[*] Binary protection state of xmlEncode
Full RELRO Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function printf tear down of xmlEncode
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/patool_extraction/DUMP/mtdblock8_unblob_extracted/mtdblock8_extract/0-9650176.squashfs_v4_le_extract/bin/xmlEncode @ 0x400840 */
| #include <stdint.h>
|
; (fcn) main () | int32_t main () {
0x00400840 lui gp, 2 |
0x00400844 addiu gp, gp, -0x7830 |
0x00400848 addu gp, gp, t9 | gp += t9;
0x0040084c addiu sp, sp, -0x38 |
0x00400850 sw ra, 0x34(sp) | *(var_34h) = ra;
0x00400854 sw fp, 0x30(sp) | *(var_30h) = fp;
0x00400858 move fp, sp | fp = sp;
0x0040085c sw gp, 0x10(sp) | *(var_10h) = gp;
0x00400860 sw a0, 0x1c(fp) | *(arg_1ch) = a0;
0x00400864 sw a1, 0x18(fp) | *(envp) = a1;
0x00400868 lw t8, -0x7fc4(gp) | t8 = *((gp - 8177));
0x0040086c lw t8, (t8) | t8 = *(t8);
0x00400870 sw t8, 0x2c(fp) | *(arg_2ch) = t8;
0x00400874 lw t8, 0x18(fp) | t8 = *(envp);
0x00400878 lw t8, 4(t8) | t8 = *((t8 + 1));
0x0040087c sw t8, 0x28(fp) | *(arg_28h) = t8;
0x00400880 lw v0, 0x1c(fp) | v0 = *(arg_1ch);
0x00400884 addiu t8, zero, 2 | t8 = 2;
| if (v0 == t8) {
0x00400888 bne v0, t8, 0x40089c |
0x0040088c nop |
0x00400890 lw t8, 0x28(fp) | t8 = *(arg_28h);
| if (t8 != 0) {
0x00400894 bnez t8, 0x4008a8 | goto label_0;
| }
0x00400898 nop |
| }
0x0040089c move t8, zero | t8 = 0;
0x004008a0 b 0x400a30 | goto label_1;
0x004008a4 nop |
| label_0:
0x004008a8 sw zero, 0x24(fp) | *(arg_24h) = 0;
| do {
0x004008ac lw t8, 0x24(fp) | t8 = *(arg_24h);
0x004008b0 lw v0, 0x28(fp) | v0 = *(arg_28h);
0x004008b4 addu t8, v0, t8 | t8 = v0 + t8;
0x004008b8 lb t8, (t8) | t8 = *(t8);
0x004008bc addiu v0, zero, 0x26 | v0 = 0x26;
| if (t8 != v0) {
0x004008c0 beq t8, v0, 0x4009ac |
0x004008c4 nop |
0x004008c8 slti v0, t8, 0x27 | v0 = (t8 < 0x27) ? 1 : 0;
| if (v0 != 0) {
0x004008cc beqz v0, 0x4008f0 |
0x004008d0 nop |
| if (t8 == 0) {
0x004008d4 beqz t8, 0x40091c | goto label_2;
| }
0x004008d8 nop |
0x004008dc addiu v0, zero, 0x22 | v0 = 0x22;
| if (t8 == v0) {
0x004008e0 beq t8, v0, 0x400940 | goto label_3;
| }
0x004008e4 nop |
0x004008e8 b 0x4009f4 | goto label_4;
0x004008ec nop |
| }
0x004008f0 addiu v0, zero, 0x3c | v0 = 0x3c;
| if (t8 != v0) {
0x004008f4 beq t8, v0, 0x400964 |
0x004008f8 nop |
0x004008fc addiu v0, zero, 0x3e | v0 = 0x3e;
| if (t8 == v0) {
0x00400900 beq t8, v0, 0x400988 | goto label_5;
| }
0x00400904 nop |
0x00400908 addiu v0, zero, 0x27 | v0 = 0x27;
| if (t8 == v0) {
0x0040090c beq t8, v0, 0x4009d0 | goto label_6;
| }
0x00400910 nop |
0x00400914 b 0x4009f4 | goto label_4;
0x00400918 nop |
| label_2:
0x0040091c addiu a0, zero, 0xa | a0 = 0xa;
0x00400920 lw t8, -0x7fc8(gp) | t8 = sym.imp.putchar;
0x00400924 move t9, t8 | t9 = t8;
0x00400928 jalr t9 | t9 ();
0x0040092c nop |
0x00400930 lw gp, 0x10(fp) | gp = *(argv);
0x00400934 move t8, zero | t8 = 0;
0x00400938 b 0x400a30 | goto label_1;
0x0040093c nop |
| label_3:
0x00400940 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str.quot_ */
