[*] Binary protection state of libwebsockets.so.15
Partial RELRO No Canary found NX disabled DSO No RPATH No RUNPATH Symbols
[*] Function strcpy tear down of libwebsockets.so.15
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/lib/libwebsockets.so.15 @ 0xc4c8 */
| #include <stdint.h>
|
; (fcn) sym.lws_create_vhost () | void lws_create_vhost (int32_t arg1, int32_t arg2) {
| char * dest;
| int32_t var_60h;
| r0 = arg1;
| r1 = arg2;
0x0000c4c8 push {r4, r5, r6, r7, r8, sb, sl, lr} |
0x0000c4cc mov r5, r1 | r5 = r1;
0x0000c4d0 ldr r1, [pc, 0x474] | r1 = *(0xc948);
0x0000c4d4 sub sp, sp, 0x60 |
0x0000c4d8 mov r8, r0 | r8 = r0;
0x0000c4dc add r1, pc, r1 | r1 = pc + r1;
0x0000c4e0 mov r0, 0x220 | r0 = 0x220;
0x0000c4e4 bl 0x78d8 | lws_zalloc ();
0x0000c4e8 ldr r6, [r5, 8] | r6 = *((r5 + 8));
0x0000c4ec subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 == r0) {
0x0000c4f0 bne 0xc504 |
| label_1:
0x0000c4f4 mov r4, 0 | r4 = 0;
| label_9:
0x0000c4f8 mov r0, r4 | r0 = r4;
0x0000c4fc add sp, sp, 0x60 |
0x0000c500 pop {r4, r5, r6, r7, r8, sb, sl, pc} |
| }
0x0000c504 cmp r6, 0 |
| if (r6 == 0) {
0x0000c508 bne 0xc51c |
0x0000c50c ldr r3, [r5, 0x138] | r3 = *((r5 + 0x138));
0x0000c510 cmp r3, 0 |
| if (r3 != 0) {
0x0000c514 ldreq r6, [pc, 0x434] | r6 = *(0x0000c950);
| }
| if (r3 == 0) {
0x0000c518 addeq r6, pc, r6 | r6 = pc + r6;
| goto label_11;
| }
| }
| label_11:
0x0000c51c ldr r3, [r5, 0x64] | r3 = *((r5 + 0x64));
0x0000c520 str r8, [r4, 0x140] | *((r4 + 0x140)) = r8;
0x0000c524 cmp r3, 0 |
| if (r3 != 0) {
0x0000c528 ldreq r3, [pc, 0x424] | r3 = *((pc + 0x424));
| }
| if (r3 != 0) {
0x0000c52c addeq r3, pc, r3 | r3 = pc + r3;
| }
0x0000c530 str r3, [r4, 0x14c] | *((r4 + 0x14c)) = r3;
0x0000c534 ldr r3, [r5, 0x100] | r3 = *((r5 + 0x100));
0x0000c538 cmp r6, 0 |
0x0000c53c str r3, [r4, 0x104] | *((r4 + 0x104)) = r3;
0x0000c540 ldr r3, [r5, 4] | r3 = *((r5 + 4));
| if (r6 != 0) {
0x0000c544 ldreq r1, [r5, 0x138] | r1 = *((r5 + 0x138));
| }
0x0000c548 str r3, [r4, 0x150] | *((r4 + 0x150)) = r3;
0x0000c54c ldr r3, [r5, 0xd4] | r3 = *((r5 + 0xd4));
| if (r6 != 0) {
0x0000c550 streq r6, [r4, 0x1fc] | *((r4 + 0x1fc)) = r6;
| }
0x0000c554 str r3, [r4, 0x168] | *((r4 + 0x168)) = r3;
| if (r6 == 0) {
0x0000c558 beq 0xc590 | goto label_12;
| }
0x0000c55c mov r3, 0 | r3 = 0;
