[*] Binary protection state of ifplugd_event
Full RELRO Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function fprintf tear down of ifplugd_event
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/DUMP/mtdblock8_unblob_extracted/mtdblock8_extract/0-9650176.squashfs_v4_le_extract/sbin/ifplugd_event @ 0x401730 */
| #include <stdint.h>
|
; (fcn) sym.sendCmd_char_const__unsigned_int__unsigned_int__unsigned_int_ () | void sendCmd_char_const_unsigned_int_unsigned_int_unsigned_int_ () {
| /* sendCmd(char const*, unsigned int, unsigned int, unsigned int) */
0x00401730 lui gp, 2 |
0x00401734 addiu gp, gp, -0x6710 |
0x00401738 addu gp, gp, t9 | gp += t9;
0x0040173c addiu sp, sp, -0xf0 |
0x00401740 sw ra, 0xec(sp) | *(var_ech) = ra;
0x00401744 sw fp, 0xe8(sp) | *(var_e8h) = fp;
0x00401748 sw s0, 0xe4(sp) | *(var_e4h) = s0;
0x0040174c move fp, sp | fp = sp;
0x00401750 sw gp, 0x18(sp) | *(var_18h) = gp;
0x00401754 sw a0, 0x2c(fp) | *(arg_2ch) = a0;
0x00401758 sw a1, 0x28(fp) | *(arg_28h) = a1;
0x0040175c sw a2, 0x24(fp) | *(arg_24h) = a2;
0x00401760 sw a3, 0x20(fp) | *(arg_20h) = a3;
0x00401764 lw t8, -0x7f00(gp) | t8 = *((gp - 8128));
0x00401768 lw t8, (t8) | t8 = *(t8);
0x0040176c sw t8, 0xdc(fp) | *(arg_dch) = t8;
0x00401770 addiu t8, fp, 0x38 | t8 = fp + 0x38;
0x00401774 move a0, t8 | a0 = t8;
0x00401778 lw t8, -0x7fd8(gp) | t8 = *(gp);
0x0040177c move t9, t8 | t9 = t8;
0x00401780 jalr t9 | t9 ();
0x00401784 nop |
0x00401788 lw gp, 0x18(fp) | gp = *(arg_18h);
0x0040178c lw t8, 0x28(fp) | t8 = *(arg_28h);
0x00401790 sw t8, 0x44(fp) | *(arg_44h) = t8;
0x00401794 lw t8, 0x24(fp) | t8 = *(arg_24h);
0x00401798 sw t8, 0x48(fp) | *(arg_48h) = t8;
0x0040179c lw t8, 0x20(fp) | t8 = *(arg_20h);
0x004017a0 sw t8, 0x4c(fp) | *(arg_4ch) = t8;
0x004017a4 addiu v0, fp, 0x38 | v0 = fp + 0x38;
0x004017a8 addiu t8, fp, 0x44 | t8 = fp + 0x44;
0x004017ac addiu v1, fp, 0x50 | v1 = fp + 0x50;
0x004017b0 sw v1, 0x10(sp) | *(var_10h) = v1;
0x004017b4 addiu v1, zero, 0x8c | v1 = 0x8c;
0x004017b8 sw v1, 0x14(sp) | *(var_14h) = v1;
0x004017bc move a0, v0 | a0 = v0;
0x004017c0 lw a1, 0x2c(fp) | a1 = *(arg_2ch);
0x004017c4 move a2, t8 | a2 = t8;
0x004017c8 addiu a3, zero, 0xc | a3 = 0xc;
0x004017cc lw t8, -0x7f40(gp) | t8 = *(gp);
0x004017d0 move t9, t8 | t9 = t8;
0x004017d4 jalr t9 | t9 ();
0x004017d8 nop |
0x004017dc lw gp, 0x18(fp) | gp = *(arg_18h);
0x004017e0 move t8, v0 | t8 = v0;
0x004017e4 sw t8, 0x34(fp) | *(arg_34h) = t8;
0x004017e8 lw t8, 0x34(fp) | t8 = *(arg_34h);
| if (t8 < 0) {
0x004017ec bgez t8, 0x40182c |
0x004017f0 nop |
0x004017f4 lw t8, -0x7f58(gp) | t8 = *((gp - 8150));
0x004017f8 lw t8, (t8) | t8 = *(t8);
0x004017fc move a0, t8 | a0 = t8;
