[*] Binary protection state of ble_advertise

  
  	Full RELRO     Canary found      NX disabled  No PIE       No RPATH     No RUNPATH   No Symbols


[*] Function strcat tear down of ble_advertise

    ; assembly                                   | /* r2dec pseudo code output */
                                                 | /* /logs/firmware/patool_extraction/DUMP/mtdblock8_unblob_extracted/mtdblock8_extract/0-9650176.squashfs_v4_le_extract/sbin/ble_advertise @ 0x403188 */
                                                 | #include <stdint.h>
                                                 |  
    ; (fcn) sym.generic_run_cmd_char_ ()         | void generic_run_cmd_char_ () {
                                                 |     /* generic_run_cmd(char*) */
    0x00403188 lui gp, 2                         |     
    0x0040318c addiu gp, gp, -0x5168             |     
    0x00403190 addu gp, gp, t9                   |     gp += t9;
    0x00403194 addiu sp, sp, -0x78               |     
    0x00403198 sw ra, 0x74(sp)                   |     *(var_74h) = ra;
    0x0040319c sw fp, 0x70(sp)                   |     *(var_70h) = fp;
    0x004031a0 move fp, sp                       |     fp = sp;
    0x004031a4 sw gp, 0x10(sp)                   |     *(var_10h) = gp;
    0x004031a8 sw a0, 0x1c(fp)                   |     *(arg_1ch) = a0;
    0x004031ac lw t8, -0x7ec8(gp)                |     t8 = *((gp - 8114));
    0x004031b0 lw t8, (t8)                       |     t8 = *(t8);
    0x004031b4 sw t8, 0x6c(fp)                   |     *(arg_6ch) = t8;
    0x004031b8 addiu v0, fp, 0x2c                |     v0 = fp + 0x2c;
    0x004031bc addiu t8, zero, 0x40              |     t8 = 0x40;
    0x004031c0 move a0, v0                       |     a0 = v0;
    0x004031c4 move a1, zero                     |     a1 = 0;
    0x004031c8 move a2, t8                       |     a2 = t8;
    0x004031cc lw t8, -0x7f34(gp)                |     t8 = sym.imp.memset;
    0x004031d0 move t9, t8                       |     t9 = t8;
    0x004031d4 jalr t9                           |     t9 ();
    0x004031d8 nop                               |     
    0x004031dc lw gp, 0x10(fp)                   |     gp = *(arg_10h);
    0x004031e0 sw zero, 0x24(fp)                 |     *(arg_24h) = 0;
    0x004031e4 sw zero, 0x28(fp)                 |     *(arg_28h) = 0;
    0x004031e8 lw t8, 0x1c(fp)                   |     t8 = *(arg_1ch);
                                                 |     if (t8 == 0) {
    0x004031ec bnez t8, 0x403200                 |         
    0x004031f0 nop                               |         
    0x004031f4 move t8, zero                     |         t8 = 0;
    0x004031f8 b 0x4032f4                        |         goto label_0;
    0x004031fc nop                               |         
                                                 |     }
    0x00403200 lw a0, 0x1c(fp)                   |     a0 = *(arg_1ch);
    0x00403204 lw t8, -0x7fdc(gp)                |     t8 = *(gp);
    0x00403208 addiu a1, t8, 0x4f1c              |     a1 = t8 + 0x4f1c;
    0x0040320c lw t8, -0x7f74(gp)                |     t8 = sym.imp.popen;
    0x00403210 move t9, t8                       |     t9 = t8;
    0x00403214 jalr t9                           |     t9 ();
    0x00403218 nop                               |     
    0x0040321c lw gp, 0x10(fp)                   |     gp = *(arg_10h);
    0x00403220 move t8, v0                       |     t8 = v0;
    0x00403224 sw t8, 0x28(fp)                   |     *(arg_28h) = t8;
    0x00403228 lw t8, 0x28(fp)                   |     t8 = *(arg_28h);
                                                 |     if (t8 == 0) {
    0x0040322c bnez t8, 0x403240                 |         
    0x00403230 nop                               |         
    0x00403234 move t8, zero                     |         t8 = 0;
    0x00403238 b 0x4032f4                        |         goto label_0;
    0x0040323c nop                               |         
                                                 |     }
    0x00403240 b 0x4032a0                        |     goto label_1;
    0x00403244 nop                               |     
                                                 |     do {
    0x00403248 lw t8, 0x24(fp)                   |         t8 = *(arg_24h);
                                                 |         if (t8 == 0) {
    0x0040324c bnez t8, 0x403280                 |             
