[*] Binary protection state of nanddump
Partial RELRO No Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function sprintf tear down of nanddump
11ad8: e1a00004 mov r0, r4
11adc: e28dd008 add sp, sp, #8
11ae0: e8bd8070 pop {r4, r5, r6, pc}
11ae4: e0855000 add r5, r5, r0
11ae8: e0444000 sub r4, r4, r0
11aec: eaffffdf b 11a70 <free@plt+0xe68>
11af0: 000270d0 ldrdeq r7, [r2], -r0
11af4: 000152db ldrdeq r5, [r1], -fp
11af8: 00015342 andeq r5, r1, r2, asr #6
11afc: 00015f63 andeq r5, r1, r3, ror #30
11b00: 00015330 andeq r5, r1, r0, lsr r3
11b04: e3530000 cmp r3, #0
11b08: e92d41f0 push {r4, r5, r6, r7, r8, lr}
11b0c: e1a07000 mov r7, r0
11b10: e1a06001 mov r6, r1
11b14: e1a05002 mov r5, r2
11b18: 0a00003c beq 11c10 <free@plt+0x1008>
11b1c: e1cd22d0 ldrd r2, [sp, #32]
11b20: e59f1134 ldr r1, [pc, #308] ; 11c5c <free@plt+0x1054>
11b24: e1a00005 mov r0, r5
11b28: ebfffc15 bl 10b84 <sprintf@plt>
11b2c: e1a04000 mov r4, r0
11b30: e3560000 cmp r6, #0
11b34: 0a00002f beq 11bf8 <free@plt+0xff0>
11b38: e59fc120 ldr ip, [pc, #288] ; 11c60 <free@plt+0x1058>
11b3c: e3560010 cmp r6, #16
11b40: 23a06010 movcs r6, #16
11b44: e3a03000 mov r3, #0
11b48: e3a0e020 mov lr, #32
11b4c: e2841003 add r1, r4, #3
11b50: e3510050 cmp r1, #80 ; 0x50
11b54: 9a000032 bls 11c24 <free@plt+0x101c>
11b58: e3530000 cmp r3, #0
11b5c: 1a00003c bne 11c54 <free@plt+0x104c>
11b60: e5dd3018 ldrb r3, [sp, #24]
11b64: e3530000 cmp r3, #0
11b68: 0a000022 beq 11bf8 <free@plt+0xff0>
11b6c: e264203d rsb r2, r4, #61 ; 0x3d
11b70: e3520001 cmp r2, #1
11b74: e59f30e8 ldr r3, [pc, #232] ; 11c64 <free@plt+0x105c>
11b78: 33a02001 movcc r2, #1
11b7c: e59f10e4 ldr r1, [pc, #228] ; 11c68 <free@plt+0x1060>
11b80: e0850004 add r0, r5, r4
11b84: ebfffbfe bl 10b84 <sprintf@plt>
11b88: e59fe0dc ldr lr, [pc, #220] ; 11c6c <free@plt+0x1064>
11b8c: e3a0307c mov r3, #124 ; 0x7c
--
11db0: e5904000 ldr r4, [r0]
11db4: e5960000 ldr r0, [r6]
11db8: ebfffb4a bl 10ae8 <fprintf@plt>
11dbc: e5965000 ldr r5, [r6]
11dc0: e1a00004 mov r0, r4
11dc4: ebfffb20 bl 10a4c <strerror@plt>
11dc8: e58d4000 str r4, [sp]
11dcc: e59f308c ldr r3, [pc, #140] ; 11e60 <free@plt+0x1258>
11dd0: e3a02008 mov r2, #8
11dd4: e59f1088 ldr r1, [pc, #136] ; 11e64 <free@plt+0x125c>
11dd8: e58d0004 str r0, [sp, #4]
11ddc: e1a00005 mov r0, r5
11de0: eaffffc6 b 11d00 <free@plt+0x10f8>
11de4: e3e06000 mvn r6, #0
11de8: eaffffe7 b 11d8c <free@plt+0x1184>
11dec: e3760001 cmn r6, #1
11df0: 0affffda beq 11d60 <free@plt+0x1158>
