[*] Binary protection state of connmand
Partial RELRO No Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function mmap tear down of connmand
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/connmand @ 0x3cb70 */
| #include <stdint.h>
|
; (fcn) fcn.0003cb70 () | void fcn_0003cb70 (int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_8h;
| int32_t var_8h_2;
| int32_t var_10h;
| size_t length;
| int32_t var_40h_2;
| int32_t var_7ch;
| r0 = arg1;
| r1 = arg2;
0x0003cb70 push {r4, r5, r6, r7, lr} |
0x0003cb74 mov r7, r0 | r7 = r0;
0x0003cb78 sub sp, sp, 0x7c |
0x0003cb7c mov r4, r1 | r4 = r1;
0x0003cb80 mov r0, r2 | r0 = r2;
0x0003cb84 mov r1, 0x80000 | r1 = 0x80000;
0x0003cb88 bl 0x1ba2c | r0 = open64 ();
0x0003cb8c subs r5, r0, 0 | r5 = r0 - 0;
| if (r5 < r0) {
0x0003cb90 blt 0x3cbac | goto label_1;
| }
0x0003cb94 add r1, sp, 0x10 | r1 += var_10h;
0x0003cb98 bl 0x1b918 | r0 = fstat64 ();
0x0003cb9c cmp r0, 0 |
0x0003cba0 bge 0x3cbb4 |
| while (r1 != r3) {
| label_0:
0x0003cba4 mov r0, r5 | r0 = r5;
0x0003cba8 bl 0x1b66c | close (r0);
| label_1:
0x0003cbac mvn r4, 0 | r4 = ~0;
0x0003cbb0 b 0x3cc24 | goto label_2;
0x0003cbb4 ldrd r0, r1, [r4] | __asm ("ldrd r0, r1, [r4]");
0x0003cbb8 ldrd r2, r3, [sp, 0x40] | __asm ("ldrd r2, r3, [length]");
0x0003cbbc cmp r1, r3 |
0x0003cbc0 cmpeq r0, r2 | __asm ("cmpeq r0, r2");
0x0003cbc4 bne 0x3cba4 |
| }
0x0003cbc8 mov r2, 0 | r2 = 0;
0x0003cbcc mov r3, 0 | r3 = 0;
0x0003cbd0 strd r2, r3, [sp, 8] | __asm ("strd r2, r3, [var_8h]");
0x0003cbd4 mov r3, 1 | r3 = 1;
0x0003cbd8 mov r2, r3 | r2 = r3;
0x0003cbdc mov r1, r0 | r1 = r0;
0x0003cbe0 str r5, [sp] | *(sp) = r5;
0x0003cbe4 mov r0, 0 | r0 = 0;
0x0003cbe8 bl 0x1c08c | r0 = mmap64 ()
0x0003cbec sub r3, r0, 1 | r3 = r0 - 1;
0x0003cbf0 cmn r3, 3 |
0x0003cbf4 mov r6, r0 | r6 = r0;
| if (r3 > 3) {
0x0003cbf8 bhi 0x3cba4 | goto label_0;
| }
0x0003cbfc ldr r2, [r4] | r2 = *(r4);
0x0003cc00 mov r1, r0 | r1 = r0;
0x0003cc04 mov r0, r7 | r0 = r7;
0x0003cc08 bl 0x1c2cc | memcmp (r0, r1, r2);
0x0003cc0c ldr r1, [sp, 0x40] | r1 = length;
0x0003cc10 mov r4, r0 | r4 = r0;
0x0003cc14 mov r0, r6 | r0 = r6;
0x0003cc18 bl 0x1b4b0 | munmap (r0, r1);
0x0003cc1c mov r0, r5 | r0 = r5;
0x0003cc20 bl 0x1b66c | close (r0);
| label_2:
0x0003cc24 mov r0, r4 | r0 = r4;
0x0003cc28 add sp, sp, 0x7c |
0x0003cc2c pop {r4, r5, r6, r7, pc} |
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/connmand @ 0x3cf78 */
| #include <stdint.h>
|
; (fcn) fcn.0003cf78 () | void fcn_0003cf78 () {
