[*] Binary protection state of libevent-2.1.so.6.0.2
Partial RELRO No Canary found NX disabled DSO No RPATH No RUNPATH No Symbols
[*] Function strcpy tear down of libevent-2.1.so.6.0.2
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/lib/libevent-2.1.so.6.0.2 @ 0xba60 */
| #include <stdint.h>
|
; (fcn) entry.fini0 () | void entry_fini0 () {
0x0000ba60 ldr r3, [pc, 0x68] | r3 = *(0xbacc);
0x0000ba64 push {r4, lr} |
0x0000ba68 ldr r4, [pc, 0x64] | r4 = *(0xbad0);
0x0000ba6c add r3, pc, r3 | r3 = pc + r3;
0x0000ba70 ldrb r3, [r3] | r3 = *(r3);
0x0000ba74 add r4, pc, r4 | r4 = pc + r4;
0x0000ba78 cmp r3, 0 |
0x0000ba7c popne {r4, pc} |
0x0000ba80 ldr r3, [pc, 0x50] | r3 = *(0xbad4);
0x0000ba84 ldr r3, [r4, r3] | r3 = *(0xbad0);
0x0000ba88 cmp r3, 0 |
| if (r3 != 0) {
0x0000ba8c beq 0xba9c |
0x0000ba90 ldr r3, [pc, 0x44] | r3 = *(0xbad8);
0x0000ba94 ldr r0, [pc, r3] | r0 = *(0x0000ba9c);
0x0000ba98 bl 0xab34 | cxa_finalize ();
| }
0x0000ba9c bl 0xb9a4 | entry0 ();
0x0000baa0 ldr r3, [pc, 0x38] | r3 = *(0xbadc);
0x0000baa4 ldr r3, [r4, r3] | r3 = *((r4 + r3));
0x0000baa8 cmp r3, 0 |
| if (r3 != 0) {
0x0000baac beq 0xbabc |
0x0000bab0 ldr r0, [pc, 0x2c] | r0 = *(0xbae0);
0x0000bab4 add r0, pc, r0 | r0 = pc + r0;
0x0000bab8 bl 0xb980 | loc_imp_deregister_frame_info ();
| }
0x0000babc ldr r3, [pc, 0x24] | r3 = *(0xbae4);
0x0000bac0 mov r2, 1 | r2 = 1;
0x0000bac4 add r3, pc, r3 | r3 = pc + r3;
0x0000bac8 strb r2, [r3] | *(r3) = r2;
0x0000bacc pop {r4, pc} |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/lib/libevent-2.1.so.6.0.2 @ 0xdbb0 */
| #include <stdint.h>
|
; (fcn) sym.evbuffer_peek () | void evbuffer_peek (int32_t arg_20h, int32_t arg1, int32_t arg2) {
| r0 = arg1;
| r1 = arg2;
0x0000dbb0 push {r4, r5, r6, r7, r8, sb, sl, lr} |
0x0000dbb4 ldr sb, [pc, 0x140] | sb = *(0x0000dcfc);
0x0000dbb8 subs r5, r2, 0 | r5 = r2 - 0;
0x0000dbbc add sb, pc, sb | sb = pc + sb;
0x0000dbc0 mov r7, r0 | r7 = r0;
0x0000dbc4 mov r6, r1 | r6 = r1;
0x0000dbc8 mov r8, r3 | r8 = r3;
0x0000dbcc ldr sl, [sp, 0x20] | sl = *(arg_20h);
| if (r5 != r2) {
0x0000dbd0 beq 0xdbe0 |
0x0000dbd4 ldr r4, [r5, 4] | r4 = *((r5 + 4));
0x0000dbd8 cmp r4, 0 |
| if (r4 == 0) {
0x0000dbdc beq 0xdcd0 | goto label_2;
| }
| }
0x0000dbe0 ldr r1, [r7, 0x18] | r1 = *((r7 + 0x18));
