[*] Binary protection state of ifplugd_event
Full RELRO Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function printf tear down of ifplugd_event
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/DUMP/mtdblock8_unblob_extracted/mtdblock8_extract/0-9650176.squashfs_v4_le_extract/sbin/ifplugd_event @ 0x401340 */
| #include <stdint.h>
|
; (fcn) sym.create_pidfile_char_const_ () | void create_pidfile_char_const_ () {
| /* create_pidfile(char const*) */
0x00401340 lui gp, 2 |
0x00401344 addiu gp, gp, -0x6320 |
0x00401348 addu gp, gp, t9 | gp += t9;
0x0040134c addiu sp, sp, -0x80 |
0x00401350 sw ra, 0x7c(sp) | *(var_7ch) = ra;
0x00401354 sw fp, 0x78(sp) | *(var_78h) = fp;
0x00401358 move fp, sp | fp = sp;
0x0040135c sw gp, 0x10(sp) | *(var_10h) = gp;
0x00401360 sw a0, 0x1c(fp) | *(arg_1ch) = a0;
0x00401364 lw t8, -0x7f00(gp) | t8 = *((gp - 8128));
0x00401368 lw t8, (t8) | t8 = *(t8);
0x0040136c sw t8, 0x74(fp) | *(arg_74h) = t8;
0x00401370 lw a0, 0x1c(fp) | a0 = *(arg_1ch);
0x00401374 addiu a1, zero, 0x102 | a1 = 0x102;
0x00401378 addiu a2, zero, 0x1a4 | a2 = 0x1a4;
0x0040137c lw t8, -0x7f74(gp) | t8 = sym.imp.open64;
0x00401380 move t9, t8 | t9 = t8;
0x00401384 jalr t9 | t9 ();
0x00401388 nop |
0x0040138c lw gp, 0x10(fp) | gp = *(arg_10h);
0x00401390 move t8, v0 | t8 = v0;
0x00401394 sw t8, 0x24(fp) | *(arg_24h) = t8;
0x00401398 addiu t8, zero, -1 | t8 = -1;
0x0040139c sw t8, 0x20(fp) | *(arg_20h) = t8;
0x004013a0 lw t8, 0x24(fp) | t8 = *(arg_24h);
| if (t8 < 0) {
0x004013a4 bgez t8, 0x4013d0 |
0x004013a8 nop |
0x004013ac lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str.open */
0x004013b0 addiu a0, t8, 0x25a0 | a0 = t8 + 0x25a0;
0x004013b4 lw t8, -0x7f68(gp) | t8 = sym.imp.perror;
0x004013b8 move t9, t8 | t9 = t8;
0x004013bc jalr t9 | t9 ();
0x004013c0 nop |
0x004013c4 lw gp, 0x10(fp) | gp = *(arg_10h);
0x004013c8 b 0x40157c | goto label_0;
0x004013cc nop |
| }
0x004013d0 addiu t8, zero, 1 | t8 = 1;
0x004013d4 sh t8, 0x28(fp) | *(arg_28h) = t8;
0x004013d8 move t8, zero | t8 = 0;
0x004013dc move t9, zero | t9 = 0;
0x004013e0 sw t8, 0x30(fp) | *(arg_30h) = t8;
0x004013e4 sw t9, 0x34(fp) | *(arg_34h) = t9;
0x004013e8 sh zero, 0x2a(fp) | *(arg_2ah) = 0;
0x004013ec move t8, zero | t8 = 0;
0x004013f0 move t9, zero | t9 = 0;
0x004013f4 sw t8, 0x38(fp) | *(arg_38h) = t8;
0x004013f8 sw t9, 0x3c(fp) | *(arg_3ch) = t9;
0x004013fc addiu t8, fp, 0x28 | t8 = fp + 0x28;