| int32_t var_0h;
| int32_t var_8h;
| int32_t var_8h_2;
| int32_t var_10h;
| int32_t var_20h;
| size_t var_40h;
| char * s;
| size_t length;
| int32_t var_a8h_2;
| int32_t var_1040h;
| int32_t var_3ch;
0x0003cf78 push {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x0003cf7c ldr r0, [pc, 0x2d8] | r0 = *(0x3d258);
0x0003cf80 sub sp, sp, 0x1040 |
0x0003cf84 sub sp, sp, 0x3c |
0x0003cf88 mov r1, 0x80000 | r1 = 0x80000;
0x0003cf8c bl 0x1ba2c | r0 = open64 ();
0x0003cf90 subs sl, r0, 0 | sl = r0 - 0;
| if (sl < r0) {
0x0003cf94 blt 0x3cfb0 | goto label_5;
| }
0x0003cf98 add r1, sp, 0x78 | r1 += s;
0x0003cf9c bl 0x1b918 | r0 = fstat64 ();
0x0003cfa0 cmp r0, 0 |
0x0003cfa4 bge 0x3cfb8 |
| while (r3 > 3) {
0x0003cfa8 mov r0, sl | r0 = sl;
0x0003cfac bl 0x1b66c | close (r0);
| label_5:
0x0003cfb0 mov r4, 0 | r4 = 0;
0x0003cfb4 b 0x3d028 | goto label_6;
0x0003cfb8 mov r2, 0 | r2 = 0;
0x0003cfbc mov r3, 0 | r3 = 0;
0x0003cfc0 strd r2, r3, [sp, 8] | __asm ("strd r2, r3, [var_8h]");
0x0003cfc4 ldr r1, [sp, 0xa8] | r1 = length;
0x0003cfc8 mov r3, 1 | r3 = 1;
0x0003cfcc mov r2, r3 | r2 = r3;
0x0003cfd0 str sl, [sp] | *(sp) = sl;
0x0003cfd4 mov r0, 0 | r0 = 0;
0x0003cfd8 bl 0x1c08c | r0 = mmap64 ()
0x0003cfdc sub r3, r0, 1 | r3 = r0 - 1;
0x0003cfe0 cmn r3, 3 |
0x0003cfe4 mov r5, r0 | r5 = r0;
0x0003cfe8 bhi 0x3cfa8 |
| }
0x0003cfec ldrd r6, r7, [sp, 0xa8] | __asm ("ldrd r6, r7, [length]");
0x0003cff0 ldr fp, [pc, 0x268] | fp = "ZONE";
0x0003cff4 mov r8, r6 | r8 = r6;
0x0003cff8 mov sb, r7 | sb = r7;
0x0003cffc mov r4, r0 | r4 = r0;
| label_2:
0x0003d000 cmp r8, 6 |
0x0003d004 sbcs r3, sb, 0 | __asm ("sbcs r3, sb, 0");
| if (r8 >= 6) {
0x0003d008 bge 0x3d080 | goto label_7;
| }
0x0003d00c cmp r4, 0 |
0x0003d010 bne 0x3d0a4 |
| while (r4 == r0) {
| label_0:
0x0003d014 ldr r1, [sp, 0xa8] | r1 = length;
0x0003d018 mov r0, r5 | r0 = r5;
0x0003d01c bl 0x1b4b0 | munmap (r0, r1);
0x0003d020 mov r0, sl | r0 = sl;
0x0003d024 bl 0x1b66c | close (r0);
| label_6:
0x0003d028 ldr r3, [pc, 0x234] | r3 = "ZONE";
0x0003d02c ldr r2, [r3, 0x28] | r2 = *(0x3d288);
0x0003d030 mov r6, r3 | r6 = r3;
0x0003d034 tst r2, 1 |
| if ((r2 & 1) != 0) {
0x0003d038 beq 0x3d050 |
0x0003d03c mov r3, r4 | r3 = r4;
0x0003d040 ldr r2, [pc, 0x220] | r2 = *(0x3d264);
0x0003d044 ldr r1, [pc, 0x220] | r1 = "__connman_timezone_lookup";
0x0003d048 ldr r0, [pc, 0x220] | r0 = "src_timezone.c";
0x0003d04c bl 0x2acc4 | connman_debug ();
| }
0x0003d050 mov r1, 0x80000 | r1 = 0x80000;