0x00401800 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str.OOPS___sendCmd_return__d_n */
0x00401804 addiu a1, t8, 0x25e4 | a1 = t8 + 0x25e4;
0x00401808 lw a2, 0x34(fp) | a2 = *(arg_34h);
0x0040180c lw t8, -0x7f70(gp) | t8 = sym.imp.fprintf
0x00401810 move t9, t8 | t9 = t8;
0x00401814 jalr t9 | t9 ();
0x00401818 nop |
0x0040181c lw gp, 0x18(fp) | gp = *(arg_18h);
0x00401820 lw s0, 0x34(fp) | s0 = *(arg_34h);
0x00401824 b 0x40189c | goto label_0;
0x00401828 nop |
| }
0x0040182c lw t8, 0x50(fp) | t8 = *(arg_50h);
| if (t8 != 0) {
0x00401830 beqz t8, 0x401874 |
0x00401834 nop |
0x00401838 lw t8, -0x7f58(gp) | t8 = *((gp - 8150));
0x0040183c lw v0, (t8) | v0 = *(t8);
0x00401840 lw t8, 0x50(fp) | t8 = *(arg_50h);
0x00401844 move a0, v0 | a0 = v0;
0x00401848 lw v0, -0x7fdc(gp) | v0 = *(gp);
| /* str.OOPS___sendCmd_result__d_n */
0x0040184c addiu a1, v0, 0x2600 | a1 = v0 + 0x2600;
0x00401850 move a2, t8 | a2 = t8;
0x00401854 lw t8, -0x7f70(gp) | t8 = sym.imp.fprintf
0x00401858 move t9, t8 | t9 = t8;
0x0040185c jalr t9 | t9 ();
0x00401860 nop |
0x00401864 lw gp, 0x18(fp) | gp = *(arg_18h);
0x00401868 addiu s0, zero, -1 | s0 = -1;
0x0040186c b 0x40189c | goto label_0;
0x00401870 nop |
| }
0x00401874 lw t8, 0x54(fp) | t8 = *(arg_54h);
0x00401878 lw v0, -0x7fdc(gp) | v0 = *(gp);
| /* str.sendCmd_:__d_n */
0x0040187c addiu a0, v0, 0x261c | a0 = v0 + 0x261c;
0x00401880 move a1, t8 | a1 = t8;
0x00401884 lw t8, -0x7f7c(gp) | t8 = sym.imp.printf;
0x00401888 move t9, t8 | t9 = t8;
0x0040188c jalr t9 | t9 ();
0x00401890 nop |
0x00401894 lw gp, 0x18(fp) | gp = *(arg_18h);
0x00401898 lw s0, 0x34(fp) | s0 = *(arg_34h);
| label_0:
0x0040189c addiu t8, fp, 0x38 | t8 = fp + 0x38;
0x004018a0 move a0, t8 | a0 = t8;
0x004018a4 lw t8, -0x7fd4(gp) | t8 = *(gp);
0x004018a8 move t9, t8 | t9 = t8;
0x004018ac jalr t9 | t9 ();
0x004018b0 nop |
0x004018b4 lw gp, 0x18(fp) | gp = *(arg_18h);
0x004018b8 move t8, s0 | t8 = s0;
0x004018bc move v0, t8 | v0 = t8;
0x004018c0 lw t8, -0x7f00(gp) | t8 = *((gp - 8128));
0x004018c4 lw v1, 0xdc(fp) | v1 = *(arg_dch);
0x004018c8 lw t8, (t8) | t8 = *(t8);
| if (v1 != t8) {
0x004018cc beq v1, t8, 0x401928 |
0x004018d0 nop |
0x004018d4 b 0x401918 | goto label_1;
0x004018d8 nop |
| label_1:
0x00401918 lw t8, -0x7f54(gp) | t8 = sym.imp.__stack_chk_fail;
0x0040191c move t9, t8 | t9 = t8;
0x00401920 jalr t9 | t9 ();
0x00401924 nop |
| }
0x00401928 move sp, fp |
0x0040192c lw ra, 0xec(sp) | ra = *(var_ech);
0x00401930 lw fp, 0xe8(sp) | fp = *(var_e8h);
0x00401934 lw s0, 0xe4(sp) | s0 = *(var_e4h);
0x00401938 addiu sp, sp, 0xf0 |
0x0040193c jr ra | return v1;
0x00401940 nop |
| }
[*] Function fprintf used 3 times ifplugd_event