0x0000dbe4 cmp r1, 0 |
| if (r1 != 0) {
0x0000dbe8 beq 0xdc00 |
0x0000dbec ldr r3, [pc, 0x10c] |
0x0000dbf0 mov r0, 0 | r0 = 0;
0x0000dbf4 ldr r3, [sb, r3] | r3 = *((sb + r3));
0x0000dbf8 ldr r3, [r3, 0x10] | r3 = *(0xdd0c);
0x0000dbfc blx r3 | uint32_t (*r3)(uint32_t, uint32_t) (r0, r3);
| }
0x0000dc00 cmp r5, 0 |
| if (r5 != 0) {
0x0000dc04 ldreq r1, [r7] | r1 = *(r7);
| }
| if (r5 != 0) {
0x0000dc08 moveq r2, r5 | r2 = r5;
| }
| if (r5 != 0) {
0x0000dc0c moveq r4, r5 | r4 = r5;
| }
| if (r5 != 0) {
0x0000dc10 beq 0xdc44 |
0x0000dc14 ldr r3, [r5, 4] | r3 = *((r5 + 4));
0x0000dc18 cmp sl, 0 |
0x0000dc1c ldr r1, [r5, 8] | r1 = *((r5 + 8));
| if (sl <= 0) {
0x0000dc20 ldrgt r0, [r3, 8] | r0 = *((r3 + 8));
| }
0x0000dc24 ldr r2, [r3, 0x10] | r2 = *((r3 + 0x10));
0x0000dc28 mov r4, 1 | r4 = 1;
0x0000dc2c sub r2, r2, r1 | r2 -= r1;
| if (sl <= 0) {
0x0000dc30 addgt r1, r1, r0 | r1 += r0;
| }
| if (sl <= 0) {
0x0000dc34 ldrgt r0, [r3, 0x1c] | r0 = *((r3 + 0x1c));
| }
| if (sl <= 0) {
0x0000dc38 addgt r1, r0, r1 | r1 = r0 + r1;
| }
| if (sl <= 0) {
0x0000dc3c stmgt r8, {r1, r2} | *(r8) = r1;
| *((r8 + 4)) = r2;
| }
0x0000dc40 ldr r1, [r3] | r1 = *(r3);
| }
0x0000dc44 cmp sl, 0 |
| if (sl != 0) {
0x0000dc48 lsreq r3, r6, 0x1f | r3 = r6 >> 0x1f;
| }
| if (sl == 0) {
0x0000dc4c movne r3, 0 | r3 = 0;
| }
0x0000dc50 cmp r3, 0 |
| if (r3 != 0) {
0x0000dc54 beq 0xdc68 |
0x0000dc58 cmp r5, 0 |
0x0000dc5c ldr r6, [r7, 0xc] | r6 = *((r7 + 0xc));
| if (r5 == 0) {
0x0000dc60 ldrne r3, [r5] | r3 = *(r5);
| }
| if (r5 != 0) {
0x0000dc64 subne r6, r6, r3 | r6 -= r3;
| goto label_3;
| }
| }
| label_3:
0x0000dc68 mvn r0, r6 | r0 = ~r6;
0x0000dc6c lsr r0, r0, 0x1f | r0 >>= 0x1f;
0x0000dc70 b 0xdca8 |
| while (r3 == 0) {
0x0000dc74 cmp r4, sl |
| if (r4 >= sl) {
0x0000dc78 bge 0xdcd8 | goto label_4;
| }
0x0000dc7c ldr ip, [r1, 8] | ip = *((r1 + 8));
0x0000dc80 ldr r3, [r1, 0x1c] | r3 = *((r1 + 0x1c));
0x0000dc84 add r3, r3, ip | r3 += ip;
0x0000dc88 str r3, [r8, r4, lsl 3] | offset_0 = r4 << 3;
| *((r8 + offset_0)) = r3;
0x0000dc8c ldr ip, [r1, 0x10] | ip = *((r1 + 0x10));
0x0000dc90 add r3, r8, r4, lsl 3 | r3 = r8 + (r4 << 3);
0x0000dc94 str ip, [r3, 4] | *((r3 + 4)) = ip;
| label_0:
0x0000dc98 ldr r3, [r1, 0x10] | r3 = *((r1 + 0x10));