0x0000c560 mov r1, 0x1c | r1 = 0x1c;
0x0000c564 str r3, [r4, 0x1fc] | *((r4 + 0x1fc)) = r3;
| do {
0x0000c568 ldr r3, [r4, 0x1fc] | r3 = *((r4 + 0x1fc));
0x0000c56c mla r2, r1, r3, r6 | __asm ("mla r2, r1, r3, r6");
0x0000c570 ldr r2, [r2, 4] | r2 = *((r2 + 4));
0x0000c574 cmp r2, 0 |
| if (r2 == 0) {
0x0000c578 beq 0xc5a0 | goto label_13;
| }
0x0000c57c add r3, r3, 1 | r3++;
0x0000c580 str r3, [r4, 0x1fc] | *((r4 + 0x1fc)) = r3;
0x0000c584 b 0xc568 |
| } while (1);
| do {
0x0000c588 add r3, r3, 1 | r3++;
0x0000c58c str r3, [r4, 0x1fc] | *((r4 + 0x1fc)) = r3;
| label_12:
0x0000c590 ldr r3, [r4, 0x1fc] | r3 = *((r4 + 0x1fc));
0x0000c594 ldr r2, [r1, r3, lsl 2] | offset_0 = r3 << 2;
| r2 = *((r1 + offset_0));
0x0000c598 cmp r2, 0 |
0x0000c59c bne 0xc588 |
| } while (r2 != 0);
| label_13:
0x0000c5a0 ldr r3, [r5, 0x38] | r3 = *((r5 + 0x38));
0x0000c5a4 ldr r7, [pc, 0x3ac] | r7 = *(0xc954);
0x0000c5a8 str r3, [r4, 0x1f8] | *((r4 + 0x1f8)) = r3;
0x0000c5ac ldr r3, [r5, 0x6c] | r3 = *((r5 + 0x6c));
0x0000c5b0 add r7, pc, r7 | r7 = pc + r7;
0x0000c5b4 str r3, [r4, 0x174] | *((r4 + 0x174)) = r3;
0x0000c5b8 ldr r3, [r5, 0x94] | r3 = *((r5 + 0x94));
0x0000c5bc sub r7, r7, 4 | r7 -= 4;
0x0000c5c0 str r3, [r4, 0x178] | *((r4 + 0x178)) = r3;
0x0000c5c4 ldr r3, [r5, 0x3c] | r3 = *((r5 + 0x3c));
0x0000c5c8 str r3, [r4, 0x1f0] | *((r4 + 0x1f0)) = r3;
0x0000c5cc ldr r3, [r5, 0x114] | r3 = *((r5 + 0x114));
0x0000c5d0 str r3, [r4, 0x160] | *((r4 + 0x160)) = r3;
0x0000c5d4 ldr r3, [r5, 0x118] | r3 = *((r5 + 0x118));
0x0000c5d8 str r3, [r4, 0x164] | *((r4 + 0x164)) = r3;
0x0000c5dc ldr r3, [r5, 0x130] | r3 = *((r5 + 0x130));
0x0000c5e0 str r3, [r4, 0x154] | *((r4 + 0x154)) = r3;
0x0000c5e4 ldr r3, [r5, 0x134] | r3 = *((r5 + 0x134));
0x0000c5e8 str r3, [r4, 0x158] | *((r4 + 0x158)) = r3;
0x0000c5ec ldr r3, [r5, 0x15c] | r3 = *((r5 + 0x15c));
0x0000c5f0 str r3, [r4, 0x15c] | *((r4 + 0x15c)) = r3;
| do {
| label_0:
0x0000c5f4 ldr r3, [r7, 4]! | r3 = *((r7 += 4));
0x0000c5f8 cmp r3, 0 |
| if (r3 == 0) {
0x0000c5fc bne 0xc6f4 |
0x0000c600 ldr r3, [r5, 0x70] | r3 = *((r5 + 0x70));
0x0000c604 ldr r1, [r5, 0x60] | r1 = *((r5 + 0x60));
0x0000c608 cmp r3, 0 |
| if (r3 != 0) {
0x0000c60c moveq r3, 5 | r3 = 5;
| }
0x0000c610 str r3, [r4, 0x20c] | *((r4 + 0x20c)) = r3;