0x00401400 lw a0, 0x24(fp) | a0 = *(arg_24h);
0x00401404 addiu a1, zero, 0x22 | a1 = 0x22;
0x00401408 move a2, t8 | a2 = t8;
0x0040140c lw t8, -0x7f04(gp) | t8 = sym.imp.fcntl64;
0x00401410 move t9, t8 | t9 = t8;
0x00401414 jalr t9 | t9 ();
0x00401418 nop |
0x0040141c lw gp, 0x10(fp) | gp = *(arg_10h);
0x00401420 move t8, v0 | t8 = v0;
0x00401424 srl t8, t8, 0x1f | t8 >>= 0x1f;
0x00401428 andi t8, t8, 0xff | t8 &= 0xff;
| if (t8 != 0) {
0x0040142c beqz t8, 0x4014d0 |
0x00401430 nop |
0x00401434 lw t8, -0x7efc(gp) | t8 = sym.imp.__errno_location;
0x00401438 move t9, t8 | t9 = t8;
0x0040143c jalr t9 | t9 ();
0x00401440 nop |
0x00401444 lw gp, 0x10(fp) | gp = *(arg_10h);
0x00401448 move t8, v0 | t8 = v0;
0x0040144c lw v0, (t8) | v0 = *(t8);
0x00401450 addiu t8, zero, 0xd | t8 = 0xd;
| if (v0 != t8) {
0x00401454 beq v0, t8, 0x401484 |
0x00401458 nop |
0x0040145c lw t8, -0x7efc(gp) | t8 = sym.imp.__errno_location;
0x00401460 move t9, t8 | t9 = t8;
0x00401464 jalr t9 | t9 ();
0x00401468 nop |
0x0040146c lw gp, 0x10(fp) | gp = *(arg_10h);
0x00401470 move t8, v0 | t8 = v0;
0x00401474 lw v0, (t8) | v0 = *(t8);
0x00401478 addiu t8, zero, 0xb | t8 = 0xb;
| if (v0 != t8) {
0x0040147c bne v0, t8, 0x4014a8 | goto label_1;
| }
0x00401480 nop |
| }
0x00401484 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str.Program_already_exists. */
0x00401488 addiu a0, t8, 0x25a8 | a0 = t8 + 0x25a8;
0x0040148c lw t8, -0x7f80(gp) | t8 = sym.imp.puts;
0x00401490 move t9, t8 | t9 = t8;
0x00401494 jalr t9 | t9 ();
0x00401498 nop |
0x0040149c lw gp, 0x10(fp) | gp = *(arg_10h);
0x004014a0 b 0x40157c | goto label_0;
0x004014a4 nop |
| label_1:
0x004014a8 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str.Unable_to_lock__s_n */
0x004014ac addiu a0, t8, 0x25c0 | a0 = t8 + 0x25c0;
0x004014b0 lw a1, 0x1c(fp) | a1 = *(arg_1ch);
0x004014b4 lw t8, -0x7f7c(gp) | t8 = sym.imp.printf
0x004014b8 move t9, t8 | t9 = t8;
0x004014bc jalr t9 | t9 ();
0x004014c0 nop |
0x004014c4 lw gp, 0x10(fp) | gp = *(arg_10h);
0x004014c8 b 0x40157c | goto label_0;
0x004014cc nop |
| }
0x004014d0 lw t8, -0x7f48(gp) | t8 = sym.imp.getpid;
0x004014d4 move t9, t8 | t9 = t8;
0x004014d8 jalr t9 | t9 ();
0x004014dc nop |
0x004014e0 lw gp, 0x10(fp) | gp = *(arg_10h);
0x004014e4 move t8, v0 | t8 = v0;
0x004014e8 addiu v0, fp, 0x4c | v0 = fp + 0x4c;
0x004014ec move a0, v0 | a0 = v0;
