[*] Binary protection state of ubirmvol
Partial RELRO No Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function sprintf tear down of ubirmvol
11190: e3a03016 mov r3, #22
11194: e5803000 str r3, [r0]
11198: e3e00000 mvn r0, #0
1119c: e28dd01c add sp, sp, #28
111a0: e8bd8030 pop {r4, r5, pc}
111a4: 000240b0 strheq r4, [r2], -r0
111a8: 00013895 muleq r1, r5, r8
111ac: 00013961 andeq r3, r1, r1, ror #18
111b0: e92d48f0 push {r4, r5, r6, r7, fp, lr}
111b4: e28db014 add fp, sp, #20
111b8: e1a06001 mov r6, r1
111bc: e1a04002 mov r4, r2
111c0: e1a05000 mov r5, r0
111c4: ebfffdf5 bl 109a0 <strlen@plt>
111c8: e1a02006 mov r2, r6
111cc: e1a01005 mov r1, r5
111d0: e2800039 add r0, r0, #57 ; 0x39
111d4: e3c00007 bic r0, r0, #7
111d8: e04dd000 sub sp, sp, r0
111dc: e1a0000d mov r0, sp
111e0: ebfffde5 bl 1097c <sprintf@plt>
111e4: e1a01004 mov r1, r4
111e8: e1a0000d mov r0, sp
111ec: ebffffd2 bl 1113c <free@plt+0x760>
111f0: e24bd014 sub sp, fp, #20
111f4: e8bd88f0 pop {r4, r5, r6, r7, fp, pc}
111f8: e92d48f0 push {r4, r5, r6, r7, fp, lr}
111fc: e28db014 add fp, sp, #20
11200: e1a06001 mov r6, r1
11204: e1a07002 mov r7, r2
11208: e1a04003 mov r4, r3
1120c: e1a05000 mov r5, r0
11210: ebfffde2 bl 109a0 <strlen@plt>
11214: e1a03007 mov r3, r7
11218: e1a02006 mov r2, r6
1121c: e1a01005 mov r1, r5
11220: e280006b add r0, r0, #107 ; 0x6b
11224: e3c00007 bic r0, r0, #7
11228: e04dd000 sub sp, sp, r0
1122c: e1a0000d mov r0, sp
11230: ebfffdd1 bl 1097c <sprintf@plt>
11234: e1a01004 mov r1, r4
11238: e1a0000d mov r0, sp
--
11684: eaffffe8 b 1162c <free@plt+0xc50>
11688: 00013a6f andeq r3, r1, pc, ror #20
1168c: 00013895 muleq r1, r5, r8
11690: 00013a76 andeq r3, r1, r6, ror sl
11694: 000240b0 strheq r4, [r2], -r0
11698: 00013aa9 andeq r3, r1, r9, lsr #21
1169c: e92d48f0 push {r4, r5, r6, r7, fp, lr}
116a0: e5904000 ldr r4, [r0]
116a4: e28db014 add fp, sp, #20
116a8: e1a00004 mov r0, r4
116ac: e1a06003 mov r6, r3
116b0: e1a07001 mov r7, r1
116b4: e1a05002 mov r5, r2
116b8: ebfffcb8 bl 109a0 <strlen@plt>
116bc: e1a02007 mov r2, r7
116c0: e1a01004 mov r1, r4
116c4: e2800039 add r0, r0, #57 ; 0x39
116c8: e3c00007 bic r0, r0, #7
116cc: e04dd000 sub sp, sp, r0
116d0: e1a0000d mov r0, sp
116d4: ebfffca8 bl 1097c <sprintf@plt>
116d8: e1a02006 mov r2, r6
116dc: e1a01005 mov r1, r5
--
121dc: e59f20c0 ldr r2, [pc, #192] ; 122a4 <free@plt+0x18c8>
121e0: e59f10d0 ldr r1, [pc, #208] ; 122b8 <free@plt+0x18dc>
121e4: e5900000 ldr r0, [r0]
121e8: ebfff9bf bl 108ec <fprintf@plt>
121ec: ebfff9e5 bl 10988 <__errno_location@plt>
121f0: e3a03013 mov r3, #19
121f4: eaffffcd b 12130 <free@plt+0x1754>
121f8: e51b30ac ldr r3, [fp, #-172] ; 0xffffff54
121fc: e1530009 cmp r3, r9
12200: 1affffed bne 121bc <free@plt+0x17e0>
12204: e51b309c ldr r3, [fp, #-156] ; 0xffffff64
12208: e1540003 cmp r4, r3
1220c: caffffee bgt 121cc <free@plt+0x17f0>