0x0000c614 ldr r3, [r5, 0xdc] | r3 = *((r5 + 0xdc));
0x0000c618 cmp r3, 0 |
| if (r3 != 0) {
0x0000c61c moveq r3, 0xa | r3 = 0xa;
| }
0x0000c620 str r3, [r4, 0x210] | *((r4 + 0x210)) = r3;
0x0000c624 ldr r3, [r5, 0x104] | r3 = *((r5 + 0x104));
0x0000c628 cmp r1, 0 |
0x0000c62c str r3, [r4, 0x1a4] | *((r4 + 0x1a4)) = r3;
0x0000c630 ldr r3, [r5, 0xd8] | r3 = *((r5 + 0xd8));
0x0000c634 str r3, [r4, 0x1e4] | *((r4 + 0x1e4)) = r3;
| if (r1 != 0) {
0x0000c638 beq 0xc648 |
0x0000c63c mov r2, 0x10 | r2 = 0x10;
0x0000c640 add r0, r4, 0x1b4 | r0 = r4 + 0x1b4;
0x0000c644 bl 0x6a08 | fcn_00006a08 ();
| }
0x0000c648 ldr r0, [r5, 0x18] | r0 = *((r5 + 0x18));
0x0000c64c cmp r0, 0 |
| if (r0 != 0) {
0x0000c650 moveq r7, r0 | r7 = r0;
| }
| if (r0 != 0) {
0x0000c654 beq 0xc660 |
0x0000c658 bl 0x6d8c | r0 = strlen (r0);
0x0000c65c add r7, r0, 1 | r7 = r0 + 1;
| }
0x0000c660 ldr r0, [r5, 0x1c] | r0 = *((r5 + 0x1c));
0x0000c664 cmp r0, 0 |
| if (r0 == 0) {
0x0000c668 beq 0xc718 | goto label_14;
| }
0x0000c66c bl 0x6d8c | r0 = strlen (r0);
0x0000c670 add r0, r0, 1 | r0++;
0x0000c674 add r7, r7, r0 | r7 += r0;
| label_2:
0x0000c678 ldr r2, [pc, 0x2dc] | r2 = *(0xc958);
0x0000c67c mov r1, r7 | r1 = r7;
0x0000c680 add r2, pc, r2 | r2 = pc + r2;
0x0000c684 mov r0, 0 | r0 = 0;
0x0000c688 bl 0x78c4 | lws_realloc ();
0x0000c68c ldr sb, [r5, 0x18] | sb = *((r5 + 0x18));
0x0000c690 cmp sb, 0 |
0x0000c694 mov r7, r0 | r7 = r0;
0x0000c698 str r0, [r4, 0x1ac] | *((r4 + 0x1ac)) = r0;
0x0000c69c str r0, [r4, 0x1b0] | *((r4 + 0x1b0)) = r0;
| if (sb != 0) {
0x0000c6a0 beq 0xc6cc |
0x0000c6a4 mov r0, sb | r0 = sb;
0x0000c6a8 bl 0x6d8c | strlen (r0);
0x0000c6ac mov r1, sb | r1 = sb;
0x0000c6b0 add sl, r0, 1 | sl = r0 + 1;
0x0000c6b4 mov r2, sl | r2 = sl;
0x0000c6b8 mov r0, r7 | r0 = r7;
0x0000c6bc bl 0x6b10 | memcpy (r0, r1, r2);
0x0000c6c0 ldr r2, [r4, 0x1b0] | r2 = *((r4 + 0x1b0));
0x0000c6c4 add r2, r2, sl | r2 += sl;
0x0000c6c8 str r2, [r4, 0x1b0] | *((r4 + 0x1b0)) = r2;
| }
0x0000c6cc ldr r7, [r5, 0x1c] | r7 = *((r5 + 0x1c));
0x0000c6d0 cmp r7, 0 |
| if (r7 == 0) {
0x0000c6d4 beq 0xc720 | goto label_15;
| }
0x0000c6d8 mov r0, r7 | r0 = r7;
0x0000c6dc bl 0x6d8c | strlen (r0);
0x0000c6e0 mov r1, r7 | r1 = r7;
0x0000c6e4 add r2, r0, 1 | r2 = r0 + 1;
0x0000c6e8 ldr r0, [r4, 0x1b0] | r0 = *((r4 + 0x1b0));
