[*] Binary protection state of ubiattach
Partial RELRO No Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function sprintf tear down of ubiattach
11780: e3a03016 mov r3, #22
11784: e5803000 str r3, [r0]
11788: e3e00000 mvn r0, #0
1178c: e28dd01c add sp, sp, #28
11790: e8bd8030 pop {r4, r5, pc}
11794: 000250d8 ldrdeq r5, [r2], -r8
11798: 000148fe strdeq r4, [r1], -lr
1179c: 000149ca andeq r4, r1, sl, asr #19
117a0: e92d48f0 push {r4, r5, r6, r7, fp, lr}
117a4: e28db014 add fp, sp, #20
117a8: e1a06001 mov r6, r1
117ac: e1a04002 mov r4, r2
117b0: e1a05000 mov r5, r0
117b4: ebfffce0 bl 10b3c <strlen@plt>
117b8: e1a02006 mov r2, r6
117bc: e1a01005 mov r1, r5
117c0: e2800039 add r0, r0, #57 ; 0x39
117c4: e3c00007 bic r0, r0, #7
117c8: e04dd000 sub sp, sp, r0
117cc: e1a0000d mov r0, sp
117d0: ebfffcd0 bl 10b18 <sprintf@plt>
117d4: e1a01004 mov r1, r4
117d8: e1a0000d mov r0, sp
117dc: ebffffd2 bl 1172c <free@plt+0xba8>
117e0: e24bd014 sub sp, fp, #20
117e4: e8bd88f0 pop {r4, r5, r6, r7, fp, pc}
117e8: e92d48f0 push {r4, r5, r6, r7, fp, lr}
117ec: e28db014 add fp, sp, #20
117f0: e1a06001 mov r6, r1
117f4: e1a07002 mov r7, r2
117f8: e1a04003 mov r4, r3
117fc: e1a05000 mov r5, r0
11800: ebfffccd bl 10b3c <strlen@plt>
11804: e1a03007 mov r3, r7
11808: e1a02006 mov r2, r6
1180c: e1a01005 mov r1, r5
11810: e280006b add r0, r0, #107 ; 0x6b
11814: e3c00007 bic r0, r0, #7
11818: e04dd000 sub sp, sp, r0
1181c: e1a0000d mov r0, sp
11820: ebfffcbc bl 10b18 <sprintf@plt>
11824: e1a01004 mov r1, r4
11828: e1a0000d mov r0, sp
--
11c74: eaffffe8 b 11c1c <free@plt+0x1098>
11c78: 00014ad8 ldrdeq r4, [r1], -r8
11c7c: 000148fe strdeq r4, [r1], -lr
11c80: 00014adf ldrdeq r4, [r1], -pc ; <UNPREDICTABLE>
11c84: 000250d8 ldrdeq r5, [r2], -r8
11c88: 00014b12 andeq r4, r1, r2, lsl fp
11c8c: e92d48f0 push {r4, r5, r6, r7, fp, lr}
11c90: e5904000 ldr r4, [r0]
11c94: e28db014 add fp, sp, #20
11c98: e1a00004 mov r0, r4
11c9c: e1a06003 mov r6, r3
11ca0: e1a07001 mov r7, r1
11ca4: e1a05002 mov r5, r2
11ca8: ebfffba3 bl 10b3c <strlen@plt>
11cac: e1a02007 mov r2, r7
11cb0: e1a01004 mov r1, r4
11cb4: e2800039 add r0, r0, #57 ; 0x39
11cb8: e3c00007 bic r0, r0, #7
11cbc: e04dd000 sub sp, sp, r0
11cc0: e1a0000d mov r0, sp
11cc4: ebfffb93 bl 10b18 <sprintf@plt>
11cc8: e1a02006 mov r2, r6
11ccc: e1a01005 mov r1, r5
--
127cc: e59f20c0 ldr r2, [pc, #192] ; 12894 <free@plt+0x1d10>
127d0: e59f10d0 ldr r1, [pc, #208] ; 128a8 <free@plt+0x1d24>
127d4: e5900000 ldr r0, [r0]
127d8: ebfff8a1 bl 10a64 <fprintf@plt>
127dc: ebfff8d0 bl 10b24 <__errno_location@plt>
127e0: e3a03013 mov r3, #19
127e4: eaffffcd b 12720 <free@plt+0x1b9c>
127e8: e51b30ac ldr r3, [fp, #-172] ; 0xffffff54
127ec: e1530009 cmp r3, r9
127f0: 1affffed bne 127ac <free@plt+0x1c28>
127f4: e51b309c ldr r3, [fp, #-156] ; 0xffffff64
127f8: e1540003 cmp r4, r3
127fc: caffffee bgt 127bc <free@plt+0x1c38>