11df4: e1a02006 mov r2, r6
11df8: e595100c ldr r1, [r5, #12]
11dfc: e1a00007 mov r0, r7
11e00: ebfffb5f bl 10b84 <sprintf@plt>
11e04: e3a01702 mov r1, #524288 ; 0x80000
11e08: e1a00007 mov r0, r7
--
121a4: 00015330 andeq r5, r1, r0, lsr r3
121a8: 00015ed3 ldrdeq r5, [r1], -r3
121ac: 000159ef andeq r5, r1, pc, ror #19
121b0: 00015f38 andeq r5, r1, r8, lsr pc
121b4: 00015f64 andeq r5, r1, r4, ror #30
121b8: 00015e93 muleq r1, r3, lr
121bc: e92d48f0 push {r4, r5, r6, r7, fp, lr}
121c0: e28db014 add fp, sp, #20
121c4: e24dd018 sub sp, sp, #24
121c8: e1a07001 mov r7, r1
121cc: e1a06000 mov r6, r0
121d0: e1a05002 mov r5, r2
121d4: ebfffa76 bl 10bb4 <strlen@plt>
121d8: e1a02007 mov r2, r7
121dc: e1a01006 mov r1, r6
121e0: e2800039 add r0, r0, #57 ; 0x39
121e4: e3c00007 bic r0, r0, #7
121e8: e04dd000 sub sp, sp, r0
121ec: e28d4010 add r4, sp, #16
121f0: e1a00004 mov r0, r4
121f4: ebfffa62 bl 10b84 <sprintf@plt>
121f8: e24b101c sub r1, fp, #28
121fc: e1a00004 mov r0, r4
--
1263c: 00015e1a andeq r5, r1, sl, lsl lr
12640: 00016172 andeq r6, r1, r2, ror r1
12644: 00015f63 andeq r5, r1, r3, ror #30
12648: 00015330 andeq r5, r1, r0, lsr r3
1264c: e92d49f0 push {r4, r5, r6, r7, r8, fp, lr}
12650: e28db018 add fp, sp, #24
12654: e24dd044 sub sp, sp, #68 ; 0x44
12658: e5907000 ldr r7, [r0]
1265c: e1a08001 mov r8, r1
12660: e1a00007 mov r0, r7
12664: e1a06003 mov r6, r3
12668: e1a05002 mov r5, r2
1266c: ebfff950 bl 10bb4 <strlen@plt>
12670: e1a02008 mov r2, r8
12674: e1a01007 mov r1, r7
12678: e2800039 add r0, r0, #57 ; 0x39
1267c: e3c00007 bic r0, r0, #7
12680: e04dd000 sub sp, sp, r0
12684: e28d4008 add r4, sp, #8
12688: e1a00004 mov r0, r4
1268c: ebfff93c bl 10b84 <sprintf@plt>
12690: e3a02032 mov r2, #50 ; 0x32
12694: e24b1050 sub r1, fp, #80 ; 0x50
--
12d04: e1a05001 mov r5, r1
12d08: e3130001 tst r3, #1
12d0c: 1a000006 bne 12d2c <free@plt+0x2124>
12d10: e1a00001 mov r0, r1
12d14: eb00062b bl 145c8 <free@plt+0x39c0>
12d18: e2400001 sub r0, r0, #1
12d1c: e16f0f10 clz r0, r0
12d20: e1a002a0 lsr r0, r0, #5
12d24: e24bd010 sub sp, fp, #16
12d28: e8bd8870 pop {r4, r5, r6, fp, pc}
12d2c: e5904004 ldr r4, [r0, #4]
12d30: e1a0600d mov r6, sp
12d34: e1a00004 mov r0, r4
12d38: ebfff79d bl 10bb4 <strlen@plt>
12d3c: e1a02005 mov r2, r5
12d40: e1a01004 mov r1, r4
12d44: e2800011 add r0, r0, #17
12d48: e3c00007 bic r0, r0, #7
12d4c: e04dd000 sub sp, sp, r0
12d50: e1a0000d mov r0, sp
12d54: ebfff78a bl 10b84 <sprintf@plt>
12d58: e1a0000d mov r0, sp
12d5c: e24b107c sub r1, fp, #124 ; 0x7c