0x0000c6ec bl 0x6b10 | memcpy (r0, r1, r2);
0x0000c6f0 b 0xc720 | goto label_15;
| }
0x0000c6f4 ldr r3, [r3, 0x10] | r3 = *((r3 + 0x10));
0x0000c6f8 cmp r3, 0 |
0x0000c6fc beq 0xc5f4 |
| } while (r3 == 0);
0x0000c700 mov r1, r5 | r1 = r5;
0x0000c704 mov r0, r4 | r0 = r4;
0x0000c708 blx r3 | r0 = uint32_t (*r3)(uint32_t, uint32_t) (r0, r1);
0x0000c70c cmp r0, 0 |
| if (r0 == 0) {
0x0000c710 beq 0xc5f4 | goto label_0;
| }
0x0000c714 b 0xc4f4 | goto label_1;
| label_14:
0x0000c718 cmp r7, 0 |
| if (r7 != 0) {
0x0000c71c bne 0xc678 | goto label_2;
| }
| label_15:
0x0000c720 add r3, r8, 0x284 | r3 = r8 + 0x284;
0x0000c724 ldrsh r0, [r3] | r0 = *(r3);
0x0000c728 ldr r3, [r4, 0x1fc] | r3 = *((r4 + 0x1fc));
0x0000c72c ldr r1, [pc, 0x22c] | r1 = *(0xc95c);
0x0000c730 add r3, r0, r3 | r3 = r0 + r3;
0x0000c734 mov r7, 0x1c | r7 = 0x1c;
0x0000c738 add r1, pc, r1 | r1 = pc + r1;
0x0000c73c mla r0, r7, r3, r7 | __asm ("mla r0, r7, r3, r7");
0x0000c740 bl 0x78d8 | r0 = lws_zalloc ();
0x0000c744 subs sb, r0, 0 | sb = r0 - 0;
| if (sb == r0) {
0x0000c748 bne 0xc760 |
0x0000c74c ldr r1, [pc, 0x210] | r1 = *(0xc960);
0x0000c750 mov r0, 1 | r0 = 1;
0x0000c754 add r1, pc, r1 | r1 = pc + r1;
0x0000c758 bl 0x7254 | fcn_00007254 ();
0x0000c75c b 0xc4f4 | goto label_1;
| }
0x0000c760 cmp r6, 0 |
0x0000c764 ldr sl, [r4, 0x1fc] | sl = *((r4 + 0x1fc));
| if (r6 != 0) {
0x0000c768 bne 0xc8a0 | goto label_16;
| }
| do {
0x0000c76c cmp r6, sl |
| if (r6 >= sl) {
0x0000c770 blt 0xc884 |
| label_3:
0x0000c774 ldrb r3, [r4, 0x218] | r3 = *((r4 + 0x218));
0x0000c778 ldr r1, [pc, 0x1e8] | r1 = *(0xc964);
0x0000c77c orr r3, r3, 1 | r3 |= 1;
0x0000c780 strb r3, [r4, 0x218] | *((r4 + 0x218)) = r3;
0x0000c784 ldr r3, [r4, 0x1fc] | r3 = *((r4 + 0x1fc));
0x0000c788 mov r2, 0xc | r2 = 0xc;
0x0000c78c mul r0, r3, r2 | r0 = r3 * r2;
0x0000c790 str sb, [r4, 0x16c] | *((r4 + 0x16c)) = sb;
0x0000c794 add r1, pc, r1 | r1 = pc + r1;
0x0000c798 bl 0x78d8 | lws_zalloc ();
0x0000c79c ldr r3, [r5, 0x78] | r3 = *((r5 + 0x78));
0x0000c7a0 mov r6, sp | r6 = sp;
0x0000c7a4 str r3, [r4, 0x100] | *((r4 + 0x100)) = r3;
0x0000c7a8 ldr r3, [r5] | r3 = *(r5);
0x0000c7ac cmn r3, 2 |
0x0000c7b0 str r0, [r4, 0x17c] | *((r4 + 0x17c)) = r0;
| if (r3 == 2) {
0x0000c7b4 beq 0xc8b0 | goto label_17;
| }