0x00400944 addiu a0, t8, 0xb50 | a0 = t8 + 0xb50;
0x00400948 lw t8, -0x7fd4(gp) | t8 = sym.imp.printf
0x0040094c move t9, t8 | t9 = t8;
0x00400950 jalr t9 | t9 ();
0x00400954 nop |
0x00400958 lw gp, 0x10(fp) | gp = *(argv);
0x0040095c b 0x400a1c | goto label_7;
0x00400960 nop |
| }
0x00400964 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str.lt_ */
0x00400968 addiu a0, t8, 0xb58 | a0 = t8 + 0xb58;
0x0040096c lw t8, -0x7fd4(gp) | t8 = sym.imp.printf
0x00400970 move t9, t8 | t9 = t8;
0x00400974 jalr t9 | t9 ();
0x00400978 nop |
0x0040097c lw gp, 0x10(fp) | gp = *(argv);
0x00400980 b 0x400a1c | goto label_7;
0x00400984 nop |
| label_5:
0x00400988 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str.gt_ */
0x0040098c addiu a0, t8, 0xb60 | a0 = t8 + 0xb60;
0x00400990 lw t8, -0x7fd4(gp) | t8 = sym.imp.printf
0x00400994 move t9, t8 | t9 = t8;
0x00400998 jalr t9 | t9 ();
0x0040099c nop |
0x004009a0 lw gp, 0x10(fp) | gp = *(argv);
0x004009a4 b 0x400a1c | goto label_7;
0x004009a8 nop |
| }
0x004009ac lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str.amp_ */
0x004009b0 addiu a0, t8, 0xb68 | a0 = t8 + 0xb68;
0x004009b4 lw t8, -0x7fd4(gp) | t8 = sym.imp.printf
0x004009b8 move t9, t8 | t9 = t8;
0x004009bc jalr t9 | t9 ();
0x004009c0 nop |
0x004009c4 lw gp, 0x10(fp) | gp = *(argv);
0x004009c8 b 0x400a1c | goto label_7;
0x004009cc nop |
| label_6:
0x004009d0 lw t8, -0x7fdc(gp) | t8 = *(gp);
| /* str.apos_ */
0x004009d4 addiu a0, t8, 0xb70 | a0 = t8 + 0xb70;
0x004009d8 lw t8, -0x7fd4(gp) | t8 = sym.imp.printf
0x004009dc move t9, t8 | t9 = t8;
0x004009e0 jalr t9 | t9 ();
0x004009e4 nop |
0x004009e8 lw gp, 0x10(fp) | gp = *(argv);
0x004009ec b 0x400a1c | goto label_7;
0x004009f0 nop |
| label_4:
0x004009f4 lw t8, 0x24(fp) | t8 = *(arg_24h);
0x004009f8 lw v0, 0x28(fp) | v0 = *(arg_28h);
0x004009fc addu t8, v0, t8 | t8 = v0 + t8;
0x00400a00 lb t8, (t8) | t8 = *(t8);
0x00400a04 move a0, t8 | a0 = t8;
0x00400a08 lw t8, -0x7fc8(gp) | t8 = sym.imp.putchar;
0x00400a0c move t9, t8 | t9 = t8;
0x00400a10 jalr t9 | t9 ();
0x00400a14 nop |
0x00400a18 lw gp, 0x10(fp) | gp = *(argv);
| label_7:
0x00400a1c lw t8, 0x24(fp) | t8 = *(arg_24h);
0x00400a20 addiu t8, t8, 1 | t8++;
0x00400a24 sw t8, 0x24(fp) | *(arg_24h) = t8;
0x00400a28 b 0x4008ac |
| } while (1);
0x00400a2c nop |
| label_1:
0x00400a30 move v0, t8 | v0 = t8;
0x00400a34 lw t8, -0x7fc4(gp) | t8 = *((gp - 8177));
0x00400a38 lw v1, 0x2c(fp) | v1 = *(arg_2ch);
0x00400a3c lw t8, (t8) | t8 = *(t8);
| if (v1 != t8) {
0x00400a40 beq v1, t8, 0x400a58 |
0x00400a44 nop |
0x00400a48 lw t8, -0x7fd0(gp) | t8 = sym.imp.__stack_chk_fail;
0x00400a4c move t9, t8 | t9 = t8;
0x00400a50 jalr t9 | t9 ();
0x00400a54 nop |
| }
0x00400a58 move sp, fp |
0x00400a5c lw ra, 0x34(sp) | ra = *(var_34h);
0x00400a60 lw fp, 0x30(sp) | fp = *(var_30h);
0x00400a64 addiu sp, sp, 0x38 |
0x00400a68 jr ra | return v1;
0x00400a6c nop |
| }
[*] Function printf used 6 times xmlEncode
