[*] Binary protection state of avahi-set-host-name
Partial RELRO No Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function printf tear down of avahi-set-host-name
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/bin/avahi-set-host-name @ 0x11140 */
| #include <stdint.h>
|
; (fcn) fcn.00011140 () | void fcn_00011140 (int32_t arg1) {
| int32_t var_0h;
| int32_t var_ch;
| int32_t var_10h;
| int32_t var_14h;
| int32_t var_18h;
| int32_t var_1ch;
| int32_t var_20h;
| r0 = arg1;
0x00011140 push {r4, r5, r6, r7, r8, lr} |
0x00011144 subs r8, r0, 0 | r8 = r0 - 0;
0x00011148 sub sp, sp, 0x20 |
| if (r8 != r0) {
0x0001114c bne 0x11164 | goto label_3;
| }
0x00011150 ldr r3, [pc, 0x180] | r3 = *(0x112d4);
0x00011154 ldr r1, [pc, 0x180] | r1 = "sigint_install";
0x00011158 ldr r0, [pc, 0x180] | r0 = "sigint.c";
0x0001115c mov r2, 0x56 | r2 = 0x56;
| do {
| label_0:
0x00011160 bl 0x10af8 | assert ();
| label_3:
0x00011164 ldr r5, [pc, 0x178] | r5 = "spoll";
0x00011168 ldr r4, [r5] | r4 = "spoll";
0x0001116c cmp r4, 0 |
| if (r4 == 0) {
0x00011170 ldrne r3, [pc, 0x160] | r3 = "sigint_install";
| }
| if (r4 == 0) {
0x00011174 movne r2, 0x57 | r2 = 0x57;
| }
| if (r4 == 0) {
0x00011178 ldrne r1, [pc, 0x15c] | r1 = "sigint.c";
| }
| if (r4 == 0) {
0x0001117c ldrne r0, [pc, 0x164] | r0 = "!simple_poll";
| }
0x00011180 bne 0x11160 |
| } while (r4 != 0);
0x00011184 ldr r6, [pc, 0x160] | r6 = "!simple_poll";
0x00011188 ldr r3, [r6] | r3 = "!simple_poll";
0x0001118c cmn r3, 1 |
| if (r3 == 1) {
0x00011190 bne 0x111a0 |
0x00011194 ldr r7, [r6, 4] | r7 = *((r6 + 4));
0x00011198 cmn r7, 1 |
| if (r7 == 1) {
0x0001119c beq 0x111b4 | goto label_4;
| }
| }
0x000111a0 ldr r3, [pc, 0x130] | r3 = *(0x112d4);
0x000111a4 mov r2, 0x58 | r2 = 0x58;
0x000111a8 ldr r1, [pc, 0x12c] | r1 = "sigint_install";
0x000111ac ldr r0, [pc, 0x13c] | r0 = *(0x112ec);
0x000111b0 b 0x11160 | goto label_0;
| label_4:
0x000111b4 mov r0, r6 | r0 = r6;
0x000111b8 bl 0x109fc | r0 = pipe ();
0x000111bc cmp r0, 0 |
| if (r0 >= 0) {
0x000111c0 bge 0x111f4 | goto label_5;
| }
0x000111c4 ldr r3, [pc, 0x128] | r3 = "pipe_fds[0] == -1 && pipe_fds[1] == -1";
0x000111c8 ldr r4, [r3] | r4 = "pipe_fds[0] == -1 && pipe_fds[1] == -1";
0x000111cc bl 0x10ae0 | r0 = errno_location ();
0x000111d0 ldr r0, [r0] | r0 = *(r0);
0x000111d4 bl 0x10b10 | strerror (r0);
0x000111d8 ldr r1, [pc, 0x118] | r1 = stderr;
0x000111dc mov r2, r0 | r2 = r0;
0x000111e0 mov r0, r4 | r0 = r4;
0x000111e4 bl 0x10a80 | fprintf (r0, r1, r2)
| do {
| label_2:
0x000111e8 mov r0, r7 | r0 = r7;
0x000111ec add sp, sp, 0x20 |
0x000111f0 pop {r4, r5, r6, r7, r8, pc} |
| label_5:
0x000111f4 ldr r0, [r6] | r0 = *(r6);
0x000111f8 bl 0x110d8 | fcn_000110d8 (r0);
0x000111fc ldr r0, [r6, 4] | r0 = *((r6 + 4));
0x00011200 bl 0x110d8 | fcn_000110d8 (r0);
0x00011204 ldr r3, [pc, 0xf0] | r3 = "pipe___failed:__s";
0x00011208 add r2, r5, 4 | r2 = r5 + 4;
0x0001120c str r3, [sp, 0xc] | var_ch = r3;
0x00011210 add r1, sp, 0xc | r1 += var_ch;
0x00011214 mov r3, 0x10000000 | r3 = 0x10000000;
0x00011218 mov r0, 2 | r0 = 2;
0x0001121c str r4, [sp, 0x14] | var_14h = r4;
0x00011220 str r4, [sp, 0x18] | var_18h = r4;
0x00011224 str r4, [sp, 0x1c] | var_1ch = r4;
0x00011228 str r3, [sp, 0x10] | var_10h = r3;
0x0001122c bl 0x10b28 | r0 = sigaction ();
0x00011230 cmp r0, 0 |
| if (r0 >= 0) {
0x00011234 bge 0x11264 | goto label_6;
| }
| label_1:
0x00011238 ldr r3, [pc, 0xb4] | r3 = "pipe_fds[0] == -1 && pipe_fds[1] == -1";
0x0001123c ldr r4, [r3] | r4 = "pipe_fds[0] == -1 && pipe_fds[1] == -1";
0x00011240 bl 0x10ae0 | r0 = errno_location ();
0x00011244 ldr r0, [r0] | r0 = *(r0);
0x00011248 bl 0x10b10 | strerror (r0);
0x0001124c ldr r1, [pc, 0xac] | r1 = *(0x112fc);
0x00011250 mov r2, r0 | r2 = r0;
0x00011254 mov r0, r4 | r0 = r4;
0x00011258 bl 0x10a80 | r0 = fprintf (r0, r1, r2)
0x0001125c bl 0x1109c | fcn_0001109c ();
0x00011260 b 0x111e8 |
| } while (1);
| label_6:
0x00011264 add r2, r5, 0x18 | r2 = r5 + 0x18;
0x00011268 add r1, sp, 0xc | r1 += var_ch;
0x0001126c mov r0, 0xf | r0 = 0xf;
0x00011270 bl 0x10b28 | r0 = sigaction ();
0x00011274 cmp r0, 0 |
| if (r0 < 0) {
0x00011278 bge 0x11290 |
0x0001127c mov r2, r4 | r2 = r4;
0x00011280 add r1, r5, 4 | r1 = r5 + 4;
0x00011284 mov r0, 2 | r0 = 2;
0x00011288 bl 0x10b28 | sigaction ();
0x0001128c b 0x11238 | goto label_1;
| }
0x00011290 mov r0, r8 | r0 = r8;
0x00011294 bl 0x10aa4 | avahi_simple_poll_get ();
0x00011298 str r4, [sp] | *(sp) = r4;
0x0001129c ldr r3, [pc, 0x60] | r3 = "sigaction() failed: %s\n";
0x000112a0 mov r2, 1 | r2 = 1;
0x000112a4 ldr r1, [r6] | r1 = *(r6);
0x000112a8 ldr r7, [r0, 4] | r7 = *((r0 + 4));
0x000112ac blx r7 | r0 = uint32_t (*r7)(uint32_t, uint32_t, char*) (r1, r2, "sigaction() failed: %s\n");
0x000112b0 cmp r0, 0 |
0x000112b4 str r0, [r5, 0x2c] | *((r5 + 0x2c)) = r0;
| if (r0 == 0) {
0x000112b8 strne r8, [r5] | *(r5) = r8;
| }
| if (r0 != 0) {
0x000112bc movne r7, r4 | r7 = r4;
| goto label_7;
| }
| if (r0 != 0) {
| label_7:
0x000112c0 bne 0x111e8 | goto label_2;
| }
0x000112c4 ldr r3, [pc, 0xc] | r3 = *(0x112d4);