0x0003d054 ldr r0, [pc, 0x218] | r0 = "%s:%s() sysconfig zone %s";
0x0003d058 bl 0x1ba2c | r0 = open64 ();
0x0003d05c subs r7, r0, 0 | r7 = r0 - 0;
| if (r7 >= r0) {
0x0003d060 bge 0x3d16c | goto label_8;
| }
0x0003d064 mov r0, r4 | r0 = r4;
0x0003d068 bl 0x1b60c | g_free ();
0x0003d06c mov r4, 0 | r4 = 0;
| label_4:
0x0003d070 mov r0, r4 | r0 = r4;
0x0003d074 add sp, sp, 0x1040 |
0x0003d078 add sp, sp, 0x3c |
0x0003d07c pop {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| label_7:
0x0003d080 mov r2, 4 | r2 = 4;
0x0003d084 mov r1, fp | r1 = fp;
0x0003d088 mov r0, r4 | r0 = r4;
0x0003d08c bl 0x1b6e4 | r0 = strncmp (r0, r1, r2);
0x0003d090 cmp r0, 0 |
| if (r0 != 0) {
0x0003d094 bne 0x3d138 | goto label_9;
| }
0x0003d098 cmp r5, r4 |
| if (r5 != r4) {
0x0003d09c bne 0x3d120 | goto label_10;
| }
0x0003d0a0 mov r4, r5 | r4 = r5;
| label_1:
0x0003d0a4 sub r3, r4, r5 | r3 = r4 - r5;
0x0003d0a8 subs r0, r6, r3 | r0 = r6 - r3;
0x0003d0ac mov r6, r0 | r6 = r0;
0x0003d0b0 mov r2, r0 | r2 = r0;
0x0003d0b4 mov r1, 0xa | r1 = 0xa;
0x0003d0b8 mov r0, r4 | r0 = r4;
0x0003d0bc bl 0x1c14c | memchr (r0, r1, r2);
0x0003d0c0 mov r1, 0x22 | r1 = 0x22;
0x0003d0c4 subs sb, r0, 0 | sb = r0 - 0;
| if (sb == r0) {
0x0003d0c8 subne r6, sb, r4 | r6 = sb - r4;
| }
| if (sb == r0) {
0x0003d0cc movne r2, r6 | r2 = r6;
| }
| if (sb == r0) {
0x0003d0d0 movne r6, r2 | r6 = r2;
| }
0x0003d0d4 mov r2, r6 | r2 = r6;
0x0003d0d8 mov r0, r4 | r0 = r4;
0x0003d0dc bl 0x1c14c | r0 = memchr (r0, r1, r2);
0x0003d0e0 subs r8, r0, 0 | r8 = r0 - 0;
| if (r8 == r0) {
0x0003d0e4 beq 0x3d160 | goto label_11;
| }
0x0003d0e8 add r6, r8, 1 | r6 = r8 + 1;
0x0003d0ec sub r2, sb, r8 | r2 = sb - r8;
0x0003d0f0 mov r1, 0x22 | r1 = 0x22;
0x0003d0f4 sub r2, r2, 1 | r2--;
0x0003d0f8 mov r0, r6 | r0 = r6;
0x0003d0fc bl 0x1c14c | r0 = memchr (r0, r1, r2);
0x0003d100 subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 == r0) {
0x0003d104 subne r1, r4, r8 | r1 = r4 - r8;
| }
| if (r4 == r0) {
0x0003d108 subne r1, r1, 1 | r1--;
| }
| if (r4 == r0) {
0x0003d10c movne r0, r6 | r0 = r6;
| }
0x0003d110 beq 0x3d014 |
| }
| label_3:
0x0003d114 bl 0x1c6a4 | r0 = g_strndup ();
0x0003d118 mov r4, r0 | r4 = r0;
0x0003d11c b 0x3d014 | goto label_0;
| label_10:
0x0003d120 ldrb r3, [r4, -1] | r3 = *((r4 - 1));
0x0003d124 cmp r3, 0xa |
| if (r3 != 0xa) {
0x0003d128 bne 0x3d138 | goto label_9;
| }
0x0003d12c ldrb r3, [r4, 4] | r3 = *((r4 + 4));
0x0003d130 cmp r3, 0x3d |
| if (r3 == 0x3d) {