--
12e34: e2843008 add r3, r4, #8
12e38: e1a02006 mov r2, r6
12e3c: e1a01005 mov r1, r5
12e40: e2870008 add r0, r7, #8
12e44: ebfffe00 bl 1264c <free@plt+0x1a44>
12e48: e250a000 subs sl, r0, #0
12e4c: 1affffec bne 12e04 <free@plt+0x21fc>
12e50: e597800c ldr r8, [r7, #12]
12e54: e1a0900d mov r9, sp
12e58: e1a00008 mov r0, r8
12e5c: ebfff754 bl 10bb4 <strlen@plt>
12e60: e1a02005 mov r2, r5
12e64: e1a01008 mov r1, r8
12e68: e2846051 add r6, r4, #81 ; 0x51
12e6c: e280006b add r0, r0, #107 ; 0x6b
12e70: e3c00007 bic r0, r0, #7
12e74: e04dd000 sub sp, sp, r0
12e78: e28d3010 add r3, sp, #16
12e7c: e1a00003 mov r0, r3
12e80: e50b3068 str r3, [fp, #-104] ; 0xffffff98
12e84: ebfff73e bl 10b84 <sprintf@plt>
12e88: e51b3068 ldr r3, [fp, #-104] ; 0xffffff98
12e8c: e3a02080 mov r2, #128 ; 0x80
12e90: e1a01006 mov r1, r6
12e94: e1a00003 mov r0, r3
12e98: ebfffbf5 bl 11e74 <free@plt+0x126c>
12e9c: e1a0d009 mov sp, r9
12ea0: e3500000 cmp r0, #0
12ea4: baffffd6 blt 12e04 <free@plt+0x21fc>
12ea8: e0866000 add r6, r6, r0
12eac: e546a001 strb sl, [r6, #-1]
12eb0: e5976010 ldr r6, [r7, #16]
12eb4: e2848010 add r8, r4, #16
12eb8: e1a00006 mov r0, r6
12ebc: ebfff73c bl 10bb4 <strlen@plt>
12ec0: e1a02005 mov r2, r5
12ec4: e1a01006 mov r1, r6
12ec8: e280006b add r0, r0, #107 ; 0x6b
12ecc: e3c00007 bic r0, r0, #7
12ed0: e04dd000 sub sp, sp, r0
12ed4: e28d3010 add r3, sp, #16
12ed8: e1a00003 mov r0, r3
12edc: e50b3068 str r3, [fp, #-104] ; 0xffffff98
12ee0: ebfff727 bl 10b84 <sprintf@plt>
12ee4: e51b3068 ldr r3, [fp, #-104] ; 0xffffff98
12ee8: e3a02041 mov r2, #65 ; 0x41
--
12efc: e3500000 cmp r0, #0
12f00: baffffbf blt 12e04 <free@plt+0x21fc>
12f04: e0880000 add r0, r8, r0
12f08: e540a001 strb sl, [r0, #-1]
12f0c: e28420e4 add r2, r4, #228 ; 0xe4
12f10: e1a01005 mov r1, r5
12f14: e5970014 ldr r0, [r7, #20]
12f18: ebfffca7 bl 121bc <free@plt+0x15b4>
12f1c: e3500000 cmp r0, #0
12f20: 1affffb7 bne 12e04 <free@plt+0x21fc>
12f24: e597a018 ldr sl, [r7, #24]
12f28: e1a0000a mov r0, sl
12f2c: ebfff720 bl 10bb4 <strlen@plt>
12f30: e1a02005 mov r2, r5
12f34: e1a0100a mov r1, sl
12f38: e2800039 add r0, r0, #57 ; 0x39
12f3c: e3c00007 bic r0, r0, #7
12f40: e04dd000 sub sp, sp, r0
12f44: e28d6010 add r6, sp, #16
12f48: e1a00006 mov r0, r6
12f4c: ebfff70c bl 10b84 <sprintf@plt>
12f50: e28410d8 add r1, r4, #216 ; 0xd8
12f54: e1a00006 mov r0, r6
--
12fd4: b3a03000 movlt r3, #0
12fd8: a58400f4 strge r0, [r4, #244] ; 0xf4
12fdc: b58430f4 strlt r3, [r4, #244] ; 0xf4