0x004014f0 addiu a1, zero, 0x28 | a1 = 0x28;
0x004014f4 lw v0, -0x7fdc(gp) | v0 = *(gp);
| /* str._ld_n */
0x004014f8 addiu a2, v0, 0x25d4 | a2 = v0 + 0x25d4;
0x004014fc move a3, t8 | a3 = t8;
0x00401500 lw t8, -0x7f38(gp) | t8 = sym.imp.snprintf
0x00401504 move t9, t8 | t9 = t8;
0x00401508 jalr t9 | t9 ();
0x0040150c nop |
0x00401510 lw gp, 0x10(fp) | gp = *(arg_10h);
0x00401514 lw a0, 0x24(fp) | a0 = *(arg_24h);
0x00401518 move a2, zero | a2 = 0;
0x0040151c move a3, zero | a3 = 0;
0x00401520 lw t8, -0x7f8c(gp) | t8 = sym.imp.ftruncate64;
0x00401524 move t9, t8 | t9 = t8;
0x00401528 jalr t9 | t9 ();
0x0040152c nop |
0x00401530 lw gp, 0x10(fp) | gp = *(arg_10h);
0x00401534 addiu t8, fp, 0x4c | t8 = fp + 0x4c;
0x00401538 move a0, t8 | a0 = t8;
0x0040153c lw t8, -0x7f24(gp) | t8 = sym.imp.strlen;
0x00401540 move t9, t8 | t9 = t8;
0x00401544 jalr t9 | t9 ();
0x00401548 nop |
0x0040154c lw gp, 0x10(fp) | gp = *(arg_10h);
0x00401550 move t8, v0 | t8 = v0;
0x00401554 addiu v0, fp, 0x4c | v0 = fp + 0x4c;
0x00401558 lw a0, 0x24(fp) | a0 = *(arg_24h);
0x0040155c move a1, v0 | a1 = v0;
0x00401560 move a2, t8 | a2 = t8;
0x00401564 lw t8, -0x7f5c(gp) | t8 = sym.imp.write;
0x00401568 move t9, t8 | t9 = t8;
0x0040156c jalr t9 | t9 ();
0x00401570 nop |
0x00401574 lw gp, 0x10(fp) | gp = *(arg_10h);
0x00401578 sw zero, 0x20(fp) | *(arg_20h) = 0;
| label_0:
0x0040157c lw t8, 0x20(fp) | t8 = *(arg_20h);
0x00401580 move v0, t8 | v0 = t8;
0x00401584 lw t8, -0x7f00(gp) | t8 = *((gp - 8128));
0x00401588 lw v1, 0x74(fp) | v1 = *(arg_74h);
0x0040158c lw t8, (t8) | t8 = *(t8);
| if (v1 != t8) {
0x00401590 beq v1, t8, 0x4015a8 |
0x00401594 nop |
0x00401598 lw t8, -0x7f54(gp) | t8 = sym.imp.__stack_chk_fail;
0x0040159c move t9, t8 | t9 = t8;
0x004015a0 jalr t9 | t9 ();
0x004015a4 nop |
| }
0x004015a8 move sp, fp |
0x004015ac lw ra, 0x7c(sp) | ra = *(var_7ch);
0x004015b0 lw fp, 0x78(sp) | fp = *(var_78h);
0x004015b4 addiu sp, sp, 0x80 |
0x004015b8 jr ra | return v1;
0x004015bc nop |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/DUMP/mtdblock8_unblob_extracted/mtdblock8_extract/0-9650176.squashfs_v4_le_extract/sbin/ifplugd_event @ 0x401730 */
| #include <stdint.h>
|
; (fcn) sym.sendCmd_char_const__unsigned_int__unsigned_int__unsigned_int_ () | void sendCmd_char_const_unsigned_int_unsigned_int_unsigned_int_ () {
| /* sendCmd(char const*, unsigned int, unsigned int, unsigned int) */