0x0000dc9c ldr r1, [r1] | r1 = *(r1);
0x0000dca0 add r4, r4, 1 | r4++;
0x0000dca4 add r2, r2, r3 | r2 += r3;
0x0000dca8 cmp r1, 0 |
| if (r1 == 0) {
0x0000dcac beq 0xdcc4 | goto label_1;
| }
0x0000dcb0 cmp r2, r6 |
| if (r2 >= r6) {
0x0000dcb4 movlt r3, 0 | r3 = 0;
| }
| if (r2 < r6) {
0x0000dcb8 andge r3, r0, 1 | r3 = r0 & 1;
| }
0x0000dcbc cmp r3, 0 |
0x0000dcc0 beq 0xdc74 |
| }
| label_1:
0x0000dcc4 ldr r1, [r7, 0x18] | r1 = *((r7 + 0x18));
0x0000dcc8 cmp r1, 0 |
| if (r1 != 0) {
0x0000dccc bne 0xdce4 | goto label_5;
| }
| label_2:
0x0000dcd0 mov r0, r4 | r0 = r4;
0x0000dcd4 pop {r4, r5, r6, r7, r8, sb, sl, pc} |
| label_4:
0x0000dcd8 cmp r6, 0 |
| if (r6 >= 0) {
0x0000dcdc bge 0xdc98 | goto label_0;
| }
0x0000dce0 b 0xdcc4 | goto label_1;
| label_5:
0x0000dce4 ldr r3, [pc, 0x14] |
0x0000dce8 mov r0, 0 | r0 = 0;
0x0000dcec ldr r3, [sb, r3] | r3 = *((sb + r3));
0x0000dcf0 ldr r3, [r3, 0x14] | r3 = *(0xdd10);
0x0000dcf4 blx r3 | uint32_t (*r3)(uint32_t, uint32_t) (r0, r3);
0x0000dcf8 b 0xdcd0 | goto label_2;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/lib/libevent-2.1.so.6.0.2 @ 0xf044 */
| #include <stdint.h>
|
; (fcn) sym.evbuffer_remove_buffer () | void evbuffer_remove_buffer (int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_8h;
| r0 = arg1;
| r1 = arg2;
0x0000f044 push {r0, r1, r4, r5, r6, r7, r8, sb, sl, lr} |
0x0000f048 ldr r5, [r0, 0x18] | r5 = *((r0 + 0x18));
0x0000f04c ldr r4, [r1, 0x18] | r4 = *((r1 + 0x18));
0x0000f050 ldr r8, [pc, 0x29c] | r8 = *(0xf2f0);
0x0000f054 cmp r5, 0 |
0x0000f058 cmpne r4, 0 | __asm ("cmpne r4, 0");
0x0000f05c add r8, pc, r8 | r8 = pc + r8;
0x0000f060 mov r6, r0 | r6 = r0;
0x0000f064 mov r7, r1 | r7 = r1;
0x0000f068 mov sb, r2 | sb = r2;
| if (r5 == 0) {
0x0000f06c beq 0xf094 | goto label_5;
| }
0x0000f070 cmp r5, r4 |
| if (r5 > r4) {
0x0000f074 bhi 0xf2c4 | goto label_6;
| }
| do {
| label_2:
0x0000f078 ldr r3, [pc, 0x278] |
0x0000f07c mov r1, r5 | r1 = r5;
0x0000f080 ldr r3, [r8, r3] | r3 = *((r8 + r3));
0x0000f084 mov r0, 0 | r0 = 0;
0x0000f088 ldr r3, [r3, 0x10] | r3 = *(0xf304);
0x0000f08c blx r3 | uint32_t (*r3)(uint32_t, uint32_t, uint32_t) (r0, r1, r3);
0x0000f090 b 0xf09c | goto label_7;
| label_5:
0x0000f094 cmp r5, 0 |
0x0000f098 bne 0xf078 |
| } while (r5 != 0);