0x0003d134 beq 0x3d0a4 | goto label_1;
| }
| label_9:
0x0003d138 add r0, r4, 1 | r0 = r4 + 1;
0x0003d13c sub r2, r8, 1 | r2 = r8 - 1;
0x0003d140 mov r1, 0x5a | r1 = 0x5a;
0x0003d144 bl 0x1c14c | r0 = memchr (r0, r1, r2);
0x0003d148 subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 == r0) {
0x0003d14c beq 0x3d014 | goto label_0;
| }
0x0003d150 sub r3, r4, r5 | r3 = r4 - r5;
0x0003d154 subs r8, r6, r3 | r8 = r6 - r3;
0x0003d158 sbc sb, r7, r3, asr 31 | __asm ("sbc sb, r7, r3, asr 31");
0x0003d15c b 0x3d000 | goto label_2;
| label_11:
0x0003d160 sub r1, r6, 5 | r1 = r6 - 5;
0x0003d164 add r0, r4, 5 | r0 = r4 + 5;
0x0003d168 b 0x3d114 | goto label_3;
| label_8:
0x0003d16c add r1, sp, 0x10 | r1 += var_10h;
0x0003d170 bl 0x1b918 | r0 = fstat64 ();
0x0003d174 cmp r0, 0 |
| if (r0 >= 0) {
0x0003d178 blt 0x3d230 |
0x0003d17c ldr r3, [sp, 0x20] | r3 = var_20h;
0x0003d180 and r3, r3, 0xf000 | r3 &= 0xf000;
0x0003d184 cmp r3, 0x8000 |
| if (r3 == 0x8000) {
0x0003d188 bne 0x3d1c0 |
0x0003d18c mov r2, 0 | r2 = 0;
0x0003d190 mov r3, 0 | r3 = 0;
0x0003d194 strd r2, r3, [sp, 8] | __asm ("strd r2, r3, [var_8h]");
0x0003d198 ldr r1, [sp, 0x40] | r1 = var_40h;
0x0003d19c mov r3, 1 | r3 = 1;
0x0003d1a0 mov r2, r3 | r2 = r3;
0x0003d1a4 str r7, [sp] | *(sp) = r7;
0x0003d1a8 mov r0, 0 | r0 = 0;
0x0003d1ac bl 0x1c08c | r0 = mmap64 ()
0x0003d1b0 sub r3, r0, 1 | r3 = r0 - 1;
0x0003d1b4 cmn r3, 3 |
0x0003d1b8 mov r5, r0 | r5 = r0;
| if (r3 < 3) {
0x0003d1bc bls 0x3d1d0 | goto label_12;
| }
| }
0x0003d1c0 mov r0, r4 | r0 = r4;
0x0003d1c4 bl 0x1b60c | g_free ();
0x0003d1c8 mov r4, 0 | r4 = 0;
0x0003d1cc b 0x3d230 | goto label_13;
| label_12:
0x0003d1d0 cmp r4, 0 |
| if (r4 != 0) {
0x0003d1d4 beq 0x3d210 |
0x0003d1d8 ldr r3, [pc, 0x98] | r3 = "/etc/localtime";
0x0003d1dc ldr r2, [pc, 0x98] | r2 = "_usr_share_zoneinfo";
0x0003d1e0 mov r1, 0x1000 | r1 = 0x1000;
0x0003d1e4 str r4, [sp] | *(sp) = r4;
0x0003d1e8 add r0, sp, 0x78 | r0 += s;
0x0003d1ec bl 0x1c074 | snprintf (r0, r1, "_usr_share_zoneinfo", r3);
0x0003d1f0 add r2, sp, 0x78 | r2 += s;
0x0003d1f4 add r1, sp, 0x40 | r1 += var_40h;
0x0003d1f8 mov r0, r5 | r0 = r5;
0x0003d1fc bl 0x3cb70 | r0 = fcn_0003cb70 (r0, r1);
0x0003d200 cmp r0, 0 |
| if (r0 == 0) {
0x0003d204 beq 0x3d224 | goto label_14;
| }
0x0003d208 mov r0, r4 | r0 = r4;
0x0003d20c bl 0x1b60c | g_free ();
| }
0x0003d210 mov r2, 0 | r2 = 0;
0x0003d214 add r1, sp, 0x10 | r1 += var_10h;
0x0003d218 mov r0, r5 | r0 = r5;