0x000112c8 mov r2, 0x75 | r2 = 0x75;
0x000112cc ldr r1, [pc, 8] | r1 = "sigint.c";
0x000112d0 ldr r0, [pc, 0x30] | r0 = *(0x11304);
0x000112d4 b 0x11160 | goto label_0;
| }
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/56048-12514271.gzip_extract/gzip.uncompressed_extract/5243916-15068666.gzip_extract/gzip.uncompressed_extract/usr/bin/avahi-set-host-name @ 0x10b40 */
| #include <stdint.h>
|
; (fcn) main () | int32_t main (int32_t argc, char ** argv) {
| int32_t var_0h;
| int32_t var_ch;
| int32_t var_14h;
| r0 = argc;
| r1 = argv;
| /* [10] -r-x section size 2152 named .text */
0x00010b40 push {r4, r5, r6, r7, r8, sb, sl, fp, lr} |
0x00010b44 ldr sl, [pc, 0x29c] | sl = "help";
0x00010b48 sub sp, sp, 0x14 |
0x00010b4c mov sb, r1 | sb = r1;
0x00010b50 mov r7, r0 | r7 = r0;
0x00010b54 bl 0x10a68 | avahi_init_i18n ();
0x00010b58 ldr r1, [pc, 0x28c] | r1 = "help";
0x00010b5c mov r0, 6 | r0 = 6;
0x00010b60 bl 0x10ab0 | setlocale (r0, "help");
0x00010b64 ldr r5, [sb] | r5 = *(sb);
0x00010b68 mov r1, 0x2f | r1 = 0x2f;
0x00010b6c mov r0, r5 | r0 = r5;
0x00010b70 bl 0x10a20 | strrchr (r0, r1);
0x00010b74 ldr r8, [pc, 0x274] | r8 = *(0x10dec);
0x00010b78 mov r6, 0 | r6 = 0;
0x00010b7c mov r4, r6 | r4 = r6;
0x00010b80 mov fp, r6 |
0x00010b84 cmp r0, 0 |
| if (r0 == 0) {
0x00010b88 addne r5, r0, 1 | r5 = r0 + 1;
| }
| label_0:
0x00010b8c str fp, [sp] | *(sp) = fp;
0x00010b90 mov r3, sl | r3 = sl;
0x00010b94 mov r2, r8 | r2 = r8;
0x00010b98 mov r1, sb | r1 = sb;
0x00010b9c mov r0, r7 | r0 = r7;
0x00010ba0 bl 0x10b34 | r0 = getopt_long ();
0x00010ba4 cmp r0, 0 |
| if (r0 >= 0) {
0x00010ba8 bge 0x10be0 | goto label_7;
| }
0x00010bac cmp r6, 0 |
| if (r6 != 0) {
0x00010bb0 bne 0x10c10 | goto label_8;
| }
0x00010bb4 ldr r8, [pc, 0x238] | r8 = *(0x10df0);
0x00010bb8 sub r7, r7, 1 | r7--;
0x00010bbc ldr r3, [r8] | r3 = *(0x10df0);
0x00010bc0 cmp r7, r3 |
| if (r7 == r3) {
0x00010bc4 beq 0x10c44 | goto label_9;
| }
0x00010bc8 ldr r3, [pc, 0x228] | r3 = optind;
0x00010bcc ldr r0, [pc, 0x228] | r0 = stderr;
0x00010bd0 ldr r1, [r3] | r1 = optind;
| label_1:
0x00010bd4 bl 0x10aec | fputs (r0, r1);
| do {
| label_2:
0x00010bd8 mov r4, 1 | r4 = 1;
0x00010bdc b 0x10cfc | goto label_4;
| label_7:
0x00010be0 cmp r0, 0x68 |
| if (r0 == 0x68) {
0x00010be4 beq 0x10c00 | goto label_10;
| }
0x00010be8 cmp r0, 0x76 |
| if (r0 == 0x76) {
0x00010bec beq 0x10c08 | goto label_11;
| }
0x00010bf0 cmp r0, 0x56 |
0x00010bf4 bne 0x10bd8 |
| } while (r0 != 0x56);
0x00010bf8 mov r6, 2 | r6 = 2;
