[*] Binary protection state of gdbus
Partial RELRO No Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function printf tear down of gdbus
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/bin/gdbus @ 0x14ee8 */
| #include <stdint.h>
|
; (fcn) fcn.00014ee8 () | void fcn_00014ee8 (int32_t arg_10h, int32_t arg_38h, int32_t arg_3ch, int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_4h;
| int32_t var_ch;
| int32_t var_14h;
| r0 = arg1;
| r1 = arg2;
0x00014ee8 push {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x00014eec ldr r8, [r2, 4] | r8 = *((r2 + 4));
0x00014ef0 sub sp, sp, 0x14 |
0x00014ef4 ldr r6, [sp, 0x38] | r6 = *(arg_38h);
0x00014ef8 ldr r7, [sp, 0x3c] | r7 = *(arg_3ch);
0x00014efc cmp r8, 0 |
0x00014f00 mov sb, r1 | sb = r1;
0x00014f04 mov r4, r2 | r4 = r2;
0x00014f08 mov r5, r3 | r5 = r3;
| if (r8 != 0) {
0x00014f0c moveq r8, r6 | r8 = r6;
| }
0x00014f10 mov sl, 0 | sl = 0;
0x00014f14 str r0, [sp, 0xc] | var_ch = r0;
| do {
0x00014f18 ldr r3, [r4, 0x10] | r3 = *((r4 + 0x10));
0x00014f1c cmp r3, 0 |
| if (r3 != 0) {
0x00014f20 beq 0x14f34 |
0x00014f24 ldr r0, [r3, sl] | r0 = *((r3 + sl));
0x00014f28 add sl, sl, 4 | sl += 4;
0x00014f2c cmp r0, 0 |
| if (r0 != 0) {
0x00014f30 bne 0x14fa4 | goto label_3;
| }
| }
0x00014f34 cmp r8, 0 |
0x00014f38 ldr r3, [pc, 0x1c0] | r3 = *(0x150fc);
0x00014f3c ldr r2, [pc, 0x1c0] | r2 = "(not set)";
| if (r8 == 0) {
0x00014f40 movne r3, r8 | r3 = r8;
| }
0x00014f44 mov r1, r5 | r1 = r5;
0x00014f48 ldr r0, [pc, 0x1b8] | r0 = *(0x15104);
0x00014f4c bl 0x11e4c | g_print ();
0x00014f50 ldr r3, [r4, 8] | r3 = *((r4 + 8));
0x00014f54 cmp r3, 0 |
| if (r3 == 0) {
0x00014f58 bne 0x14f68 |
0x00014f5c ldr r3, [r4, 0xc] | r3 = *((r4 + 0xc));
0x00014f60 cmp r3, 0 |
| if (r3 == 0) {
0x00014f64 beq 0x150f0 | goto label_4;
| }
| }
0x00014f68 ldr r0, [pc, 0x19c] | r0 = "%*snode %s";
0x00014f6c bl 0x11e4c | g_print ();
0x00014f70 ldr fp, [pc, 0x198] | fp = *(0x00015110);
0x00014f74 mov r8, 0 | r8 = 0;
0x00014f78 add sl, r5, 2 | sl = r5 + 2;
| label_0:
0x00014f7c ldr r2, [r4, 8] | r2 = *((r4 + 8));
0x00014f80 cmp r2, 0 |
| if (r2 != 0) {
0x00014f84 beq 0x14f94 |
0x00014f88 ldr r2, [r2, r8] | r2 = *((r2 + r8));
0x00014f8c cmp r2, 0 |
| if (r2 != 0) {
0x00014f90 bne 0x14fb4 | goto label_5;
| }
| }
0x00014f94 mov r8, r2 | r8 = r2;
0x00014f98 ldr fp, [pc, 0x174] | fp = "_s__s";
0x00014f9c ldr sl, [pc, 0x174] | sl = "__s";
0x00014fa0 b 0x15060 | goto label_6;
| label_3:
0x00014fa4 mov r2, 0 | r2 = 0;
0x00014fa8 mov r1, r5 | r1 = r5;
0x00014fac bl 0x140e8 | fcn_000140e8 (r0, r1);
0x00014fb0 b 0x14f18 |
| } while (1);
| label_5:
0x00014fb4 ldr r3, [fp, 0x10] | r3 = *(arg_10h);
0x00014fb8 cmp r3, 0 |
| if (r3 != 0) {
0x00014fbc beq 0x14fd8 |
0x00014fc0 ldr r3, [r2, 0x10] | r3 = *((r2 + 0x10));