0x0003d21c bl 0x3cd74 | r0 = fcn_0003cd74 (r0, r1);
0x0003d220 mov r4, r0 | r4 = r0;
| label_14:
0x0003d224 ldr r1, [sp, 0x40] | r1 = var_40h;
0x0003d228 mov r0, r5 | r0 = r5;
0x0003d22c bl 0x1b4b0 | munmap (r0, r1);
| }
| label_13:
0x0003d230 mov r0, r7 | r0 = r7;
0x0003d234 bl 0x1b66c | close (r0);
0x0003d238 ldr r3, [r6, 0x38] | r3 = *((r6 + 0x38));
0x0003d23c tst r3, 1 |
| if ((r3 & 1) == 0) {
0x0003d240 beq 0x3d070 | goto label_4;
| }
0x0003d244 mov r3, r4 | r3 = r4;
0x0003d248 ldr r2, [pc, 0x18] | r2 = *(0x3d264);
0x0003d24c ldr r1, [pc, 0x18] | r1 = "__connman_timezone_lookup";
0x0003d250 ldr r0, [pc, 0x28] | r0 = *(0x3d27c);
0x0003d254 bl 0x2acc4 | connman_debug ();
0x0003d258 b 0x3d070 | goto label_4;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/sbin/connmand @ 0x3d284 */
| #include <stdint.h>
|
; (fcn) fcn.0003d284 () | void fcn_0003d284 (int32_t arg1) {
| int32_t var_0h;
| int32_t var_8h;
| int32_t var_8h_2;
| int32_t var_10h;
| size_t length;
| int32_t var_78h;
| int32_t var_88h;
| char * fildes;
| int32_t var_10c0h;
| int32_t var_24h;
| r0 = arg1;
0x0003d284 ldr r3, [pc, 0x168] | r3 = *(0x3d3f0);
0x0003d288 push {r4, r5, r6, r7, lr} |
0x0003d28c ldr r2, [r3, 0x48] | r2 = *(0x3d438);
0x0003d290 sub sp, sp, 0x10c0 |
0x0003d294 tst r2, 1 |
0x0003d298 sub sp, sp, 0x24 |
0x0003d29c mov r5, r0 | r5 = r0;
0x0003d2a0 mov r4, r3 | r4 = r3;
| if ((r2 & 1) != 0) {
0x0003d2a4 beq 0x3d2bc |
0x0003d2a8 mov r3, r0 | r3 = r0;
0x0003d2ac ldr r2, [pc, 0x144] | r2 = *(0x3d3f4);
0x0003d2b0 ldr r1, [pc, 0x144] | r1 = "__connman_timezone_change";
0x0003d2b4 ldr r0, [pc, 0x144] | r0 = "src_timezone.c";
0x0003d2b8 bl 0x2acc4 | connman_debug ();
| }
0x0003d2bc str r5, [sp] | *(sp) = r5;
0x0003d2c0 ldr r3, [pc, 0x13c] | r3 = "_s:_s___zone__s";
0x0003d2c4 ldr r2, [pc, 0x13c] | r2 = "_usr_share_zoneinfo";
0x0003d2c8 mov r1, 0x1000 | r1 = 0x1000;
0x0003d2cc add r0, sp, 0xe0 | r0 += fildes;
0x0003d2d0 bl 0x1c074 | snprintf (r0, r1, "_usr_share_zoneinfo", "_s:_s___zone__s");
0x0003d2d4 mov r1, 0x80000 | r1 = 0x80000;
0x0003d2d8 add r0, sp, 0xe0 | r0 += fildes;
0x0003d2dc bl 0x1ba2c | open64 ();
0x0003d2e0 subs r5, r0, 0 | r5 -= fildes;
| if (r5 >= fildes) {
0x0003d2e4 mvnlt r4, 0x15 | r4 = ~0x15;
| }
| if (r5 < fildes) {
0x0003d2e8 blt 0x3d308 | goto label_0;
| }
0x0003d2ec add r1, sp, 0x10 | r1 += var_10h;
0x0003d2f0 bl 0x1b918 | r0 = fstat64 ();
0x0003d2f4 cmp r0, 0 |
0x0003d2f8 bge 0x3d318 |
| while (r3 > 3) {
0x0003d2fc mov r0, r5 | r0 = r5;
0x0003d300 bl 0x1b66c | close (r0);