0x0000c7b8 cmn r3, 1 |
| if (r3 != 1) {
0x0000c7bc bne 0xc8bc | goto label_18;
| }
0x0000c7c0 ldr r1, [pc, 0x1a4] | r1 = *(0xc968);
0x0000c7c4 add r1, pc, r1 | r1 = pc + r1;
| label_4:
0x0000c7c8 mov r0, r6 | r0 = r6;
0x0000c7cc bl 0x765c | strcpy (r0, r1)
| label_5:
0x0000c7d0 ldr r3, [r5, 0x78] | r3 = *((r5 + 0x78));
| label_6:
0x0000c7d4 cmp r3, 0 |
| if (r3 != 0) {
0x0000c7d8 bne 0xc8d4 | goto label_19;
| }
0x0000c7dc ldr r2, [r5] | r2 = *(r5);
0x0000c7e0 strb r3, [r4, 0x80] | *((r4 + 0x80)) = r3;
0x0000c7e4 ldr r1, [r5, 0x28] | r1 = *((r5 + 0x28));
0x0000c7e8 str r2, [r4, 0x1f4] | *((r4 + 0x1f4)) = r2;
0x0000c7ec cmp r1, 0 |
0x0000c7f0 str r3, [r4, 0x108] | *((r4 + 0x108)) = r3;
| if (r1 == 0) {
0x0000c7f4 beq 0xc8dc | goto label_20;
| }
0x0000c7f8 ldr r3, [r5, 0x2c] | r3 = *((r5 + 0x2c));
0x0000c7fc cmp r3, 0 |
| if (r3 == 0) {
0x0000c800 strne r3, [r4, 0x108] | *((r4 + 0x108)) = r3;
| }
| label_8:
0x0000c804 mov r0, r4 | r0 = r4;
0x0000c808 bl 0x6be8 | fcn_00006be8 ();
| label_7:
0x0000c80c ldr r3, [r5, 0x40] | r3 = *((r5 + 0x40));
0x0000c810 str r3, [r4, 0x200] | *((r4 + 0x200)) = r3;
0x0000c814 ldr r3, [r5, 0x48] | r3 = *((r5 + 0x48));
0x0000c818 str r3, [r4, 0x208] | *((r4 + 0x208)) = r3;
0x0000c81c ldr r3, [r5, 0x44] | r3 = *((r5 + 0x44));
0x0000c820 str r3, [r4, 0x204] | *((r4 + 0x204)) = r3;
0x0000c824 ldr r3, [r4, 0x1f8] | r3 = *((r4 + 0x1f8));
0x0000c828 tst r3, 0x8000 |
0x0000c82c strheq r0, [r0], -r8 | __asm ("strheq r0, [r0], -r8");
0x0000c830 ldr r1, [pc, 0x138] | r1 = *(0xc96c);
0x0000c834 mov r0, 4 | r0 = 4;
0x0000c838 add r1, pc, r2 | r1 = pc + r2;
0x0000c83c bl 0x7258 | void (*0x7258)() ();
0x0000c840 mov r1, r4 | r1 = r4;
0x0000c844 mov r0, r5 | r0 = r5;
0x0000c848 bl 0x1a284 | r0 = lws_context_init_client_ssl ();
0x0000c84c cmp r0, 0 |
| if (r0 != 0) {
0x0000c850 addeq r2, r8, 0x150 | r2 = r8 + 0x150;
| }
| if (r0 != 0) {
0x0000c854 ldreq r3, [r8, 0x150] | r3 = *((r8 + 0x150));
| }
| if (r0 == 0) {
0x0000c858 beq 0xc90c | goto label_21;
| }
0x0000c85c ldr r2, [pc, 0x110] |
0x0000c860 ldr r1, [pc, 0x110] | r1 = *(0xc974);
0x0000c864 add r2, pc, r2 | r2 = pc + r2;
0x0000c868 add r2, r2, 0x71 | r2 = 0xc9e1;
0x0000c86c add r1, pc, r1 | r1 = pc + r1;
| label_10:
0x0000c870 mov r0, 1 | r0 = 1;
0x0000c874 bl 0x7254 | fcn_00007254 ();