| label_7:
0x0000f09c mov r3, r5 | r3 = r5;
0x0000f0a0 cmp r4, 0 |
0x0000f0a4 cmpne r3, r4 | __asm ("cmpne r3, r4");
0x0000f0a8 mov r5, r4 | r5 = r4;
| if (r4 != 0) {
0x0000f0ac beq 0xf0c8 |
| label_3:
0x0000f0b0 ldr r3, [pc, 0x240] |
0x0000f0b4 mov r1, r5 | r1 = r5;
0x0000f0b8 ldr r3, [r8, r3] | r3 = *((r8 + r3));
0x0000f0bc mov r0, 0 | r0 = 0;
0x0000f0c0 ldr r3, [r3, 0x10] | r3 = *(0xf304);
0x0000f0c4 blx r3 | uint32_t (*r3)(uint32_t, uint32_t, uint32_t) (r0, r1, r3);
| }
0x0000f0c8 cmp r6, r7 |
0x0000f0cc cmpne sb, 0 | __asm ("cmpne sb, 0");
| if (r6 == r7) {
0x0000f0d0 beq 0xf278 | goto label_8;
| }
0x0000f0d4 ldrb r3, [r7, 0x1c] | r3 = *((r7 + 0x1c));
0x0000f0d8 tst r3, 4 |
| if ((r3 & 4) != 0) {
0x0000f0dc bne 0xf280 | goto label_9;
| }
0x0000f0e0 ldrb r4, [r6, 0x1c] | r4 = *((r6 + 0x1c));
0x0000f0e4 ands r3, r4, 2 | r3 = r4 & 2;
| if (r3 != r4) {
0x0000f0e8 bne 0xf280 | goto label_9;
| }
0x0000f0ec ldr r4, [r6, 0xc] | r4 = *((r6 + 0xc));
0x0000f0f0 cmp r4, sb |
| if (r4 <= sb) {
0x0000f0f4 ldrhi sl, [r6] | sl = *(r6);
| }
| if (r4 <= sb) {
0x0000f0f8 movhi r4, r3 | r4 = r3;
| }
| if (r4 <= sb) {
0x0000f0fc movhi r5, sl | r5 = sl;
| }
| if (r4 > sb) {
0x0000f100 bhi 0xf1ac | goto label_10;
| }
0x0000f104 mov r1, r6 | r1 = r6;
0x0000f108 mov r0, r7 | r0 = r7;
0x0000f10c bl 0xaaec | fcn_0000aaec ();
| label_0:
0x0000f110 ldr r5, [r6, 0x18] | r5 = *((r6 + 0x18));
0x0000f114 ldr r1, [r7, 0x18] | r1 = *((r7 + 0x18));
0x0000f118 cmp r5, 0 |
0x0000f11c cmpne r1, 0 | __asm ("cmpne r1, 0");
| if (r5 == 0) {
0x0000f120 beq 0xf288 | goto label_11;
| }
0x0000f124 cmp r5, r1 |
| if (r5 > r1) {
0x0000f128 bhi 0xf2dc | goto label_12;
| }
| if (r5 == r1) {
0x0000f12c beq 0xf2a4 | goto label_4;
| }
| label_1:
0x0000f130 ldr r3, [pc, 0x1c0] |
0x0000f134 mov r0, 0 | r0 = 0;
0x0000f138 ldr r3, [r8, r3] | r3 = *((r8 + r3));
0x0000f13c ldr r3, [r3, 0x14] | r3 = *(0xf308);
0x0000f140 blx r3 | uint32_t (*r3)(uint32_t, uint32_t) (r0, r3);
0x0000f144 b 0xf298 | goto label_13;
| do {
0x0000f148 ldr r2, [r6, 8] | r2 = *((r6 + 8));
0x0000f14c ldr r1, [r2] | r1 = *(r2);
0x0000f150 cmp r1, r5 |
| if (r1 == r5) {
0x0000f154 bne 0xf194 |
0x0000f158 ldr r3, [pc, 0x19c] |
0x0000f15c ldr r2, [pc, 0x19c] | r2 = *(0xf2fc);
0x0000f160 add r3, pc, r3 | r3 = pc + r3;