0x00401730 lui gp, 2 |
0x00401734 addiu gp, gp, -0x6710 |
0x00401738 addu gp, gp, t9 | gp += t9;
0x0040173c addiu sp, sp, -0xf0 |
0x00401740 sw ra, 0xec(sp) | *(var_ech) = ra;
0x00401744 sw fp, 0xe8(sp) | *(var_e8h) = fp;
0x00401748 sw s0, 0xe4(sp) | *(var_e4h) = s0;
0x0040174c move fp, sp | fp = sp;
0x00401750 sw gp, 0x18(sp) | *(var_18h) = gp;
0x00401754 sw a0, 0x2c(fp) | *(arg_2ch) = a0;
0x00401758 sw a1, 0x28(fp) | *(arg_28h) = a1;
0x0040175c sw a2, 0x24(fp) | *(arg_24h) = a2;
0x00401760 sw a3, 0x20(fp) | *(arg_20h) = a3;
0x00401764 lw t8, -0x7f00(gp) | t8 = *((gp - 8128));
0x00401768 lw t8, (t8) | t8 = *(t8);
0x0040176c sw t8, 0xdc(fp) | *(arg_dch) = t8;
0x00401770 addiu t8, fp, 0x38 | t8 = fp + 0x38;
0x00401774 move a0, t8 | a0 = t8;
0x00401778 lw t8, -0x7fd8(gp) | t8 = *(gp);
0x0040177c move t9, t8 | t9 = t8;
0x00401780 jalr t9 | t9 ();
0x00401784 nop |
0x00401788 lw gp, 0x18(fp) | gp = *(arg_18h);
0x0040178c lw t8, 0x28(fp) | t8 = *(arg_28h);
0x00401790 sw t8, 0x44(fp) | *(arg_44h) = t8;
0x00401794 lw t8, 0x24(fp) | t8 = *(arg_24h);
0x00401798 sw t8, 0x48(fp) | *(arg_48h) = t8;
0x0040179c lw t8, 0x20(fp) | t8 = *(arg_20h);
0x004017a0 sw t8, 0x4c(fp) | *(arg_4ch) = t8;
0x004017a4 addiu v0, fp, 0x38 | v0 = fp + 0x38;
0x004017a8 addiu t8, fp, 0x44 | t8 = fp + 0x44;
0x004017ac addiu v1, fp, 0x50 | v1 = fp + 0x50;
0x004017b0 sw v1, 0x10(sp) | *(var_10h) = v1;
0x004017b4 addiu v1, zero, 0x8c | v1 = 0x8c;
0x004017b8 sw v1, 0x14(sp) | *(var_14h) = v1;
0x004017bc move a0, v0 | a0 = v0;
0x004017c0 lw a1, 0x2c(fp) | a1 = *(arg_2ch);
0x004017c4 move a2, t8 | a2 = t8;
0x004017c8 addiu a3, zero, 0xc | a3 = 0xc;
0x004017cc lw t8, -0x7f40(gp) | t8 = *(gp);
0x004017d0 move t9, t8 | t9 = t8;
0x004017d4 jalr t9 | t9 ();
0x004017d8 nop |
0x004017dc lw gp, 0x18(fp) | gp = *(arg_18h);
0x004017e0 move t8, v0 | t8 = v0;
0x004017e4 sw t8, 0x34(fp) | *(arg_34h) = t8;
0x004017e8 lw t8, 0x34(fp) | t8 = *(arg_34h);
| if (t8 < 0) {
0x004017ec bgez t8, 0x40182c |
0x004017f0 nop |
0x004017f4 lw t8, -0x7f58(gp) | t8 = *((gp - 8150));
0x004017f8 lw t8, (t8) | t8 = *(t8);
0x004017fc move a0, t8 | a0 = t8;
0x00401800 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str.OOPS___sendCmd_return__d_n */
0x00401804 addiu a1, t8, 0x25e4 | a1 = t8 + 0x25e4;
0x00401808 lw a2, 0x34(fp) | a2 = *(arg_34h);
0x0040180c lw t8, -0x7f70(gp) | t8 = sym.imp.fprintf
0x00401810 move t9, t8 | t9 = t8;