0x0000c878 mov r0, r4 | r0 = r4;
0x0000c87c bl 0x7080 | fcn_00007080 ();
0x0000c880 b 0xc4f4 | goto label_1;
| }
0x0000c884 ldr r3, [r5, 0x138] | r3 = *((r5 + 0x138));
0x0000c888 mla r0, r7, r6, sb | __asm ("mla r0, r7, r6, sb");
0x0000c88c ldr r1, [r3, r6, lsl 2] | offset_1 = r6 << 2;
| r1 = *((r3 + offset_1));
0x0000c890 mov r2, 0x1c | r2 = 0x1c;
0x0000c894 bl 0x6b10 | memcpy (r0, r1, r2);
0x0000c898 add r6, r6, 1 | r6++;
0x0000c89c b 0xc76c |
| } while (1);
| label_16:
0x0000c8a0 mul r2, r7, sl | r2 = r7 * sl;
0x0000c8a4 mov r1, r6 | r1 = r6;
0x0000c8a8 bl 0x6b10 | memcpy (r0, r1, r2);
0x0000c8ac b 0xc774 | goto label_3;
| label_17:
0x0000c8b0 ldr r1, [pc, 0xc4] | r1 = *(0xc978);
0x0000c8b4 add r1, pc, r1 | r1 = pc + r1;
0x0000c8b8 b 0xc7c8 | goto label_4;
| label_18:
0x0000c8bc ldr r2, [pc, 0xbc] | r2 = *(0xc97c);
0x0000c8c0 mov r1, 0x60 | r1 = 0x60;
0x0000c8c4 add r2, pc, r2 | r2 = pc + r2;
0x0000c8c8 mov r0, r6 | r0 = r6;
0x0000c8cc bl 0x72f0 | fcn_000072f0 ();
0x0000c8d0 b 0xc7d0 | goto label_5;
| label_19:
0x0000c8d4 ldr r3, [r3] | r3 = *(r3);
0x0000c8d8 b 0xc7d4 | goto label_6;
| label_20:
0x0000c8dc ldr r0, [pc, 0xa0] | r0 = *(0xc980);
0x0000c8e0 add r0, pc, r0 | r0 = pc + r0;
0x0000c8e4 bl 0x6aec | r0 = getenv (r0);
0x0000c8e8 subs r1, r0, 0 | r1 = r0 - 0;
| if (r1 == r0) {
0x0000c8ec beq 0xc80c | goto label_7;
| }
0x0000c8f0 mov r2, 0x60 | r2 = 0x60;
0x0000c8f4 mov r0, r6 | r0 = r6;
0x0000c8f8 bl 0x6a08 | fcn_00006a08 ();
0x0000c8fc mov r1, r6 | r1 = r6;
0x0000c900 b 0xc804 | goto label_8;
| do {
0x0000c904 add r2, r3, 0x144 | r2 = r3 + 0x144;
0x0000c908 ldr r3, [r3, 0x144] | r3 = *((r3 + 0x144));
| label_21:
0x0000c90c cmp r3, 0 |
0x0000c910 bne 0xc904 |
| } while (r3 != 0);
0x0000c914 str r4, [r2] | *(r2) = r4;
0x0000c918 ldrb r3, [r8, 0x280] | r3 = *((r8 + 0x280));
0x0000c91c tst r3, 0x20 |
| if ((r3 & 0x20) == 0) {
0x0000c920 beq 0xc4f8 | goto label_9;
| }
0x0000c924 mov r0, r8 | r0 = r8;
0x0000c928 bl 0x741c | r0 = fcn_0000741c ();
0x0000c92c cmp r0, 0 |
| if (r0 == 0) {
0x0000c930 beq 0xc4f8 | goto label_9;
| }
0x0000c934 ldr r2, [pc, 0x4c] |
0x0000c938 ldr r1, [pc, 0x4c] | r1 = *(0xc988);
0x0000c93c add r2, pc, r2 | r2 = pc + r2;
0x0000c940 add r2, r2, 0x71 | r2 = 0xc9f5;
0x0000c944 add r1, pc, r1 | r1 = pc + r1;
