[*] Binary protection state of libwebsockets.so.12
Partial RELRO No Canary found NX disabled DSO No RPATH No RUNPATH Symbols
[*] Function popen tear down of libwebsockets.so.12
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/lib/libwebsockets.so.12 @ 0x4f68 */
| #include <stdint.h>
|
; (fcn) entry.fini0 () | void entry_fini0 () {
0x00004f68 ldr r3, [pc, 0x68] | r3 = *(0x4fd4);
0x00004f6c push {r4, lr} |
0x00004f70 ldr r4, [pc, 0x64] | r4 = $d;
0x00004f74 add r3, pc, r3 | r3 = pc + r3;
0x00004f78 ldrb r3, [r3] | r3 = *(r3);
0x00004f7c add r4, pc, r4 | r4 = pc + r4;
0x00004f80 cmp r3, 0 |
0x00004f84 popne {r4, pc} |
0x00004f88 ldr r3, [pc, 0x50] | r3 = *(0x4fdc);
0x00004f8c ldr r3, [r4, r3] | r3 = $d;
0x00004f90 cmp r3, 0 |
| if (r3 != 0) {
0x00004f94 beq 0x4fa4 |
0x00004f98 ldr r3, [pc, 0x44] | r3 = *(0x4fe0);
0x00004f9c ldr r0, [pc, r3] | r0 = *(0x00004fa4);
0x00004fa0 bl 0x4720 | cxa_finalize ();
| }
0x00004fa4 bl 0x4eac | entry0 ();
0x00004fa8 ldr r3, [pc, 0x38] | r3 = *(0x4fe4);
0x00004fac ldr r3, [r4, r3] | r3 = *((r4 + r3));
0x00004fb0 cmp r3, 0 |
| if (r3 != 0) {
0x00004fb4 beq 0x4fc4 |
0x00004fb8 ldr r0, [pc, 0x2c] | r0 = *(0x4fe8);
0x00004fbc add r0, pc, r0 | r0 = pc + r0;
0x00004fc0 bl 0x4954 | loc_imp_deregister_frame_info ();
| }
0x00004fc4 ldr r3, [pc, 0x24] | r3 = *(0x4fec);
0x00004fc8 mov r2, 1 | r2 = 1;
0x00004fcc add r3, pc, r3 | r3 = pc + r3;
0x00004fd0 strb r2, [r3] | *(r3) = r2;
0x00004fd4 pop {r4, pc} |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/lib/libwebsockets.so.12 @ 0x14f34 */
| #include <stdint.h>
|
; (fcn) sym.lws_ranges_init () | void lws_ranges_init (int32_t arg1, int32_t arg2) {
| r0 = arg1;
| r1 = arg2;
0x00014f34 push {r4, r5, r6, r7, r8, sb, sl, lr} |
0x00014f38 mov r5, 0 | r5 = 0;
0x00014f3c mov r8, r2 | r8 = r2;
0x00014f40 mov sb, r3 | sb = r3;
0x00014f44 mov r2, 0 | r2 = 0;
0x00014f48 mov r3, 0 | r3 = 0;
0x00014f4c strd r2, r3, [r1, 0x18] | __asm ("strd r2, r3, [r1, 0x18]");
0x00014f50 strb r5, [r1, 0xb6] | *((r1 + 0xb6)) = r5;
0x00014f54 strb r5, [r1, 0xb5] | *((r1 + 0xb5)) = r5;
0x00014f58 strb r5, [r1, 0xb3] | *((r1 + 0xb3)) = r5;
0x00014f5c strb r5, [r1, 0xb4] | *((r1 + 0xb4)) = r5;
0x00014f60 mov r6, r0 | r6 = r0;
0x00014f64 mov r0, r1 | r0 = r1;
0x00014f68 mov r4, r1 | r4 = r1;
0x00014f6c bl 0x14f04 | lws_ranges_reset ();
0x00014f70 mov r3, 5 | r3 = 5;
0x00014f74 mov r2, 0x80 | r2 = 0x80;
0x00014f78 mov r0, r6 | r0 = r6;
0x00014f7c str r3, [r1, 0xac] | *((r1 + 0xac)) = r3;
0x00014f80 strd r8, sb, [r1, 0x10] | __asm ("strd r8, sb, [r1, 0x10]");