0x00014fc4 cmp r3, 0 |
| if (r3 == 0) {
0x00014fc8 beq 0x14fec | goto label_7;
| }
0x00014fcc ldr r3, [r3] | r3 = *(r3);
0x00014fd0 cmp r3, 0 |
| if (r3 == 0) {
0x00014fd4 beq 0x14fec | goto label_7;
| }
| }
0x00014fd8 str r6, [sp] | *(sp) = r6;
0x00014fdc mov r3, sl | r3 = sl;
0x00014fe0 mov r1, sb | r1 = sb;
0x00014fe4 ldr r0, [sp, 0xc] | r0 = var_ch;
0x00014fe8 bl 0x1485c | fcn_0001485c (r0, r1, r2, r3, r4);
| label_7:
0x00014fec add r8, r8, 4 | r8 += 4;
0x00014ff0 b 0x14f7c | goto label_0;
| do {
0x00014ff4 cmp r7, 0 |
| if (r7 == 0) {
0x00014ff8 beq 0x150d4 | goto label_8;
| }
0x00014ffc ldr r0, [r2, 4] | r0 = *((r2 + 4));
0x00015000 bl 0x11ed0 | r0 = g_variant_is_object_path ();
0x00015004 cmp r0, 0 |
| if (r0 == 0) {
0x00015008 beq 0x15090 | goto label_9;
| }
0x0001500c ldr r3, [r4, 0xc] | r3 = *((r4 + 0xc));
0x00015010 ldr r3, [r3, r8] | r3 = *((r3 + r8));
0x00015014 ldr r0, [r3, 4] | r0 = *((r3 + 4));
0x00015018 bl 0x1211c | g_strdup ();
0x0001501c mov r1, r6 | r1 = r6;
0x00015020 mov sb, r0 | sb = r0;
0x00015024 bl 0x120d4 | r0 = g_str_has_prefix ();
0x00015028 cmp r0, 0 |
| if (r0 != 0) {
0x0001502c beq 0x15044 |
| label_1:
0x00015030 add r2, r5, 2 | r2 = r5 + 2;
0x00015034 mov r1, sb | r1 = sb;
0x00015038 ldr r0, [sp, 0xc] | r0 = var_ch;
0x0001503c bl 0x1512c | fcn_0001512c (r0, r1);
0x00015040 b 0x15054 |
| } else {
0x00015044 mov r2, r6 | r2 = r6;
0x00015048 mov r1, sb | r1 = sb;
0x0001504c ldr r0, [pc, 0xc8] | r0 = "__s";
0x00015050 bl 0x11e4c | g_print ();
| }
0x00015054 mov r0, sb | r0 = sb;
0x00015058 bl 0x11dc8 | g_free ();
| label_2:
0x0001505c add r8, r8, 4 | r8 += 4;
| label_6:
0x00015060 ldr r3, [r4, 0xc] | r3 = *((r4 + 0xc));
0x00015064 cmp r3, 0 |
| if (r3 == 0) {
0x00015068 beq 0x15078 | goto label_10;
| }
0x0001506c ldr r2, [r3, r8] | r2 = *((r3 + r8));
0x00015070 cmp r2, 0 |
0x00015074 bne 0x14ff4 |
| } while (r2 != 0);
| label_10:
0x00015078 ldr r2, [pc, 0x84] | r2 = "(not set)";
0x0001507c ldr r0, [pc, 0x9c] | r0 = "Skipping_path__s_that_is_not_enclosed_by_parent__s";
0x00015080 mov r1, r5 | r1 = r5;
0x00015084 add sp, sp, 0x14 |
0x00015088 pop {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x0001508c b 0x11e4c | void (*0x11e4c)() ();
| label_9:
0x00015090 ldr r1, [pc, 0x8c] | r1 = "%*s};\n";
0x00015094 mov r0, r6 | r0 = r6;
0x00015098 bl 0x11f3c | g_strcmp0 ();
0x0001509c ldr r3, [r4, 0xc] | r3 = *((r4 + 0xc));
0x000150a0 ldr r3, [r3, r8] | r3 = *((r3 + r8));
0x000150a4 cmp r0, 0 |
| if (r0 != 0) {
0x000150a8 bne 0x150c0 | goto label_11;
| }
0x000150ac ldr r1, [r3, 4] | r1 = *((r3 + 4));
0x000150b0 mov r0, sl | r0 = sl;
0x000150b4 bl 0x11f60 | r0 = g_strdup_printf ()
| do {
0x000150b8 mov sb, r0 | sb = r0;
0x000150bc b 0x15030 | goto label_1;
| label_11:
0x000150c0 ldr r2, [r3, 4] | r2 = *((r3 + 4));
0x000150c4 mov r1, r6 | r1 = r6;
0x000150c8 mov r0, fp | r0 = fp;
0x000150cc bl 0x11f60 | g_strdup_printf ()
0x000150d0 b 0x150b8 |
| } while (1);
| label_8:
0x000150d4 str r7, [sp, 4] | var_4h = r7;
0x000150d8 str r7, [sp] | *(sp) = r7;
0x000150dc add r3, r5, 2 | r3 = r5 + 2;
0x000150e0 mov r1, r7 | r1 = r7;
0x000150e4 mov r0, r7 | r0 = r7;
0x000150e8 bl 0x14ee8 | fcn_00014ee8 (r0, r1, r2, r3, r4);
0x000150ec b 0x1505c | goto label_2;
| label_4:
0x000150f0 ldr r0, [pc, 0x30] | r0 = *(0x15124);
0x000150f4 add sp, sp, 0x14 |
0x000150f8 pop {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x000150fc b 0x11e4c | return void (*0x11e4c)() ();
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/bin/gdbus @ 0x153cc */
| #include <stdint.h>
|
; (fcn) fcn.000153cc () | void fcn_000153cc (int32_t arg1, int32_t arg2) {
| int32_t var_0h;
| int32_t var_8h;
| r0 = arg1;
| r1 = arg2;
0x000153cc push {r0, r1, r4, r5, r6, lr} |
0x000153d0 ldr r3, [r1] | r3 = *(r1);
0x000153d4 mov r6, r0 | r6 = r0;
0x000153d8 mov r4, r1 | r4 = r1;
0x000153dc ldr r0, [r3, 4] | r0 = *((r3 + 4));
0x000153e0 mov r1, r2 | r1 = r2;
0x000153e4 mov r5, r2 | r5 = r2;
0x000153e8 bl 0x11f3c | r0 = g_strcmp0 ();
0x000153ec cmp r0, 0 |
| if (r0 == 0) {
0x000153f0 bne 0x15440 |
0x000153f4 mov r2, r4 | r2 = r4;
0x000153f8 mov r1, r6 | r1 = r6;
0x000153fc mov r0, 1 | r0 = 1;
0x00015400 bl 0x15358 | fcn_00015358 (r0, r1);
0x00015404 ldr r3, [r4] | r3 = *(r4);
0x00015408 ldr r0, [r3] | r0 = *(r3);
0x0001540c bl 0x1217c | g_path_get_basename ();
0x00015410 ldr r3, [r4] | r3 = *(r4);
0x00015414 mov r2, r5 | r2 = r5;
0x00015418 ldr r1, [r3] | r1 = *(r3);
0x0001541c mov r6, r0 | r6 = r0;
0x00015420 ldr r0, [pc, 0x34] | r0 = *(0x15458);
0x00015424 bl 0x11f60 | g_strdup_printf ()
0x00015428 ldr r3, [r4] | r3 = *(r4);
0x0001542c str r0, [r3] | *(r3) = r0;
0x00015430 mov r0, r6 | r0 = r6;
0x00015434 add sp, sp, 8 |
0x00015438 pop {r4, r5, r6, lr} |
0x0001543c b 0x11dc8 | void (*0x11dc8)() ();
| }
0x00015440 ldr r3, [pc, 0x18] | r3 = "%s %s";
0x00015444 mov r2, 0x80 | r2 = 0x80;
0x00015448 str r3, [sp] | *(sp) = r3;
0x0001544c ldr r1, [pc, 0x10] | r1 = "g_strcmp0 ((*argv)[1], command) == 0";
0x00015450 ldr r3, [pc, 0x10] | r3 = "gdbus_tool.c";
0x00015454 ldr r0, [pc, 0x10] | r0 = "modify_argv0_for_command";
0x00015458 bl 0x11ee8 | g_assertion_message_expr ();
| if (r0 != 0) {
0x0001545c andeq r5, r1, sb, ror pc | r5 = r1 & (sb >>> pc);
| }
| if (r0 != 0) {
0x00015460 andeq r5, r1, pc, ror pc | r5 = r1 & (pc >>> pc);
| }
| if (r0 != 0) {
0x00015464 andeq r5, r1, r2, ror 29 | r5 = r1 & (r2 >>> 29);
| }
0x00015468 strdeq r5, r6, [r1], -sp | __asm ("strdeq r5, r6, [r1], -sp");
| /* Beware that this jump is a conditional jump.