0x0000c948 b 0xc870 | goto label_10;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/lib/libwebsockets.so.15 @ 0x139f4 */
| #include <stdint.h>
|
; (fcn) sym.lws_generate_client_ws_handshake () | void lws_generate_client_ws_handshake (int32_t arg1, int32_t arg2) {
| int32_t var_4h;
| char * src;
| int32_t var_3fh;
| char * s;
| int32_t var_c0h;
| r0 = arg1;
| r1 = arg2;
0x000139f4 push {r4, r5, r6, r7, r8, lr} |
0x000139f8 sub sp, sp, 0xc0 |
0x000139fc add r6, sp, 4 | r6 += var_4h;
0x00013a00 mov r5, r0 | r5 = r0;
0x00013a04 mov r4, r1 | r4 = r1;
0x00013a08 mov r8, r2 | r8 = r2;
0x00013a0c mov r1, r6 | r1 = r6;
0x00013a10 mov r2, 0x10 | r2 = 0x10;
0x00013a14 ldr r0, [r0, 0xc0] | r0 = *((r0 + 0xc0));
0x00013a18 bl 0x70f8 | r0 = fcn_000070f8 ();
0x00013a1c cmp r0, 0x10 |
| if (r0 == 0x10) {
0x00013a20 beq 0x13a4c | goto label_0;
| }
0x00013a24 ldr r2, [pc, 0x128] | r2 = *(0x13b50);
0x00013a28 ldr r1, [pc, 0x128] | r1 = $d;
0x00013a2c add r2, pc, r2 | r2 = pc + r2;
0x00013a30 add r1, pc, r1 | r1 = pc + r1;
0x00013a34 mov r0, 1 | r0 = 1;
0x00013a38 bl 0x7254 | fcn_00007254 ();
0x00013a3c mov r4, 0 | r4 = 0;
| do {
0x00013a40 mov r0, r4 | r0 = r4;
0x00013a44 add sp, sp, 0xc0 |
0x00013a48 pop {r4, r5, r6, r7, r8, pc} |
| label_0:
0x00013a4c add r7, sp, 0x18 | r7 += src;
0x00013a50 mov r3, 0x28 | r3 = 0x28;
0x00013a54 mov r1, r0 | r1 = r0;
0x00013a58 mov r2, r7 | r2 = r7;
0x00013a5c mov r0, r6 | r0 = r6;
0x00013a60 bl 0x6ff0 | fcn_00006ff0 ();
0x00013a64 ldr r1, [pc, 0xf0] | r1 = *(0x13b58);
0x00013a68 mov r2, r8 | r2 = r8;
0x00013a6c add r1, pc, r1 | r1 = pc + r1;
0x00013a70 mov r0, r4 | r0 = r4;
0x00013a74 bl 0x72c0 | sprintf (r0, r1, r2);
0x00013a78 mov r1, r7 | r1 = r7;
0x00013a7c add r4, r4, r0 | r4 += r0;
0x00013a80 mov r0, r4 | r0 = r4;
0x00013a84 bl 0x765c | strcpy (r0, r1)
0x00013a88 mov r0, r7 | r0 = r7;
0x00013a8c bl 0x6d8c | strlen (r0);
0x00013a90 ldr r1, [pc, 0xc8] | r1 = *(0x13b5c);
0x00013a94 add r1, pc, r1 | r1 = pc + r1;
0x00013a98 add r4, r4, r0 | r4 += r0;
0x00013a9c mov r0, r4 | r0 = r4;
0x00013aa0 bl 0x765c | strcpy (r0, r1)
0x00013aa4 mov r1, 0x57 | r1 = 0x57;
0x00013aa8 mov r0, r5 | r0 = r5;
0x00013aac bl 0x10f20 | lws_hdr_simple_ptr ();
0x00013ab0 add r4, r4, 2 | r4 += 2;
0x00013ab4 cmp r0, 0 |
| if (r0 != 0) {
0x00013ab8 beq 0x13ae0 |
