[*] Binary protection state of libxt_set.so
Partial RELRO No Canary found NX disabled DSO No RPATH No RUNPATH No Symbols
[*] Function printf tear down of libxt_set.so
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/lib/xtables/libxt_set.so @ 0xba4 */
| #include <stdint.h>
|
; (fcn) fcn.00000ba4 () | void fcn_00000ba4 (int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_0h_2;
| int32_t var_ch;
| r0 = arg1;
| r1 = arg2;
0x00000ba4 push {r0, r1, r2, r4, r5, lr} |
0x00000ba8 mov r3, r1 | r3 = r1;
0x00000bac mov r1, r2 | r1 = r2;
0x00000bb0 ldrb r2, [r0] | r2 = *(r0);
0x00000bb4 sub r2, r2, 1 | r2--;
0x00000bb8 cmp r2, 3 |
| if (r2 > 3) {
| /* switch table (4 cases) at 0xbc4 */
0x00000bbc addls pc, pc, r2, lsl 2 | pc += (r2 << 2);
| }
0x00000bc0 b 0xbec | goto label_1;
0x00000bc4 b 0xbd4 | goto label_2;
0x00000bc8 b 0xbf4 | goto label_3;
0x00000bcc b 0xc0c | goto label_4;
0x00000bd0 b 0xc24 | goto label_5;
| label_2:
0x00000bd4 ldrd r4, r5, [r0, 8] | __asm ("ldrd r4, r5, [r0, 8]");
0x00000bd8 ldr r0, [pc, 0x5c] | r0 = *(0xc38);
0x00000bdc mov r2, r3 | r2 = r3;
0x00000be0 add r0, pc, r0 | r0 = pc + r0;
0x00000be4 strd r4, r5, [sp] | __asm ("strd r4, r5, [sp]");
| do {
| label_0:
0x00000be8 bl 0x85c | printf (r0, r1, r2, r3, r4)
| label_1:
0x00000bec add sp, sp, 0xc |
0x00000bf0 pop {r4, r5, pc} |
| label_3:
0x00000bf4 ldrd r4, r5, [r0, 8] | __asm ("ldrd r4, r5, [r0, 8]");
0x00000bf8 ldr r0, [pc, 0x40] | r0 = *(0xc3c);
0x00000bfc strd r4, r5, [sp] | __asm ("strd r4, r5, [sp]");
0x00000c00 mov r2, r3 | r2 = r3;
0x00000c04 add r0, pc, r0 | r0 = pc + r0;
0x00000c08 b 0xbe8 |
| } while (1);
| label_4:
0x00000c0c ldrd r4, r5, [r0, 8] | __asm ("ldrd r4, r5, [r0, 8]");
0x00000c10 ldr r0, [pc, 0x2c] | r0 = *(0xc40);
0x00000c14 strd r4, r5, [sp] | __asm ("strd r4, r5, [sp]");
0x00000c18 mov r2, r3 | r2 = r3;
0x00000c1c add r0, pc, r0 | r0 = pc + r0;
0x00000c20 b 0xbe8 | goto label_0;
| label_5:
0x00000c24 ldrd r4, r5, [r0, 8] | __asm ("ldrd r4, r5, [r0, 8]");
0x00000c28 ldr r0, [pc, 0x18] | r0 = *(0xc44);
0x00000c2c strd r4, r5, [sp] | __asm ("strd r4, r5, [sp]");
0x00000c30 mov r2, r3 | r2 = r3;
0x00000c34 add r0, pc, r0 | r0 = pc + r0;
0x00000c38 b 0xbe8 | goto label_0;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/lib/xtables/libxt_set.so @ 0xe6c */
| #include <stdint.h>
|
; (fcn) fcn.00000e6c () | void fcn_00000e6c (int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_20h;
| r0 = arg1;
| r1 = arg2;
0x00000e6c push {r4, r5, r6, r7, r8, lr} |
0x00000e70 sub sp, sp, 0x20 |
0x00000e74 mov r4, sp | r4 = sp;
0x00000e78 mov r5, r1 | r5 = r1;
0x00000e7c mov r6, r0 | r6 = r0;
0x00000e80 ldrh r1, [r1] | r1 = *(r1);
0x00000e84 mov r0, r4 | r0 = r4;
0x00000e88 bl 0xd54 | fcn_00000d54 (r0, r1);
0x00000e8c ldrb r3, [r5, 3] | r3 = *((r5 + 3));
0x00000e90 tst r3, 1 |
| if ((r3 & 1) != 0) {
0x00000e94 bne 0xee4 | goto label_1;
| }
0x00000e98 ldr r1, [pc, 0x88] | r1 = *(0xf24);
0x00000e9c add r1, pc, r1 | r1 = pc + r1;
| do {
0x00000ea0 ldr r0, [pc, 0x84] | r0 = *(0xf28);
0x00000ea4 mov r3, r4 | r3 = r4;
0x00000ea8 mov r2, r6 | r2 = r6;
0x00000eac add r0, pc, r0 | r0 = pc + r0;
0x00000eb0 bl 0x85c | printf (r0, r1, r2, r3)
0x00000eb4 ldr r6, [pc, 0x74] | r6 = *(0xf2c);
0x00000eb8 ldr r7, [pc, 0x74] | r7 = *(0xf30);
0x00000ebc ldr r8, [pc, 0x74] | r8 = *(0xf34);
0x00000ec0 mov r4, 1 | r4 = 1;
0x00000ec4 add r6, pc, r6 | r6 = pc + r6;
0x00000ec8 add r7, pc, r7 | r7 = pc + r7;
0x00000ecc add r8, pc, r8 | r8 = pc + r8;
| label_0:
0x00000ed0 ldrb r3, [r5, 2] | r3 = *((r5 + 2));
0x00000ed4 cmp r3, r4 |
| if (r3 >= r4) {
0x00000ed8 bge 0xef0 | goto label_2;
| }
0x00000edc add sp, sp, 0x20 |
0x00000ee0 pop {r4, r5, r6, r7, r8, pc} |
| label_1:
0x00000ee4 ldr r1, [pc, 0x50] | r1 = *(0xf38);
0x00000ee8 add r1, pc, r1 | r1 = pc + r1;
0x00000eec b 0xea0 |
| } while (1);
| label_2:
0x00000ef0 ldrb r3, [r5, 3] | r3 = *((r5 + 3));
0x00000ef4 cmp r4, 1 |
0x00000ef8 asr r3, r3, r4 | r3 >>= r4;
| if (r4 != 1) {
0x00000efc moveq r1, r6 | r1 = r6;
| }
| if (r4 == 1) {
0x00000f00 movne r1, r7 | r1 = r7;
| }
0x00000f04 tst r3, 1 |
| if ((r3 & 1) == 0) {
0x00000f08 movne r2, r8 | r2 = r8;
| }
| if ((r3 & 1) != 0) {
0x00000f0c ldreq r2, [pc, 0x2c] | r2 = *((pc + 0x2c));
| }
| if ((r3 & 1) != 0) {
0x00000f10 addeq r2, pc, r2 | r2 = pc + r2;
| }
0x00000f14 ldr r0, [pc, 0x28] | r0 = *(0xf40);
0x00000f18 add r4, r4, 1 | r4++;
0x00000f1c add r0, pc, r0 | r0 = pc + r0;
0x00000f20 bl 0x85c | printf (r0, r1, r2, r3, r4)
0x00000f24 b 0xed0 | goto label_0;
| }
[*] Function printf used 4 times libxt_set.so