0x00401814 jalr t9 | t9 ();
0x00401818 nop |
0x0040181c lw gp, 0x18(fp) | gp = *(arg_18h);
0x00401820 lw s0, 0x34(fp) | s0 = *(arg_34h);
0x00401824 b 0x40189c | goto label_0;
0x00401828 nop |
| }
0x0040182c lw t8, 0x50(fp) | t8 = *(arg_50h);
| if (t8 != 0) {
0x00401830 beqz t8, 0x401874 |
0x00401834 nop |
0x00401838 lw t8, -0x7f58(gp) | t8 = *((gp - 8150));
0x0040183c lw v0, (t8) | v0 = *(t8);
0x00401840 lw t8, 0x50(fp) | t8 = *(arg_50h);
0x00401844 move a0, v0 | a0 = v0;
0x00401848 lw v0, -0x7fdc(gp) | v0 = *(gp);
| /* str.OOPS___sendCmd_result__d_n */
0x0040184c addiu a1, v0, 0x2600 | a1 = v0 + 0x2600;
0x00401850 move a2, t8 | a2 = t8;
0x00401854 lw t8, -0x7f70(gp) | t8 = sym.imp.fprintf
0x00401858 move t9, t8 | t9 = t8;
0x0040185c jalr t9 | t9 ();
0x00401860 nop |
0x00401864 lw gp, 0x18(fp) | gp = *(arg_18h);
0x00401868 addiu s0, zero, -1 | s0 = -1;
0x0040186c b 0x40189c | goto label_0;
0x00401870 nop |
| }
0x00401874 lw t8, 0x54(fp) | t8 = *(arg_54h);
0x00401878 lw v0, -0x7fdc(gp) | v0 = *(gp);
| /* str.sendCmd_:__d_n */
0x0040187c addiu a0, v0, 0x261c | a0 = v0 + 0x261c;
0x00401880 move a1, t8 | a1 = t8;
0x00401884 lw t8, -0x7f7c(gp) | t8 = sym.imp.printf
0x00401888 move t9, t8 | t9 = t8;
0x0040188c jalr t9 | t9 ();
0x00401890 nop |
0x00401894 lw gp, 0x18(fp) | gp = *(arg_18h);
0x00401898 lw s0, 0x34(fp) | s0 = *(arg_34h);
| label_0:
0x0040189c addiu t8, fp, 0x38 | t8 = fp + 0x38;
0x004018a0 move a0, t8 | a0 = t8;
0x004018a4 lw t8, -0x7fd4(gp) | t8 = *(gp);
0x004018a8 move t9, t8 | t9 = t8;
0x004018ac jalr t9 | t9 ();
0x004018b0 nop |
0x004018b4 lw gp, 0x18(fp) | gp = *(arg_18h);
0x004018b8 move t8, s0 | t8 = s0;
0x004018bc move v0, t8 | v0 = t8;
0x004018c0 lw t8, -0x7f00(gp) | t8 = *((gp - 8128));
0x004018c4 lw v1, 0xdc(fp) | v1 = *(arg_dch);
0x004018c8 lw t8, (t8) | t8 = *(t8);
| if (v1 != t8) {
0x004018cc beq v1, t8, 0x401928 |
0x004018d0 nop |
0x004018d4 b 0x401918 | goto label_1;
0x004018d8 nop |
| label_1:
0x00401918 lw t8, -0x7f54(gp) | t8 = sym.imp.__stack_chk_fail;
0x0040191c move t9, t8 | t9 = t8;
0x00401920 jalr t9 | t9 ();
0x00401924 nop |
| }
0x00401928 move sp, fp |
0x0040192c lw ra, 0xec(sp) | ra = *(var_ech);
0x00401930 lw fp, 0xe8(sp) | fp = *(var_e8h);
0x00401934 lw s0, 0xe4(sp) | s0 = *(var_e4h);
0x00401938 addiu sp, sp, 0xf0 |
0x0040193c jr ra | return v1;
0x00401940 nop |
| }
[*] Function printf used 6 times ifplugd_event