0x00013abc mov r1, 0x57 | r1 = 0x57;
0x00013ac0 mov r0, r5 | r0 = r5;
0x00013ac4 bl 0x10f20 | lws_hdr_simple_ptr ();
0x00013ac8 ldr r1, [pc, 0x94] | r1 = *(0x13b60);
0x00013acc add r1, pc, r1 | r1 = pc + r1;
0x00013ad0 mov r2, r0 | r2 = r0;
0x00013ad4 mov r0, r4 | r0 = r4;
0x00013ad8 bl 0x72c0 | r0 = sprintf (r0, r1, r2);
0x00013adc add r4, r4, r0 | r4 += r0;
| }
0x00013ae0 ldr r3, [r5, 0x60] | r3 = *((r5 + 0x60));
0x00013ae4 ldrb r2, [r3, 0xad] | r2 = *((r3 + 0xad));
0x00013ae8 cmp r2, 0 |
| if (r2 != 0) {
0x00013aec beq 0x13b04 |
0x00013af0 ldr r1, [pc, 0x70] | r1 = *(0x13b64);
0x00013af4 mov r0, r4 | r0 = r4;
0x00013af8 add r1, pc, r1 | r1 = pc + r1;
0x00013afc bl 0x72c0 | r0 = sprintf (r0, r1, r2);
0x00013b00 add r4, r4, r0 | r4 += r0;
| }
0x00013b04 ldr r1, [pc, 0x60] | r1 = *(0x13b68);
0x00013b08 mov r2, r7 | r2 = r7;
0x00013b0c add r7, sp, 0x40 | r7 += s;
0x00013b10 mov r3, 0 | r3 = 0;
0x00013b14 add r1, pc, r1 | r1 = pc + r1;
0x00013b18 mov r0, r7 | r0 = r7;
0x00013b1c strb r3, [sp, 0x3f] | var_3fh = r3;
0x00013b20 bl 0x72c0 | sprintf (r0, r1, r2);
0x00013b24 mov r2, r6 | r2 = r6;
0x00013b28 mov r1, r0 | r1 = r0;
0x00013b2c mov r0, r7 | r0 = r7;
0x00013b30 bl 0x7590 | fcn_00007590 ();
0x00013b34 ldr r2, [r5, 0x10] | r2 = *((r5 + 0x10));
0x00013b38 mov r3, 0x1e | r3 = 0x1e;
0x00013b3c add r2, r2, 0x368 | r2 += 0x368;
0x00013b40 add r2, r2, 3 | r2 += 3;
0x00013b44 mov r1, 0x14 | r1 = 0x14;
0x00013b48 mov r0, r6 | r0 = r6;
0x00013b4c bl 0x6ff0 | fcn_00006ff0 ();
0x00013b50 b 0x13a40 |
| } while (1);
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/lib/libwebsockets.so.15 @ 0x8af8 */
| #include <stdint.h>
|
; (fcn) sym.lws_strdup () | void lws_strdup (int32_t arg1) {
| r0 = arg1;
0x00008af8 push {r4, r5, r6, lr} |
0x00008afc mov r5, r0 | r5 = r0;
0x00008b00 bl 0x6d8c | strlen (r0);
0x00008b04 ldr r2, [pc, 0x24] | r2 = *(0x8b2c);
0x00008b08 add r2, pc, r2 | r2 = pc + r2;
0x00008b0c add r1, r0, 1 | r1 = r0 + 1;
0x00008b10 mov r0, 0 | r0 = 0;
0x00008b14 bl 0x78c4 | r0 = lws_realloc ();
0x00008b18 subs r4, r0, 0 | r4 = r0 - 0;
| if (r4 != r0) {
0x00008b1c beq 0x8b28 |
0x00008b20 mov r1, r5 | r1 = r5;
0x00008b24 bl 0x765c | strcpy (r0, r1)
| }
0x00008b28 mov r0, r4 | r0 = r4;
0x00008b2c pop {r4, r5, r6, pc} |
| }
[*] Function strcpy used 5 times libwebsockets.so.15