0x00014f84 mov r3, 0x1e | r3 = 0x1e;
0x00014f88 add r1, r1, 0x28 | r1 += 0x28;
0x00014f8c bl 0x46d8 | r0 = fcn_000046d8 ();
0x00014f90 cmp r0, r5 |
| if (r0 <= r5) {
0x00014f94 movgt r3, 1 | r3 = 1;
| }
| if (r0 <= r5) {
0x00014f98 strgt r3, [r4, 0xac] | *((r4 + 0xac)) = r3;
| }
| if (r0 > r5) {
0x00014f9c bgt 0x14fdc | goto label_0;
| }
0x00014fa0 mov r0, r5 | r0 = r5;
0x00014fa4 pop {r4, r5, r6, r7, r8, sb, sl, pc} |
| do {
0x00014fa8 ldrb r3, [r4, 0xb3] | r3 = *((r4 + 0xb3));
0x00014fac ldrd r0, r1, [r4, 8] | __asm ("ldrd r0, r1, [r4, 8]");
0x00014fb0 add r3, r3, 1 | r3++;
0x00014fb4 strb r3, [r4, 0xb3] | *((r4 + 0xb3)) = r3;
0x00014fb8 ldrd r2, r3, [r4, 0x18] | __asm ("ldrd r2, r3, [r4, 0x18]");
0x00014fbc adds r8, r2, r0 | r8 = r2 + r0;
0x00014fc0 adc sb, r3, r1 | __asm ("adc sb, r3, r1");
0x00014fc4 ldrd r0, r1, [r4] | __asm ("ldrd r0, r1, [r4]");
0x00014fc8 adds r6, r8, 1 | r6 = r8 + 1;
0x00014fcc adc r7, sb, 0 | __asm ("adc r7, sb, 0");
0x00014fd0 subs r2, r6, r0 | r2 = r6 - r0;
0x00014fd4 sbc r3, r7, r1 | __asm ("sbc r3, r7, r1");
0x00014fd8 strd r2, r3, [r4, 0x18] | __asm ("strd r2, r3, [r4, 0x18]");
| label_0:
0x00014fdc mov r0, r4 | r0 = r4;
0x00014fe0 bl 0x14cfc | r0 = lws_ranges_next ();
0x00014fe4 cmp r0, 0 |
0x00014fe8 bne 0x14fa8 |
| } while (r0 != 0);
0x00014fec mov r0, r4 | r0 = r4;
0x00014ff0 bl 0x14f04 | lws_ranges_reset ();
0x00014ff4 ldrb r3, [r4, 0xb4] | r3 = *((r4 + 0xb4));
0x00014ff8 cmp r3, 0 |
| if (r3 != 0) {
0x00014ffc beq 0x1500c |
0x00015000 ldrb r3, [r4, 0xb3] | r3 = *((r4 + 0xb3));
0x00015004 cmp r3, 0 |
| if (r3 == 0) {
0x00015008 beq 0x1501c | goto label_1;
| }
| }
0x0001500c mov r0, r4 | r0 = r4;
0x00015010 bl 0x14cfc | lws_ranges_next ();
0x00015014 ldrb r0, [r4, 0xb3] | r0 = *((r4 + 0xb3));
0x00015018 pop {r4, r5, r6, r7, r8, sb, sl, pc} |
| label_1:
0x0001501c mvn r0, 0 | r0 = ~0;
0x00015020 pop {r4, r5, r6, r7, r8, sb, sl, pc} |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/lib/libwebsockets.so.12 @ 0xd644 */
| #include <stdint.h>
|
; (fcn) sym.lws_ring_consume () | void lws_ring_consume (int32_t arg1, int32_t arg2) {
| int32_t var_4h;
| int32_t var_8h;
| r0 = arg1;
| r1 = arg2;
0x0000d644 push {r0, r1, r4, r5, r6, r7, r8, sb, sl, lr} |
0x0000d648 subs sb, r1, 0 | sb = r1 - 0;
0x0000d64c mov r5, r3 | r5 = r3;
| if (sb != r1) {
0x0000d650 ldreq r3, [r0, 0x14] | r3 = *((r0 + 0x14));
| }
| if (sb != r1) {
0x0000d654 addeq r7, sp, 8 | r7 += var_8h;
| }
| if (sb == r1) {
0x0000d658 movne r7, sb | r7 = sb;
| }
| if (sb != r1) {
