 0xfdc]");
0x00006f56 ldr r2, [pc, 0x80] |
0x00006f58 sub sp, 0xc |
0x00006f5a ldr r3, [pc, 0x80] | r3 = *(0x6fde);
0x00006f5c ldr r5, [pc, 0x80] |
0x00006f5e add r7, sp, 0 | r7 += var_0h_5;
0x00006f60 add r2, pc | r2 = 0xdf3e;
0x00006f62 ldr.w r8, [r7, 0x24] | r8 = *((r7 + 0x24));
0x00006f64 strh r4, [r4] | *(r4) = r4;
0x00006f66 ldr r3, [r2, r3] |
0x00006f68 mov r6, r0 | r6 = r0;
0x00006f6a add r5, pc | r5 = 0xdf4e;
0x00006f6c ldr r3, [r3] | r3 = *(0xdf3e);
0x00006f6e str r3, [r7, 4] | *((r7 + 4)) = r3;
0x00006f70 mov.w r3, 0 | r3 = 0;
0x00006f72 lsls r0, r0, 0xc | r0 <<= 0xc;
0x00006f74 ldr r3, [r5, 8] | r3 = *(0xdf56);
0x00006f76 cmp r3, 1 |
| if (r3 <= 1) {
0x00006f78 ble 0x6f9a | goto label_3;
| }
0x00006f7a ldr r3, [r5, 0x10] | r3 = *((r5 + 0x10));
| if (r3 == 0) {
0x00006f7c cbz r3, 0x6fa2 | goto label_4;
| }
0x00006f7e add.w r4, r5, 0x10 | r4 = r5 + 0x10;
0x00006f82 adds r5, 0xb0 | r5 += 0xb0;
0x00006f84 b 0x6f92 |
| while (r0 != 0) {
0x00006f86 mov r1, r6 | r1 = r6;
0x00006f88 blx 0x2358 | r0 = fcn_00002358 ();
| if (r0 == 0) {
0x00006f8c cbz r0, 0x6fa2 | goto label_4;
| }
0x00006f8e cmp r4, r5 |
| if (r4 == r5) {
0x00006f90 beq 0x6f9a | goto label_3;
| }
0x00006f92 ldr r0, [r4], 4 | r0 = *(r4);
| r4 += 4;
0x00006f96 cmp r0, 0 |
0x00006f98 bne 0x6f86 |
| }
| label_3:
0x00006f9a ldr r3, [pc, 0x48] |
0x00006f9c add r3, pc |
0x00006f9e ldr r3, [r3] | r3 = *(0xdf86);
| if (r3 != 0) {
0x00006fa0 cbz r3, 0x6fb2 |
| label_4:
0x00006fa2 add.w r3, r7, 0x28 | r3 = r7 + 0x28;
0x00006fa6 mov r2, r8 | r2 = r8;
0x00006fa8 mov r1, r6 | r1 = r6;
0x00006faa movs r0, 7 | r0 = 7;
0x00006fac str r3, [r7] | *(r7) = r3;
0x00006fae bl 0x6a4c | fcn_00006a4c (r0, r1, r2, r3);
| }
0x00006fb2 ldr r2, [pc, 0x34] |
0x00006fb4 ldr r3, [pc, 0x24] | r3 = *(0x6fdc);
0x00006fb6 add r2, pc | r2 = 0xdfa4;
0x00006fb8 ldr r3, [r2, r3] | r3 = *(0xdfa4);
0x00006fba ldr r2, [r3] | r2 = *(0xdfa4);
0x00006fbc ldr r3, [r7, 4] | r3 = *((r7 + 4));
0x00006fbe eors r2, r3 | r2 ^= r3;
0x00006fc0 mov.w r3, 0 | r3 = 0;
| if (r2 == r3) {
0x00006fc4 bne 0x6fd2 |
0x00006fc6 adds r7, 0xc | r7 += 0xc;
0x00006fc8 mov sp, r7 |
0x00006fca pop.w {r4, r5, r6, r7, r8, lr} |
0x00006fce add sp, 0xc |
0x00006fd0 bx lr | return;
| }
0x00006fd2 blx 0x23f0 | unlink (r0);
0x00006fd6 nop |
0x00006fd8 ldrb r4, [r2, 0x1d] | r4 = *((r2 + 0x1d));
0x00006fda movs r0, r0 |