0x0003d304 mvn r4, 4 | r4 = ~4;
| label_0:
0x0003d308 mov r0, r4 | r0 = r4;
0x0003d30c add sp, sp, 0x10c0 |
0x0003d310 add sp, sp, 0x24 |
0x0003d314 pop {r4, r5, r6, r7, pc} |
0x0003d318 mov r2, 0 | r2 = 0;
0x0003d31c mov r3, 0 | r3 = 0;
0x0003d320 strd r2, r3, [sp, 8] | __asm ("strd r2, r3, [var_8h]");
0x0003d324 ldr r1, [sp, 0x40] | r1 = length;
0x0003d328 mov r3, 1 | r3 = 1;
0x0003d32c mov r2, r3 | r2 = r3;
0x0003d330 str r5, [sp] | *(sp) = r5;
0x0003d334 mov r0, 0 | r0 = 0;
0x0003d338 bl 0x1c08c | r0 = mmap64 ()
0x0003d33c sub r3, r0, 1 | r3 = r0 - 1;
0x0003d340 cmn r3, 3 |
0x0003d344 mov r6, r0 | r6 = r0;
0x0003d348 bhi 0x3d2fc |
| }
0x0003d34c ldr r3, [r4, 0x58] | r3 = *((r4 + 0x58));
0x0003d350 tst r3, 1 |
| if ((r3 & 1) != 0) {
0x0003d354 beq 0x3d36c |
0x0003d358 ldr r3, [pc, 0xac] | r3 = *(0x3d408);
0x0003d35c ldr r2, [pc, 0xac] | r2 = "/etc/localtime";
0x0003d360 ldr r1, [pc, 0x94] | r1 = "__connman_timezone_change";
0x0003d364 ldr r0, [pc, 0xa8] | r0 = "write_file";
0x0003d368 bl 0x2acc4 | connman_debug ();
| }
0x0003d36c add r1, sp, 0x78 | r1 += var_78h;
0x0003d370 ldr r0, [pc, 0x94] | r0 = *(0x3d408);
0x0003d374 bl 0x1be40 | r0 = lstat64 ();
0x0003d378 cmp r0, 0 |
| if (r0 == 0) {
0x0003d37c bne 0x3d398 |
0x0003d380 ldr r3, [sp, 0x88] | r3 = var_88h;
0x0003d384 and r3, r3, 0xf000 | r3 &= 0xf000;
0x0003d388 cmp r3, 0xa000 |
| if (r3 != 0xa000) {
0x0003d38c bne 0x3d398 | goto label_2;
| }
0x0003d390 ldr r0, [pc, 0x74] | r0 = *(0x3d408);
0x0003d394 bl 0x1b834 | unlink (r0);
| }
| label_2:
0x0003d398 mov r2, 0x1a4 | r2 = 0x1a4;
0x0003d39c ldr r1, [pc, 0x74] | r1 = "_s:_s___pathname__s";
0x0003d3a0 ldr r0, [pc, 0x64] | r0 = *(0x3d408);
0x0003d3a4 bl 0x1ba2c | r0 = open64 ();
0x0003d3a8 subs r7, r0, 0 | r7 = r0 - 0;
0x0003d3ac bge 0x3d3cc |
| while (r4 < 0) {
0x0003d3b0 mvn r4, 4 | r4 = ~4;
| label_1:
0x0003d3b4 ldr r1, [sp, 0x40] | r1 = length;
0x0003d3b8 mov r0, r6 | r0 = r6;
0x0003d3bc bl 0x1b4b0 | munmap (r0, r1);
0x0003d3c0 mov r0, r5 | r0 = r5;
0x0003d3c4 bl 0x1b66c | close (r0);
0x0003d3c8 b 0x3d308 | goto label_0;
0x0003d3cc ldr r2, [sp, 0x40] | r2 = length;
0x0003d3d0 mov r1, r6 | r1 = r6;
0x0003d3d4 bl 0x1c170 | r0 = write (r0, r1, r2);
0x0003d3d8 mov r4, r0 | r4 = r0;
0x0003d3dc mov r0, r7 | r0 = r7;
0x0003d3e0 bl 0x1b66c | close (r0);
0x0003d3e4 cmp r4, 0 |
0x0003d3e8 blt 0x3d3b0 |
| }
0x0003d3ec mov r4, 0 | r4 = 0;
0x0003d3f0 b 0x3d3b4 | goto label_1;
| }
[*] Function mmap used 5 times connmand