0x0000d65c streq r3, [r7, -4]! | *((r7 -= 4)) = r3;
| }
0x0000d660 mov r1, r7 | r1 = r7;
0x0000d664 mov r8, r2 | r8 = r2;
0x0000d668 mov r6, r0 | r6 = r0;
0x0000d66c bl 0x4a98 | fcn_00004a98 ();
0x0000d670 ldr r3, [r6, 0xc] | r3 = *((r6 + 0xc));
0x0000d674 mul r4, r5, r3 | r4 = r5 * r3;
0x0000d678 mul r2, r3, r0 | r2 = r3 * r0;
0x0000d67c ldr r0, [r7] | r0 = *(r7);
0x0000d680 cmp r2, r4 |
| if (r2 >= r4) {
0x0000d684 movlo r4, r2 | r4 = r2;
| }
0x0000d688 cmp r8, 0 |
| if (r8 != 0) {
0x0000d68c bne 0xd6c4 | goto label_0;
| }
0x0000d690 ldr r1, [r6, 8] | r1 = *((r6 + 8));
0x0000d694 add r0, r4, r0 | r0 = r4 + r0;
0x0000d698 bl 0x150cc | aeabi_uidivmod ();
0x0000d69c cmp sb, 0 |
0x0000d6a0 str r1, [r7] | *(r7) = r1;
| if (sb == 0) {
0x0000d6a4 bne 0xd6b0 |
0x0000d6a8 mov r0, r6 | r0 = r6;
0x0000d6ac bl 0x4630 | fcn_00004630 ();
| }
0x0000d6b0 ldr r1, [r6, 0xc] | r1 = *((r6 + 0xc));
0x0000d6b4 mov r0, r4 | r0 = r4;
| do {
0x0000d6b8 bl 0x15024 | loc_udivsi3_skip_div0_test (r0, r1);
0x0000d6bc add sp, sp, 8 |
0x0000d6c0 pop {r4, r5, r6, r7, r8, sb, sl, pc} |
| label_0:
0x0000d6c4 ldr r5, [r6, 8] | r5 = *((r6 + 8));
0x0000d6c8 add r3, r0, r4 | r3 = r0 + r4;
0x0000d6cc cmp r3, r5 |
| if (r3 > r5) {
0x0000d6d0 movls sl, r8 | sl = r8;
| }
| if (r3 >= r5) {
0x0000d6d4 bls 0xd700 |
0x0000d6d8 ldr r1, [r6] | r1 = *(r6);
0x0000d6dc sub r5, r5, r0 | r5 -= r0;
0x0000d6e0 add r1, r1, r0 | r1 += r0;
0x0000d6e4 mov r2, r5 | r2 = r5;
0x0000d6e8 mov r0, r8 | r0 = r8;
0x0000d6ec bl 0x46fc | memcpy (r0, r1, r2);
0x0000d6f0 add sl, r8, r5 | sl = r8 + r5;
0x0000d6f4 mov r3, 0 | r3 = 0;
0x0000d6f8 sub r4, r4, r5 | r4 -= r5;
0x0000d6fc str r3, [r7] | *(r7) = r3;
| }
0x0000d700 ldr r3, [r7] | r3 = *(r7);
0x0000d704 ldr r1, [r6] | r1 = *(r6);
0x0000d708 mov r2, r4 | r2 = r4;
0x0000d70c add r1, r1, r3 | r1 += r3;
0x0000d710 mov r0, sl | r0 = sl;
0x0000d714 bl 0x46fc | memcpy (r0, r1, r2);
0x0000d718 ldr r0, [r7] | r0 = *(r7);
0x0000d71c ldr r1, [r6, 8] | r1 = *((r6 + 8));
0x0000d720 add r0, r4, r0 | r0 = r4 + r0;
0x0000d724 bl 0x150cc | aeabi_uidivmod ();
0x0000d728 cmp sb, 0 |
0x0000d72c str r1, [r7] | *(r7) = r1;
| if (sb == 0) {
0x0000d730 bne 0xd73c |
0x0000d734 mov r0, r6 | r0 = r6;
0x0000d738 bl 0x4630 | fcn_00004630 ();
| }
0x0000d73c add r0, sl, r4 | r0 = sl + r4;
0x0000d740 ldr r1, [r6, 0xc] | r1 = *((r6 + 0xc));
0x0000d744 sub r0, r0, r8 | r0 -= r8;
0x0000d748 b 0xd6b8 |
| } while (1);
| }
r2dec has crashed (info: /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/lib/libwebsockets.so.12 @ 0x9944).