0x00006fdc lsls r4, r0, 4 | r4 = r0 << 4;
0x00006fde movs r0, r0 |
0x00006fe0 str r1, [sp, 0xa8] | var_0h = r1;
0x00006fe2 movs r0, r0 |
0x00006fe4 str r0, [sp, 0x3e0] | *(arg_3e0h) = r0;
0x00006fe6 movs r0, r0 |
0x00006fe8 ldrb r6, [r7, 0x1b] | r6 = *((r7 + 0x1b));
0x00006fea movs r0, r0 |
0x00006fec mov.w ip, 0x1000 |
0x00006ff0 push {r4, r5, r6, r7, lr} |
0x00006ff2 sub.w ip, sp, ip |
0x00006ff6 str.w r0, [ip, 0xfe0] | __asm ("str.w r0, [ip, 0xfe0]");
0x00006ffa sub sp, 0xc |
0x00006ffc mov r5, r1 | r5 = r1;
0x00006ffe add r7, sp, 8 | r7 += var_8h_2;
0x00007000 mov r4, r0 | r4 = r0;
0x00007002 blx 0x24fc | r0 = fcn_000024fc ();
0x00007006 ldr r0, [r0] | r0 = *(r0);
| if (r5 == 0) {
0x00007008 cbz r5, 0x703c | goto label_5;
| }
| if (r0 != 0) {
0x0000700a cbnz r0, 0x7022 | goto label_6;
| }
| if (r4 == 0) {
0x0000700c cbz r4, 0x7052 | goto label_7;
| }
| label_1:
0x0000700e ldr r2, [pc, 0x54] |
0x00007010 mov r3, r5 | r3 = r5;
0x00007012 mov r1, r4 | r1 = r4;
0x00007014 movs r0, 2 | r0 = 2;
0x00007016 add r2, pc | r2 = 0xe080;
0x00007018 bl 0x6c64 | fcn_00006c64 (r0, r1);
| do {
| label_0:
0x0000701c movs r0, 1 | r0 = 1;
0x0000701e blx 0x24d8 | fcn_000024d8 ();
| if (r4 == 0) {
| label_6:
0x00007022 cbz r4, 0x7058 | goto label_8;
| }
| label_2:
0x00007024 blx 0x248c | vfprintf_chk ()
0x00007028 ldr r2, [pc, 0x3c] |
0x0000702a mov r6, r0 | r6 = r0;
0x0000702c mov r3, r5 | r3 = r5;
0x0000702e mov r1, r4 | r1 = r4;
0x00007030 movs r0, 2 | r0 = 2;
0x00007032 str r6, [sp] | *(sp) = r6;
0x00007034 add r2, pc | r2 = 0xe0a0;
0x00007036 bl 0x6c64 | fcn_00006c64 (r0, r1);
0x0000703a b 0x701c |
| } while (1);
| label_5:
0x0000703c cbz r4, 0x705e |
| while (1) {
0x0000703e blx 0x248c | vfprintf_chk ()
0x00007042 ldr r2, [pc, 0x28] |
0x00007044 mov r3, r0 | r3 = r0;
0x00007046 mov r1, r4 | r1 = r4;
0x00007048 movs r0, 2 | r0 = 2;
0x0000704a add r2, pc | r2 = 0xe0bc;
0x0000704c bl 0x6c64 | fcn_00006c64 (r0, r1);
0x00007050 b 0x701c | goto label_0;
| label_7:
0x00007052 ldr r4, [pc, 0x1c] |
0x00007054 add r4, pc | r4 = 0xe0ca;
0x00007056 b 0x700e | goto label_1;
| label_8:
0x00007058 ldr r4, [pc, 0x18] |
0x0000705a add r4, pc | r4 = 0xe0d2;
0x0000705c b 0x7024 | goto label_2;
0x0000705e ldr r4, [pc, 0x18] |
0x00007060 add r4, pc | r4 = 0xe0de;
0x00007062 b 0x703e |
| }
| }
[*] Function fprintf used 6 times liblldpctl.so.4.9.1