| * r2dec transformed it as a return, due being the
| * last instruction. Please, check 'pdda' output
| * for more hints. */
0x0001546c andeq r5, r1, pc, ror 29 | return r5 = r1 & (pc >>> 29);
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/bin/gdbus @ 0x15470 */
| #include <stdint.h>
|
; (fcn) fcn.00015470 () | void fcn_00015470 (char * * arg1, int32_t arg2) {
| int32_t var_0h_2;
| int32_t var_4h;
| int32_t var_8h;
| int32_t var_ch;
| int32_t var_10h;
| int32_t var_14h;
| int32_t var_18h;
| int32_t var_24h;
| int32_t var_28h;
| int32_t var_2ch;
| int32_t var_30h;
| r0 = arg1;
| r1 = arg2;
0x00015470 push {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x00015474 mov r8, r0 | r8 = r0;
0x00015478 sub sp, sp, 0x34 |
0x0001547c mov r0, r1 | r0 = r1;
0x00015480 mov r6, r1 | r6 = r1;
0x00015484 mov r7, r2 | r7 = r2;
0x00015488 bl 0x11fd8 | r0 = g_dbus_is_name ();
0x0001548c cmp r0, 0 |
| if (r0 != 0) {
0x00015490 bne 0x154a8 | goto label_3;
| }
0x00015494 mov r1, r6 | r1 = r6;
0x00015498 ldr r0, [pc, 0x164] | r0 = *(0x15600);
0x0001549c bl 0x11e70 | g_printerr ();
| do {
| label_1:
0x000154a0 add sp, sp, 0x34 |
0x000154a4 pop {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| label_3:
0x000154a8 mov r4, 0 | r4 = 0;
0x000154ac add r5, sp, 0x30 | r5 += var_30h;
0x000154b0 ldr r0, [pc, 0x150] | r0 = "Error:__s_is_not_a_valid_name";
0x000154b4 str r4, [r5, -8]! | *((r5 -= 8)) = r4;
0x000154b8 bl 0x11d68 | g_variant_type_checked_ ();
0x000154bc ldr r3, [pc, 0x148] | r3 = "_s_";
0x000154c0 str r5, [sp, 0x18] | var_18h = r5;
0x000154c4 str r3, [sp, 0x10] | var_10h = r3;
0x000154c8 ldr r3, [pc, 0x140] | r3 = *(0x1560c);
0x000154cc str r4, [sp, 0x14] | var_14h = r4;
0x000154d0 str r3, [sp] | *(sp) = r3;
0x000154d4 str r4, [sp, 0xc] | var_ch = r4;
0x000154d8 str r4, [sp, 4] | var_4h = r4;
0x000154dc ldr r3, [pc, 0x130] | r3 = "Introspect";
0x000154e0 mov r2, r7 | r2 = r7;
0x000154e4 mov r1, r6 | r1 = r6;
0x000154e8 str r0, [sp, 8] | var_8h = r0;
0x000154ec mov r0, r8 | r0 = r8;
0x000154f0 bl 0x12044 | r0 = g_dbus_connection_call_sync ();
0x000154f4 subs sb, r0, 0 | sb = r0 - 0;
| if (sb != r0) {
0x000154f8 bne 0x15518 | goto label_4;
| }
0x000154fc ldr r3, [sp, 0x28] | r3 = var_28h;
0x00015500 ldr r0, [pc, 0x110] | r0 = "org.freedesktop.DBus.Introspectable";
0x00015504 ldr r1, [r3, 8] | r1 = *((r3 + 8));
| label_0:
0x00015508 bl 0x11e70 | g_printerr ();
0x0001550c ldr r0, [sp, 0x28] | r0 = var_28h;
0x00015510 bl 0x121f4 | g_error_free ();
0x00015514 b 0x154a0 |
| } while (1);
| label_4:
0x00015518 add r2, sp, 0x2c | r2 += var_2ch;