12fe0: e28420f8 add r2, r4, #248 ; 0xf8
12fe4: e1a01005 mov r1, r5
12fe8: e597002c ldr r0, [r7, #44] ; 0x2c
12fec: ebfffc72 bl 121bc <free@plt+0x15b4>
12ff0: e2506000 subs r6, r0, #0
12ff4: 1affff82 bne 12e04 <free@plt+0x21fc>
12ff8: e5977030 ldr r7, [r7, #48] ; 0x30
12ffc: e1a0a00d mov sl, sp
13000: e1a00007 mov r0, r7
13004: ebfff6ea bl 10bb4 <strlen@plt>
13008: e1a02005 mov r2, r5
1300c: e1a01007 mov r1, r7
13010: e2800039 add r0, r0, #57 ; 0x39
13014: e3c00007 bic r0, r0, #7
13018: e04dd000 sub sp, sp, r0
1301c: e28d9010 add r9, sp, #16
13020: e1a00009 mov r0, r9
13024: ebfff6d6 bl 10b84 <sprintf@plt>
13028: e3a01702 mov r1, #524288 ; 0x80000
1302c: e1a00009 mov r0, r9
--
147e8: e58d0004 str r0, [sp, #4]
147ec: e1a00007 mov r0, r7
147f0: ebfff0bc bl 10ae8 <fprintf@plt>
147f4: e1a00004 mov r0, r4
147f8: ebfff0fc bl 10bf0 <close@plt>
147fc: e1a04006 mov r4, r6
14800: eaffffb9 b 146ec <free@plt+0x3ae4>
14804: 000270d0 ldrdeq r7, [r2], -r0
14808: 00015e1a andeq r5, r1, sl, lsl lr
1480c: 00015e21 andeq r5, r1, r1, lsr #28
14810: 00015f63 andeq r5, r1, r3, ror #30
14814: 00015330 andeq r5, r1, r0, lsr r3
14818: 000162ef andeq r6, r1, pc, ror #5
1481c: 81484d11 cmphi r8, r1, lsl sp
14820: 00016794 muleq r1, r4, r7
14824: e52de004 push {lr} ; (str lr, [sp, #-4]!)
14828: e59f101c ldr r1, [pc, #28] ; 1484c <free@plt+0x3c44>
1482c: e24dd024 sub sp, sp, #36 ; 0x24
14830: e1a02000 mov r2, r0
14834: e1a0000d mov r0, sp
14838: ebfff0d1 bl 10b84 <sprintf@plt>
1483c: e1a0000d mov r0, sp
14840: ebffff8f bl 14684 <free@plt+0x3a7c>
--
14d04: 0001689e muleq r1, lr, r8
14d08: 000168c7 andeq r6, r1, r7, asr #17
14d0c: 00016900 andeq r6, r1, r0, lsl #18
14d10: 00016936 andeq r6, r1, r6, lsr r9
14d14: 00016963 andeq r6, r1, r3, ror #18
14d18: 000162b8 ; <UNDEFINED> instruction: 0x000162b8
14d1c: 0001673f andeq r6, r1, pc, lsr r7
14d20: 0001699b muleq r1, fp, r9
14d24: 000162a3 andeq r6, r1, r3, lsr #5
14d28: 0001629f muleq r1, pc, r2 ; <UNPREDICTABLE>
14d2c: 0001629a muleq r1, sl, r2
14d30: 00016296 muleq r1, r6, r2
14d34: 000162ae andeq r6, r1, lr, lsr #5
14d38: 000162bc ; <UNDEFINED> instruction: 0x000162bc
14d3c: e92d4010 push {r4, lr}
14d40: e24dd020 sub sp, sp, #32
14d44: e1a02000 mov r2, r0
14d48: e1a04001 mov r4, r1
14d4c: e1a0000d mov r0, sp
14d50: e59f1014 ldr r1, [pc, #20] ; 14d6c <free@plt+0x4164>
14d54: ebffef8a bl 10b84 <sprintf@plt>
14d58: e1a01004 mov r1, r4
14d5c: e1a0000d mov r0, sp
[*] Function sprintf used 12 times nanddump