12800: e3570000 cmp r7, #0
12804: 03a00001 moveq r0, #1
12808: 0affffb6 beq 126e8 <free@plt+0x1b64>
1280c: e2473001 sub r3, r7, #1
12810: e1a02004 mov r2, r4
12814: e5961040 ldr r1, [r6, #64] ; 0x40
12818: e1a00008 mov r0, r8
1281c: ebfff8bd bl 10b18 <sprintf@plt>
12820: e3a01000 mov r1, #0
12824: e1a00008 mov r0, r8
--
12c4c: ebfff75a bl 109bc <ioctl@plt>
12c50: e2900000 adds r0, r0, #0
12c54: 13a00001 movne r0, #1
12c58: e2600000 rsb r0, r0, #0
12c5c: e28dd014 add sp, sp, #20
12c60: e49df004 pop {pc} ; (ldr pc, [sp], #4)
12c64: 40044f02 andmi r4, r4, r2, lsl #30
12c68: e92d4830 push {r4, r5, fp, lr}
12c6c: e28db00c add fp, sp, #12
12c70: e24dd068 sub sp, sp, #104 ; 0x68
12c74: e5904010 ldr r4, [r0, #16]
12c78: e1a05001 mov r5, r1
12c7c: e1a00004 mov r0, r4
12c80: ebfff7ad bl 10b3c <strlen@plt>
12c84: e1a02005 mov r2, r5
12c88: e1a01004 mov r1, r4
12c8c: e2800039 add r0, r0, #57 ; 0x39
12c90: e3c00007 bic r0, r0, #7
12c94: e04dd000 sub sp, sp, r0
12c98: e1a0000d mov r0, sp
12c9c: ebfff79d bl 10b18 <sprintf@plt>
12ca0: e24b1074 sub r1, fp, #116 ; 0x74
12ca4: e1a0000d mov r0, sp
--
12f14: ebfffa21 bl 117a0 <free@plt+0xc1c>
12f18: e3500000 cmp r0, #0
12f1c: 1affff77 bne 12d00 <free@plt+0x217c>
12f20: e2842048 add r2, r4, #72 ; 0x48
12f24: e1a01006 mov r1, r6
12f28: e5950030 ldr r0, [r5, #48] ; 0x30
12f2c: ebfffa1b bl 117a0 <free@plt+0xc1c>
12f30: e3500000 cmp r0, #0
12f34: 1affff71 bne 12d00 <free@plt+0x217c>
12f38: e595802c ldr r8, [r5, #44] ; 0x2c
12f3c: e1a0900d mov r9, sp
12f40: e1a00008 mov r0, r8
12f44: ebfff6fc bl 10b3c <strlen@plt>
12f48: e1a02006 mov r2, r6
12f4c: e1a01008 mov r1, r8
12f50: e2800039 add r0, r0, #57 ; 0x39
12f54: e3c00007 bic r0, r0, #7
12f58: e04dd000 sub sp, sp, r0
12f5c: e28d7008 add r7, sp, #8
12f60: e1a00007 mov r0, r7
12f64: ebfff6eb bl 10b18 <sprintf@plt>
12f68: e2841040 add r1, r4, #64 ; 0x40
12f6c: e1a00007 mov r0, r7
--
131f4: e1a05001 mov r5, r1
131f8: e1a06002 mov r6, r2
131fc: e3a01000 mov r1, #0
13200: e3a020b0 mov r2, #176 ; 0xb0
13204: e1a07000 mov r7, r0
13208: e1a00009 mov r0, r9
1320c: e1a04003 mov r4, r3
13210: ebfff631 bl 10adc <emset@plt>
13214: e597a048 ldr sl, [r7, #72] ; 0x48
13218: e8840060 stm r4, {r5, r6}
1321c: e1a0000a mov r0, sl
13220: ebfff645 bl 10b3c <strlen@plt>
13224: e1a0800d mov r8, sp
13228: e1a03006 mov r3, r6
1322c: e1a02005 mov r2, r5
13230: e1a0100a mov r1, sl
13234: e280006b add r0, r0, #107 ; 0x6b
13238: e3c00007 bic r0, r0, #7
1323c: e04dd000 sub sp, sp, r0
13240: e1a0000d mov r0, sp
13244: ebfff633 bl 10b18 <sprintf@plt>
13248: e1a0000d mov r0, sp
1324c: e284200c add r2, r4, #12
13250: e1a01009 mov r1, r9
13254: ebfffa56 bl 11bb4 <free@plt+0x1030>
13258: e1a0d008 mov sp, r8
1325c: e3500000 cmp r0, #0
13260: 0a000003 beq 13274 <free@plt+0x26f0>
13264: e3e08000 mvn r8, #0
13268: e1a00008 mov r0, r8
1326c: e24bd020 sub sp, fp, #32
