[*] Binary protection state of libz.so.1.2.11
Partial RELRO No Canary found NX disabled DSO No RPATH No RUNPATH No Symbols
[*] Function strcat tear down of libz.so.1.2.11
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/lib/libz.so.1.2.11 @ 0x1d74 */
| #include <stdint.h>
|
; (fcn) entry.fini0 () | void entry_fini0 () {
0x00001d74 ldr r3, [pc, 0x68] | r3 = *(0x1de0);
0x00001d78 push {r4, lr} |
0x00001d7c ldr r4, [pc, 0x64] | r4 = *(0x1de4);
0x00001d80 add r3, pc, r3 | r3 = pc + r3;
0x00001d84 ldrb r3, [r3] | r3 = *(r3);
0x00001d88 add r4, pc, r4 | r4 = pc + r4;
0x00001d8c cmp r3, 0 |
0x00001d90 popne {r4, pc} |
0x00001d94 ldr r3, [pc, 0x50] | r3 = *(0x1de8);
0x00001d98 ldr r3, [r4, r3] | r3 = *(0x1de4);
0x00001d9c cmp r3, 0 |
| if (r3 != 0) {
0x00001da0 beq 0x1db0 |
0x00001da4 ldr r3, [pc, 0x44] | r3 = *(0x1dec);
0x00001da8 ldr r0, [pc, r3] | r0 = *(0x00001db0);
0x00001dac bl 0x1b08 | cxa_finalize ();
| }
0x00001db0 bl 0x1cb8 | entry0 ();
0x00001db4 ldr r3, [pc, 0x38] | r3 = *(0x1df0);
0x00001db8 ldr r3, [r4, r3] | r3 = *((r4 + r3));
0x00001dbc cmp r3, 0 |
| if (r3 != 0) {
0x00001dc0 beq 0x1dd0 |
0x00001dc4 ldr r0, [pc, 0x2c] | r0 = *(0x1df4);
0x00001dc8 add r0, pc, r0 | r0 = pc + r0;
0x00001dcc bl 0x1b74 | loc_imp_deregister_frame_info ();
| }
0x00001dd0 ldr r3, [pc, 0x24] | r3 = *(0x1df8);
0x00001dd4 mov r2, 1 | r2 = 1;
0x00001dd8 add r3, pc, r3 | r3 = pc + r3;
0x00001ddc strb r2, [r3] | *(r3) = r2;
0x00001de0 pop {r4, pc} |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/lib/libz.so.1.2.11 @ 0xb094 */
| #include <stdint.h>
|
; (fcn) fcn.0000b094 () | void fcn_0000b094 (int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_ch;
| r0 = arg1;
| r1 = arg2;
0x0000b094 push {r0, r1, r2, r4, r5, r6, r7, lr} |
0x0000b098 mov r4, r0 | r4 = r0;
0x0000b09c ldr r0, [r0, 0x60] | r0 = *((r0 + 0x60));
0x0000b0a0 mov r6, r1 | r6 = r1;
0x0000b0a4 cmp r0, 0 |
0x0000b0a8 mov r5, r2 | r5 = r2;
| if (r0 != 0) {
0x0000b0ac beq 0xb0c8 |
0x0000b0b0 ldr r3, [r4, 0x5c] | r3 = *((r4 + 0x5c));
0x0000b0b4 cmn r3, 4 |
| if (r3 != 4) {
0x0000b0b8 beq 0xb0c0 |
0x0000b0bc bl 0x1cac | free (r0);
| }
0x0000b0c0 mov r3, 0 | r3 = 0;
0x0000b0c4 str r3, [r4, 0x60] | *((r4 + 0x60)) = r3;
| }
0x0000b0c8 cmp r6, 0 |
0x0000b0cc cmnne r6, 5 | __asm ("cmnne r6, 5");
| if (r6 == 0) {
0x0000b0d0 movne r3, 0 | r3 = 0;
| }
| if (r6 == 0) {
0x0000b0d4 strne r3, [r4] | *(r4) = r3;
| }
0x0000b0d8 cmn r6, 4 |
0x0000b0dc cmpne r5, 0 | __asm ("cmpne r5, 0");
0x0000b0e0 str r6, [r4, 0x5c] | *((r4 + 0x5c)) = r6;
| if (r6 != 4) {
0x0000b0e4 beq 0xb164 |
0x0000b0e8 ldr r7, [r4, 0x18] | r7 = *((r4 + 0x18));
0x0000b0ec mov r0, r7 | r0 = r7;
0x0000b0f0 bl 0x1c34 | r0 = strlen (r0);
0x0000b0f4 mov r6, r0 | r6 = r0;
0x0000b0f8 mov r0, r5 | r0 = r5;
0x0000b0fc bl 0x1c34 | r0 = strlen (r0);
0x0000b100 add r0, r6, r0 | r0 = r6 + r0;
0x0000b104 add r0, r0, 3 | r0 += 3;
0x0000b108 bl 0x1b14 | r0 = malloc (r0);
0x0000b10c cmp r0, 0 |
| if (r0 != 0) {
0x0000b110 mvneq r3, 3 | r3 = ~3;
| }
0x0000b114 mov r6, r0 | r6 = r0;
0x0000b118 str r0, [r4, 0x60] | *((r4 + 0x60)) = r0;
| if (r0 != 0) {
0x0000b11c streq r3, [r4, 0x5c] | *((r4 + 0x5c)) = r3;
| }
| if (r0 == 0) {
0x0000b120 beq 0xb164 | goto label_0;
| }
0x0000b124 mov r0, r7 | r0 = r7;
0x0000b128 bl 0x1c34 | r0 = strlen (r0);
0x0000b12c mov r4, r0 | r4 = r0;
0x0000b130 mov r0, r5 | r0 = r5;
0x0000b134 bl 0x1c34 | strlen (r0);
0x0000b138 ldr r3, [pc, 0x2c] | r3 = *(0xb168);
0x0000b13c ldr r2, [pc, 0x2c] | r2 = *(0xb16c);
0x0000b140 add r3, pc, r3 | r3 = pc + r3;
0x0000b144 str r3, [sp] | *(sp) = r3;
0x0000b148 str r5, [sp, 4] | var_4h = r5;
0x0000b14c mov r3, r7 | r3 = r7;
0x0000b150 add r2, pc, r2 | r2 = pc + r2;
0x0000b154 add r1, r4, r0 | r1 = r4 + r0;
0x0000b158 add r1, r1, 3 | r1 += 3;
0x0000b15c mov r0, r6 | r0 = r6;
0x0000b160 bl 0x1ad8 | snprintf (r0, r1, r2, r3);
| }
| label_0:
0x0000b164 add sp, sp, 0xc |
0x0000b168 pop {r4, r5, r6, r7, pc} |
| }
[*] Function strcat used 1 times libz.so.1.2.11