Please report the bug at https://github.com/radareorg/r2dec-js/issues
Use the option '--issue' or the command 'pddi' to generate
the needed data for the issue.
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/lib/libwebsockets.so.12 @ 0x14068 */
| #include <stdint.h>
|
; (fcn) sym.sha1_loop () | void sha1_loop (void * arg1, int32_t arg2) {
| r0 = arg1;
| r1 = arg2;
0x00014068 push {r4, r5, r6, r7, r8, sl, fp, lr} |
0x0001406c mov r5, r0 | r5 = r0;
0x00014070 mov r7, r1 | r7 = r1;
0x00014074 mov r6, r2 | r6 = r2;
0x00014078 mov r8, 0 | r8 = 0;
| do {
0x0001407c cmp r8, r6 |
| if (r8 < r6) {
0x00014080 pophs {r4, r5, r6, r7, r8, sl, fp, pc} |
| }
0x00014084 ldrb r0, [r5, 0x60] | r0 = *((r5 + 0x60));
0x00014088 sub r4, r6, r8 | r4 = r6 - r8;
0x0001408c and r0, r0, 0x3f | r0 &= 0x3f;
0x00014090 rsb r3, r0, 0x40 | r3 = 0x40 - r0;
0x00014094 cmp r4, r3 |
| if (r4 < r3) {
0x00014098 movhs r4, r3 | r4 = r3;
| }
0x0001409c add r0, r0, 0x20 | r0 += 0x20;
0x000140a0 mov r2, r4 | r2 = r4;
0x000140a4 add r1, r7, r8 | r1 = r7 + r8;
0x000140a8 add r0, r5, r0 | r0 = r5 + r0;
0x000140ac bl 0x46fc | memcpy (r0, r1, r2);
0x000140b0 ldrb r1, [r5, 0x60] | r1 = *((r5 + 0x60));
0x000140b4 ldrd r2, r3, [r5, 0x18] | __asm ("ldrd r2, r3, [r5, 0x18]");
0x000140b8 add r1, r1, r4 | r1 += r4;
0x000140bc lsl r0, r4, 3 | r0 = r4 << 3;
0x000140c0 adds sl, r2, r0 | sl = r2 + r0;
0x000140c4 and r1, r1, 0x3f | r1 &= 0x3f;
0x000140c8 adc fp, r3, 0 | __asm ("adc fp, r3, 0");
0x000140cc cmp r1, 0 |
0x000140d0 strb r1, [r5, 0x60] | *((r5 + 0x60)) = r1;
0x000140d4 strd sl, fp, [r5, 0x18] | __asm ("strd sl, fp, [r5, 0x18]");
| if (r1 == 0) {
0x000140d8 bne 0x140e4 |
0x000140dc mov r0, r5 | r0 = r5;
0x000140e0 bl 0x13928 | sha1_step ();
| }
0x000140e4 add r8, r8, r4 | r8 += r4;
0x000140e8 b 0x1407c |
| } while (1);
| }
[*] Function popen used 1 times libwebsockets.so.12