0x0000f164 add r3, r3, 0x200 | r3 = 0xf4f8;
0x0000f168 add r3, r3, 3 | r3 += 3;
0x0000f16c str r3, [sp, 4] | var_4h = r3;
0x0000f170 ldr r3, [pc, 0x18c] | r3 = *(0xf300);
0x0000f174 ldr r1, [pc, 0x18c] | r1 = *(0xf304);
0x0000f178 add r3, pc, r3 | r3 = pc + r3;
0x0000f17c str r3, [sp] | *(sp) = r3;
0x0000f180 add r2, pc, r2 | r2 = pc + r2;
0x0000f184 ldr r3, [pc, 0x180] | r3 = *(0xf308);
0x0000f188 add r1, pc, r1 | r1 = pc + r1;
0x0000f18c ldr r0, [pc, 0x17c] | r0 = *(0xf30c);
0x0000f190 bl 0xb578 | fcn_0000b578 ();
| }
0x0000f194 cmp r2, r5 |
| if (r2 != r5) {
0x0000f198 streq r6, [r6, 8] | *((r6 + 8)) = r6;
| }
0x0000f19c mov sl, r5 | sl = r5;
0x0000f1a0 ldr r5, [r5] | r5 = *(r5);
0x0000f1a4 add r4, r4, r3 | r4 += r3;
0x0000f1a8 sub sb, sb, r3 | sb -= r3;
| label_10:
0x0000f1ac ldr r3, [r5, 0x10] | r3 = *((r5 + 0x10));
0x0000f1b0 cmp sb, r3 |
0x0000f1b4 bhs 0xf148 |
| } while (sb >= r3);
0x0000f1b8 cmp r4, 0 |
| if (r4 != 0) {
0x0000f1bc beq 0xf20c |
0x0000f1c0 ldr r0, [r7, 8] | r0 = *((r7 + 8));
0x0000f1c4 bl 0xe55c | fcn_0000e55c (r0);
0x0000f1c8 ldr r3, [r7] | r3 = *(r7);
0x0000f1cc cmp r3, 0 |
0x0000f1d0 ldr r3, [r6] | r3 = *(r6);
| if (r3 != 0) {
0x0000f1d4 streq r3, [r7] | *(r7) = r3;
| }
| if (r3 == 0) {
0x0000f1d8 strne r3, [r0] | *(r0) = r3;
| }
0x0000f1dc mov r3, 0 | r3 = 0;
0x0000f1e0 str sl, [r7, 4] | *((r7 + 4)) = sl;
0x0000f1e4 mov r0, r7 | r0 = r7;
0x0000f1e8 str r3, [sl] | *(sl) = r3;
0x0000f1ec str r5, [r6] | *(r6) = r5;
0x0000f1f0 bl 0xc164 | fcn_0000c164 (r0);
0x0000f1f4 ldr r3, [r7, 0xc] | r3 = *((r7 + 0xc));
0x0000f1f8 add r3, r3, r4 | r3 += r4;
0x0000f1fc str r3, [r7, 0xc] | *((r7 + 0xc)) = r3;
0x0000f200 ldr r3, [r7, 0x10] | r3 = *((r7 + 0x10));
0x0000f204 add r3, r3, r4 | r3 += r4;
0x0000f208 str r3, [r7, 0x10] | *((r7 + 0x10)) = r3;
| }
0x0000f20c ldr r3, [r5, 8] | r3 = *((r5 + 8));
0x0000f210 ldr r1, [r5, 0x1c] | r1 = *((r5 + 0x1c));
0x0000f214 mov r2, sb | r2 = sb;
0x0000f218 add r1, r1, r3 | r1 += r3;
0x0000f21c mov r0, r7 | r0 = r7;
0x0000f220 bl 0xa93c | fcn_0000a93c ();
0x0000f224 ldrd r2, r3, [r5, 8] | __asm ("ldrd r2, r3, [r5, 8]");
0x0000f228 add r4, sb, r4 | r4 = sb + r4;
0x0000f22c adds r0, r2, sb | r0 = r2 + sb;
0x0000f230 adc r1, r3, 0 | __asm ("adc r1, r3, 0");