13270: e8bd8ff0 pop {r4, r5, r6, r7, r8, r9, sl, fp, pc}
13274: e5979044 ldr r9, [r7, #68] ; 0x44
13278: e1a00009 mov r0, r9
1327c: ebfff62e bl 10b3c <strlen@plt>
13280: e1a03006 mov r3, r6
13284: e1a02005 mov r2, r5
13288: e1a01009 mov r1, r9
1328c: e280006b add r0, r0, #107 ; 0x6b
13290: e3c00007 bic r0, r0, #7
13294: e04dd000 sub sp, sp, r0
13298: e1a0000d mov r0, sp
1329c: ebfff61d bl 10b18 <sprintf@plt>
132a0: e1a0000d mov r0, sp
132a4: e3a02032 mov r2, #50 ; 0x32
--
132f0: e3a03003 mov r3, #3
132f4: e5843010 str r3, [r4, #16]
132f8: e1a02006 mov r2, r6
132fc: e2843014 add r3, r4, #20
13300: e1a01005 mov r1, r5
13304: e597004c ldr r0, [r7, #76] ; 0x4c
13308: ebfff936 bl 117e8 <free@plt+0xc64>
1330c: e3500000 cmp r0, #0
13310: 1affffd3 bne 13264 <free@plt+0x26e0>
13314: e5978050 ldr r8, [r7, #80] ; 0x50
13318: e1a0900d mov r9, sp
1331c: e1a00008 mov r0, r8
13320: ebfff605 bl 10b3c <strlen@plt>
13324: e1a03006 mov r3, r6
13328: e1a02005 mov r2, r5
1332c: e1a01008 mov r1, r8
13330: e280006b add r0, r0, #107 ; 0x6b
13334: e3c00007 bic r0, r0, #7
13338: e04dd000 sub sp, sp, r0
1333c: e1a0000d mov r0, sp
13340: ebfff5f4 bl 10b18 <sprintf@plt>
13344: e1a0000d mov r0, sp
13348: e2841018 add r1, r4, #24
--
13398: e1a02006 mov r2, r6
1339c: e1a01005 mov r1, r5
133a0: e597005c ldr r0, [r7, #92] ; 0x5c
133a4: ebfff90f bl 117e8 <free@plt+0xc64>
133a8: e2508000 subs r8, r0, #0
133ac: 1affffac bne 13264 <free@plt+0x26e0>
133b0: e5941028 ldr r1, [r4, #40] ; 0x28
133b4: e594002c ldr r0, [r4, #44] ; 0x2c
133b8: e5977060 ldr r7, [r7, #96] ; 0x60
133bc: e0c32190 smull r2, r3, r0, r1
133c0: e1a00007 mov r0, r7
133c4: e1c422f0 strd r2, [r4, #32]
133c8: ebfff5db bl 10b3c <strlen@plt>
133cc: e1a03006 mov r3, r6
133d0: e1a02005 mov r2, r5
133d4: e1a01007 mov r1, r7
133d8: e280006b add r0, r0, #107 ; 0x6b
133dc: e3c00007 bic r0, r0, #7
133e0: e04dd000 sub sp, sp, r0
133e4: e1a0000d mov r0, sp
133e8: ebfff5ca bl 10b18 <sprintf@plt>
133ec: e1a0000d mov r0, sp
133f0: e3a02081 mov r2, #129 ; 0x81
--
1360c: 0a000004 beq 13624 <free@plt+0x2aa0>
13610: e5963000 ldr r3, [r6]
13614: e3530002 cmp r3, #2
13618: 1affffca bne 13548 <free@plt+0x29c4>
1361c: e2844001 add r4, r4, #1
13620: eafffff0 b 135e8 <free@plt+0x2a64>
13624: e51b30ac ldr r3, [fp, #-172] ; 0xffffff54
13628: e15a0003 cmp sl, r3
1362c: 1afffffa bne 1361c <free@plt+0x2a98>
13630: e51b309c ldr r3, [fp, #-156] ; 0xffffff64
13634: e1540003 cmp r4, r3
13638: c3a03013 movgt r3, #19
1363c: c5863000 strgt r3, [r6]
13640: caffffc0 bgt 13548 <free@plt+0x29c4>
13644: e51b30bc ldr r3, [fp, #-188] ; 0xffffff44
13648: e1a02004 mov r2, r4
1364c: e2438001 sub r8, r3, #1
13650: e1a03008 mov r3, r8
13654: e5951040 ldr r1, [r5, #64] ; 0x40
13658: e1a00007 mov r0, r7
1365c: ebfff52d bl 10b18 <sprintf@plt>
13660: e3a01000 mov r1, #0
13664: e1a00007 mov r0, r7
[*] Function sprintf used 11 times ubiattach