    0x00403250 nop                               |             
    0x00403254 addiu t8, fp, 0x2c                |             t8 = fp + 0x2c;
    0x00403258 move a0, t8                       |             a0 = t8;
    0x0040325c lw t8, -0x7f78(gp)                |             t8 = sym.imp.strdup;
    0x00403260 move t9, t8                       |             t9 = t8;
    0x00403264 jalr t9                           |             t9 ();
    0x00403268 nop                               |             
    0x0040326c lw gp, 0x10(fp)                   |             gp = *(arg_10h);
    0x00403270 move t8, v0                       |             t8 = v0;
    0x00403274 sw t8, 0x24(fp)                   |             *(arg_24h) = t8;
    0x00403278 b 0x4032a0                        |             goto label_1;
    0x0040327c nop                               |             
                                                 |         }
    0x00403280 addiu t8, fp, 0x2c                |         t8 = fp + 0x2c;
    0x00403284 lw a0, 0x24(fp)                   |         a0 = *(arg_24h);
    0x00403288 move a1, t8                       |         a1 = t8;
    0x0040328c lw t8, -0x7edc(gp)                |         t8 = sym.imp.strcat
    0x00403290 move t9, t8                       |         t9 = t8;
    0x00403294 jalr t9                           |         t9 ();
    0x00403298 nop                               |         
    0x0040329c lw gp, 0x10(fp)                   |         gp = *(arg_10h);
                                                 | label_1:
    0x004032a0 addiu t8, fp, 0x2c                |         t8 = fp + 0x2c;
    0x004032a4 move a0, t8                       |         a0 = t8;
    0x004032a8 addiu a1, zero, 0x40              |         a1 = 0x40;
    0x004032ac lw a2, 0x28(fp)                   |         a2 = *(arg_28h);
    0x004032b0 lw t8, -0x7f28(gp)                |         t8 = sym.imp.fgets;
    0x004032b4 move t9, t8                       |         t9 = t8;
    0x004032b8 jalr t9                           |         t9 ();
    0x004032bc nop                               |         
    0x004032c0 lw gp, 0x10(fp)                   |         gp = *(arg_10h);
    0x004032c4 move t8, v0                       |         t8 = v0;
    0x004032c8 sltu t8, zero, t8                 |         t8 = (0 < t8) ? 1 : 0;
    0x004032cc andi t8, t8, 0xff                 |         t8 &= 0xff;
    0x004032d0 bnez t8, 0x403248                 |         
                                                 |     } while (t8 != 0);
    0x004032d4 nop                               |     
    0x004032d8 lw a0, 0x28(fp)                   |     a0 = *(arg_28h);
    0x004032dc lw t8, -0x7f04(gp)                |     t8 = sym.imp.pclose;
    0x004032e0 move t9, t8                       |     t9 = t8;
    0x004032e4 jalr t9                           |     t9 ();
    0x004032e8 nop                               |     
    0x004032ec lw gp, 0x10(fp)                   |     gp = *(arg_10h);
    0x004032f0 lw t8, 0x24(fp)                   |     t8 = *(arg_24h);
                                                 | label_0:
    0x004032f4 move v0, t8                       |     v0 = t8;
    0x004032f8 lw t8, -0x7ec8(gp)                |     t8 = *((gp - 8114));
    0x004032fc lw v1, 0x6c(fp)                   |     v1 = *(arg_6ch);
    0x00403300 lw t8, (t8)                       |     t8 = *(t8);
                                                 |     if (v1 != t8) {
    0x00403304 beq v1, t8, 0x40331c              |         
    0x00403308 nop                               |         
    0x0040330c lw t8, -0x7f0c(gp)                |         t8 = sym.imp.__stack_chk_fail;
    0x00403310 move t9, t8                       |         t9 = t8;
    0x00403314 jalr t9                           |         t9 ();
    0x00403318 nop                               |         
                                                 |     }
    0x0040331c move sp, fp                       |     
    0x00403320 lw ra, 0x74(sp)                   |     ra = *(var_74h);
    0x00403324 lw fp, 0x70(sp)                   |     fp = *(var_70h);
    0x00403328 addiu sp, sp, 0x78                |     
    0x0040332c jr ra                             |     return v1;
    0x00403330 nop                               |     
                                                 | }

[*] Function strcat used 2 times ble_advertise