0x0000f234 ldr r3, [r5, 0x10] | r3 = *((r5 + 0x10));
0x0000f238 strd r0, r1, [r5, 8] | __asm ("strd r0, r1, [r5, 8]");
0x0000f23c sub r3, r3, sb | r3 -= sb;
0x0000f240 str r3, [r5, 0x10] | *((r5 + 0x10)) = r3;
0x0000f244 ldr r3, [r6, 0xc] | r3 = *((r6 + 0xc));
0x0000f248 cmp r4, 0 |
0x0000f24c sub r3, r3, r4 | r3 -= r4;
0x0000f250 str r3, [r6, 0xc] | *((r6 + 0xc)) = r3;
0x0000f254 ldr r3, [r6, 0x14] | r3 = *((r6 + 0x14));
0x0000f258 add r3, r3, r4 | r3 += r4;
0x0000f25c str r3, [r6, 0x14] | *((r6 + 0x14)) = r3;
| if (r4 == 0) {
0x0000f260 beq 0xf110 | goto label_0;
| }
0x0000f264 mov r0, r7 | r0 = r7;
0x0000f268 bl 0xa714 | fcn_0000a714 ();
0x0000f26c mov r0, r6 | r0 = r6;
0x0000f270 bl 0xa714 | fcn_0000a714 ();
0x0000f274 b 0xf110 | goto label_0;
| label_8:
0x0000f278 mov r4, 0 | r4 = 0;
0x0000f27c b 0xf110 | goto label_0;
| label_9:
0x0000f280 mvn r4, 0 | r4 = ~0;
0x0000f284 b 0xf110 | goto label_0;
| label_11:
0x0000f288 cmp r5, r1 |
| if (r5 == r1) {
0x0000f28c beq 0xf29c | goto label_14;
| }
0x0000f290 cmp r1, 0 |
| if (r1 != 0) {
0x0000f294 bne 0xf130 | goto label_1;
| }
| label_13:
0x0000f298 mov r1, r5 | r1 = r5;
| label_14:
0x0000f29c cmp r1, 0 |
| if (r1 != 0) {
0x0000f2a0 beq 0xf2b8 |
| label_4:
0x0000f2a4 ldr r3, [pc, 0x4c] |
0x0000f2a8 mov r0, 0 | r0 = 0;
0x0000f2ac ldr r3, [r8, r3] | r3 = *((r8 + r3));
0x0000f2b0 ldr r3, [r3, 0x14] | r3 = *(0xf308);
0x0000f2b4 blx r3 | uint32_t (*r3)(uint32_t, uint32_t) (r0, r3);
| }
0x0000f2b8 mov r0, r4 | r0 = r4;
0x0000f2bc add sp, sp, 8 |
0x0000f2c0 pop {r4, r5, r6, r7, r8, sb, sl, pc} |
| label_6:
0x0000f2c4 cmp r4, 0 |
| if (r4 == 0) {
0x0000f2c8 movne r3, r5 | r3 = r5;
| }
| if (r4 == 0) {
0x0000f2cc movne r5, r4 | r5 = r4;
| }
| if (r4 != 0) {
0x0000f2d0 movne r4, r3 | r4 = r3;
| goto label_15;
| }
| if (r4 != 0) {
| label_15:
0x0000f2d4 bne 0xf078 | goto label_2;
| }
0x0000f2d8 b 0xf0b0 | goto label_3;
| label_12:
0x0000f2dc cmp r5, 0 |
| if (r5 == 0) {
0x0000f2e0 movne r3, r5 | r3 = r5;
| }
| if (r5 == 0) {
0x0000f2e4 movne r5, r1 | r5 = r1;
| }
| if (r5 != 0) {
0x0000f2e8 movne r1, r3 | r1 = r3;
| goto label_16;
| }
| if (r5 != 0) {
| label_16:
0x0000f2ec bne 0xf130 | goto label_1;
| }
0x0000f2f0 b 0xf2a4 | goto label_4;
| }
[*] Function strcpy used 1 times libevent-2.1.so.6.0.2