12210: e3570000 cmp r7, #0
12214: 03a00001 moveq r0, #1
12218: 0affffb6 beq 120f8 <free@plt+0x171c>
1221c: e2473001 sub r3, r7, #1
12220: e1a02004 mov r2, r4
12224: e5961040 ldr r1, [r6, #64] ; 0x40
12228: e1a00008 mov r0, r8
1222c: ebfff9d2 bl 1097c <sprintf@plt>
12230: e3a01000 mov r1, #0
12234: e1a00008 mov r0, r8
--
1265c: ebfff87b bl 10850 <ioctl@plt>
12660: e2900000 adds r0, r0, #0
12664: 13a00001 movne r0, #1
12668: e2600000 rsb r0, r0, #0
1266c: e28dd014 add sp, sp, #20
12670: e49df004 pop {pc} ; (ldr pc, [sp], #4)
12674: 40044f02 andmi r4, r4, r2, lsl #30
12678: e92d4830 push {r4, r5, fp, lr}
1267c: e28db00c add fp, sp, #12
12680: e24dd068 sub sp, sp, #104 ; 0x68
12684: e5904010 ldr r4, [r0, #16]
12688: e1a05001 mov r5, r1
1268c: e1a00004 mov r0, r4
12690: ebfff8c2 bl 109a0 <strlen@plt>
12694: e1a02005 mov r2, r5
12698: e1a01004 mov r1, r4
1269c: e2800039 add r0, r0, #57 ; 0x39
126a0: e3c00007 bic r0, r0, #7
126a4: e04dd000 sub sp, sp, r0
126a8: e1a0000d mov r0, sp
126ac: ebfff8b2 bl 1097c <sprintf@plt>
126b0: e24b1074 sub r1, fp, #116 ; 0x74
126b4: e1a0000d mov r0, sp
--
12924: ebfffa21 bl 111b0 <free@plt+0x7d4>
12928: e3500000 cmp r0, #0
1292c: 1affff77 bne 12710 <free@plt+0x1d34>
12930: e2842048 add r2, r4, #72 ; 0x48
12934: e1a01006 mov r1, r6
12938: e5950030 ldr r0, [r5, #48] ; 0x30
1293c: ebfffa1b bl 111b0 <free@plt+0x7d4>
12940: e3500000 cmp r0, #0
12944: 1affff71 bne 12710 <free@plt+0x1d34>
12948: e595802c ldr r8, [r5, #44] ; 0x2c
1294c: e1a0900d mov r9, sp
12950: e1a00008 mov r0, r8
12954: ebfff811 bl 109a0 <strlen@plt>
12958: e1a02006 mov r2, r6
1295c: e1a01008 mov r1, r8
12960: e2800039 add r0, r0, #57 ; 0x39
12964: e3c00007 bic r0, r0, #7
12968: e04dd000 sub sp, sp, r0
1296c: e28d7008 add r7, sp, #8
12970: e1a00007 mov r0, r7
12974: ebfff800 bl 1097c <sprintf@plt>
12978: e2841040 add r1, r4, #64 ; 0x40
1297c: e1a00007 mov r0, r7
--
12c04: e1a05001 mov r5, r1
12c08: e1a06002 mov r6, r2
12c0c: e3a01000 mov r1, #0
12c10: e3a020b0 mov r2, #176 ; 0xb0
12c14: e1a07000 mov r7, r0
12c18: e1a00009 mov r0, r9
12c1c: e1a04003 mov r4, r3
12c20: ebfff749 bl 1094c <emset@plt>
12c24: e597a048 ldr sl, [r7, #72] ; 0x48
12c28: e8840060 stm r4, {r5, r6}
12c2c: e1a0000a mov r0, sl
12c30: ebfff75a bl 109a0 <strlen@plt>
12c34: e1a0800d mov r8, sp
12c38: e1a03006 mov r3, r6
12c3c: e1a02005 mov r2, r5
12c40: e1a0100a mov r1, sl
12c44: e280006b add r0, r0, #107 ; 0x6b
12c48: e3c00007 bic r0, r0, #7
12c4c: e04dd000 sub sp, sp, r0
12c50: e1a0000d mov r0, sp
12c54: ebfff748 bl 1097c <sprintf@plt>
12c58: e1a0000d mov r0, sp
12c5c: e284200c add r2, r4, #12
12c60: e1a01009 mov r1, r9
12c64: ebfffa56 bl 115c4 <free@plt+0xbe8>
12c68: e1a0d008 mov sp, r8
12c6c: e3500000 cmp r0, #0
12c70: 0a000003 beq 12c84 <free@plt+0x22a8>
12c74: e3e08000 mvn r8, #0
12c78: e1a00008 mov r0, r8
12c7c: e24bd020 sub sp, fp, #32