0x0001551c ldr r1, [pc, 0xf8] | r1 = "Error:__s";
0x00015520 bl 0x12110 | g_variant_get ();
0x00015524 mov r1, r5 | r1 = r5;
0x00015528 ldr r0, [sp, 0x2c] | r0 = var_2ch;
0x0001552c str r4, [sp, 0x28] | var_28h = r4;
0x00015530 bl 0x11d50 | r0 = g_dbus_node_info_new_for_xml ();
0x00015534 mov r4, r0 | r4 = r0;
0x00015538 mov r0, sb | r0 = sb;
0x0001553c bl 0x11e1c | g_variant_unref ();
0x00015540 cmp r4, 0 |
| if (r4 != 0) {
0x00015544 ldreq r3, [sp, 0x28] | r3 = var_28h;
| }
| if (r4 != 0) {
0x00015548 ldreq r0, [pc, 0xd0] | r0 = "Error_parsing_introspection_XML:__s";
| }
| if (r4 == 0) {
0x0001554c ldreq r1, [r3, 8] | r1 = *((r3 + 8));
| goto label_5;
| }
| if (r4 == 0) {
| label_5:
0x00015550 beq 0x15508 | goto label_0;
| }
0x00015554 ldr r3, [r4, 8] | r3 = *((r4 + 8));
0x00015558 cmp r3, 0 |
| if (r3 != 0) {
0x0001555c beq 0x1556c |
0x00015560 mov r1, r7 | r1 = r7;
0x00015564 ldr r0, [pc, 0xb8] | r0 = "Error_parsing_introspection_XML:__s";
0x00015568 bl 0x11e4c | g_print ();
| }
0x0001556c ldr sb, [pc, 0xb4] | sb = *(0x00015628);
0x00015570 ldr sl, [pc, 0xb4] | sl = "_s__s";
0x00015574 ldr fp, [pc, 0xb4] | fp = "__s";
0x00015578 mov r5, 0 | r5 = 0;
| do {
0x0001557c ldr r3, [r4, 0xc] | r3 = *((r4 + 0xc));
0x00015580 cmp r3, 0 |
| if (r3 != 0) {
0x00015584 beq 0x15594 |
0x00015588 ldr r3, [r3, r5] | r3 = *((r3 + r5));
0x0001558c cmp r3, 0 |
| if (r3 != 0) {
0x00015590 bne 0x155a0 | goto label_6;
| }
| }
0x00015594 mov r0, r4 | r0 = r4;
0x00015598 bl 0x11e58 | g_dbus_node_info_unref ();
0x0001559c b 0x154a0 | goto label_1;
| label_6:
0x000155a0 mov r1, sb | r1 = sb;
0x000155a4 mov r0, r7 | r0 = r7;
0x000155a8 bl 0x11f3c | g_strcmp0 ();
0x000155ac ldr r3, [r4, 0xc] | r3 = *((r4 + 0xc));
0x000155b0 ldr r3, [r3, r5] | r3 = *((r3 + r5));
0x000155b4 cmp r0, 0 |
| if (r0 != 0) {
0x000155b8 bne 0x155f0 | goto label_7;
| }
0x000155bc ldr r1, [r3, 4] | r1 = *((r3 + 4));
0x000155c0 mov r0, fp | r0 = fp;
0x000155c4 bl 0x11f60 | r0 = g_strdup_printf ()
| label_2:
0x000155c8 mov r2, r0 | r2 = r0;
0x000155cc str r0, [sp, 0x24] | var_24h = r0;
0x000155d0 mov r1, r6 | r1 = r6;
0x000155d4 mov r0, r8 | r0 = r8;
0x000155d8 bl 0x15470 | fcn_00015470 (r0, r1);
0x000155dc ldr r3, [sp, 0x24] | r3 = var_24h;
0x000155e0 add r5, r5, 4 | r5 += 4;
0x000155e4 mov r0, r3 | r0 = r3;
0x000155e8 bl 0x11dc8 | g_free ();
0x000155ec b 0x1557c |
| } while (1);
| label_7:
0x000155f0 ldr r2, [r3, 4] | r2 = *((r3 + 4));
0x000155f4 mov r1, r7 | r1 = r7;
0x000155f8 mov r0, sl | r0 = sl;
0x000155fc bl 0x11f60 | g_strdup_printf ()
0x00015600 b 0x155c8 | goto label_2;
| }
[*] Function printf used 6 times gdbus