12c80: e8bd8ff0 pop {r4, r5, r6, r7, r8, r9, sl, fp, pc}
12c84: e5979044 ldr r9, [r7, #68] ; 0x44
12c88: e1a00009 mov r0, r9
12c8c: ebfff743 bl 109a0 <strlen@plt>
12c90: e1a03006 mov r3, r6
12c94: e1a02005 mov r2, r5
12c98: e1a01009 mov r1, r9
12c9c: e280006b add r0, r0, #107 ; 0x6b
12ca0: e3c00007 bic r0, r0, #7
12ca4: e04dd000 sub sp, sp, r0
12ca8: e1a0000d mov r0, sp
12cac: ebfff732 bl 1097c <sprintf@plt>
12cb0: e1a0000d mov r0, sp
12cb4: e3a02032 mov r2, #50 ; 0x32
--
12d00: e3a03003 mov r3, #3
12d04: e5843010 str r3, [r4, #16]
12d08: e1a02006 mov r2, r6
12d0c: e2843014 add r3, r4, #20
12d10: e1a01005 mov r1, r5
12d14: e597004c ldr r0, [r7, #76] ; 0x4c
12d18: ebfff936 bl 111f8 <free@plt+0x81c>
12d1c: e3500000 cmp r0, #0
12d20: 1affffd3 bne 12c74 <free@plt+0x2298>
12d24: e5978050 ldr r8, [r7, #80] ; 0x50
12d28: e1a0900d mov r9, sp
12d2c: e1a00008 mov r0, r8
12d30: ebfff71a bl 109a0 <strlen@plt>
12d34: e1a03006 mov r3, r6
12d38: e1a02005 mov r2, r5
12d3c: e1a01008 mov r1, r8
12d40: e280006b add r0, r0, #107 ; 0x6b
12d44: e3c00007 bic r0, r0, #7
12d48: e04dd000 sub sp, sp, r0
12d4c: e1a0000d mov r0, sp
12d50: ebfff709 bl 1097c <sprintf@plt>
12d54: e1a0000d mov r0, sp
12d58: e2841018 add r1, r4, #24
--
12da8: e1a02006 mov r2, r6
12dac: e1a01005 mov r1, r5
12db0: e597005c ldr r0, [r7, #92] ; 0x5c
12db4: ebfff90f bl 111f8 <free@plt+0x81c>
12db8: e2508000 subs r8, r0, #0
12dbc: 1affffac bne 12c74 <free@plt+0x2298>
12dc0: e5941028 ldr r1, [r4, #40] ; 0x28
12dc4: e594002c ldr r0, [r4, #44] ; 0x2c
12dc8: e5977060 ldr r7, [r7, #96] ; 0x60
12dcc: e0c32190 smull r2, r3, r0, r1
12dd0: e1a00007 mov r0, r7
12dd4: e1c422f0 strd r2, [r4, #32]
12dd8: ebfff6f0 bl 109a0 <strlen@plt>
12ddc: e1a03006 mov r3, r6
12de0: e1a02005 mov r2, r5
12de4: e1a01007 mov r1, r7
12de8: e280006b add r0, r0, #107 ; 0x6b
12dec: e3c00007 bic r0, r0, #7
12df0: e04dd000 sub sp, sp, r0
12df4: e1a0000d mov r0, sp
12df8: ebfff6df bl 1097c <sprintf@plt>
12dfc: e1a0000d mov r0, sp
12e00: e3a02081 mov r2, #129 ; 0x81
--
1301c: 0a000004 beq 13034 <free@plt+0x2658>
13020: e5963000 ldr r3, [r6]
13024: e3530002 cmp r3, #2
13028: 1affffca bne 12f58 <free@plt+0x257c>
1302c: e2844001 add r4, r4, #1
13030: eafffff0 b 12ff8 <free@plt+0x261c>
13034: e51b30ac ldr r3, [fp, #-172] ; 0xffffff54
13038: e15a0003 cmp sl, r3
1303c: 1afffffa bne 1302c <free@plt+0x2650>
13040: e51b309c ldr r3, [fp, #-156] ; 0xffffff64
13044: e1540003 cmp r4, r3
13048: c3a03013 movgt r3, #19
1304c: c5863000 strgt r3, [r6]
13050: caffffc0 bgt 12f58 <free@plt+0x257c>
13054: e51b30bc ldr r3, [fp, #-188] ; 0xffffff44
13058: e1a02004 mov r2, r4
1305c: e2438001 sub r8, r3, #1
13060: e1a03008 mov r3, r8
13064: e5951040 ldr r1, [r5, #64] ; 0x40
13068: e1a00007 mov r0, r7
1306c: ebfff642 bl 1097c <sprintf@plt>
13070: e3a01000 mov r1, #0
13074: e1a00007 mov r0, r7
[*] Function sprintf used 11 times ubirmvol