0x00010bfc b 0x10b8c | goto label_0;
| label_10:
0x00010c00 mov r6, 1 | r6 = 1;
0x00010c04 b 0x10b8c | goto label_0;
| label_11:
0x00010c08 mov r4, 1 | r4 = 1;
0x00010c0c b 0x10b8c | goto label_0;
| label_8:
0x00010c10 cmp r6, 2 |
| if (r6 != 2) {
0x00010c14 beq 0x10c30 |
0x00010c18 ldr r1, [pc, 0x1e0] | r1 = "Invalid number of arguments, expecting exactly one.\n";
0x00010c1c ldr r3, [pc, 0x1e0] | r3 = "_s__options___new_host_name______h___help____________Show_this_help_____V___version_________Show_version_____v___verbose_________Enable_verbose_mode";
0x00010c20 mov r2, r5 | r2 = r5;
| label_5:
0x00010c24 ldr r0, [r3] | r0 = *(r3);
0x00010c28 bl 0x10a80 | fprintf (r0, "Invalid number of arguments, expecting exactly one.\n", r2, "_s__options___new_host_name______h___help____________Show_this_help_____V___version_________Show_version_____v___verbose_________Enable_verbose_mode")
0x00010c2c b 0x10c3c |
| } else {
0x00010c30 mov r1, r5 | r1 = r5;
0x00010c34 ldr r0, [pc, 0x1cc] | r0 = stdout;
0x00010c38 bl 0x10a5c | printf (r0, r1)
| }
0x00010c3c mov r4, 0 | r4 = 0;
0x00010c40 b 0x10cfc | goto label_4;
| label_9:
0x00010c44 bl 0x10a44 | avahi_simple_poll_new ();
0x00010c48 ldr r5, [pc, 0x1bc] | r5 = "_s_0.7";
0x00010c4c mov r7, r5 | r7 = r5;
0x00010c50 cmp r0, 0 |
0x00010c54 str r0, [r5] | *(r5) = r0;
| if (r0 != 0) {
0x00010c58 ldreq r3, [pc, 0x198] | r3 = obj.stderr;
| }
| if (r0 != 0) {
0x00010c5c ldreq r0, [pc, 0x1ac] | r0 = "Failed_to_create_simple_poll_object.";
| }
| if (r0 == 0) {
0x00010c60 ldreq r1, [r3] | r1 = *(r3);
| goto label_12;
| }
| if (r0 == 0) {
| label_12:
0x00010c64 beq 0x10bd4 | goto label_1;
| }
0x00010c68 bl 0x11140 | r0 = fcn_00011140 (r0);
0x00010c6c cmp r0, 0 |
| if (r0 < 0) {
0x00010c70 blt 0x10bd8 | goto label_2;
| }
0x00010c74 ldr r0, [r5] | r0 = *(r5);
0x00010c78 bl 0x10aa4 | avahi_simple_poll_get ();
0x00010c7c add r3, sp, 0xc | r3 += var_ch;
0x00010c80 str r3, [sp] | *(sp) = r3;
0x00010c84 ldr r2, [pc, 0x188] | r2 = "Failed_to_create_simple_poll_object.";
0x00010c88 mov r3, r6 | r3 = r6;
0x00010c8c mov r1, r6 | r1 = r6;
0x00010c90 bl 0x10a50 | r0 = avahi_client_new ();
0x00010c94 cmp r0, 0 |
0x00010c98 str r0, [r5, 4] | *((r5 + 4)) = r0;
| if (r0 == 0) {
0x00010c9c bne 0x10cc4 |
0x00010ca0 ldr r3, [pc, 0x150] | r3 = optind;
0x00010ca4 ldr r0, [sp, 0xc] | r0 = var_ch;
0x00010ca8 ldr r4, [r3] | r4 = optind;
0x00010cac bl 0x10a2c | avahi_strerror ();
0x00010cb0 ldr r1, [pc, 0x160] | r1 = *(0x10e14);
0x00010cb4 mov r2, r0 | r2 = r0;
| label_3:
0x00010cb8 mov r0, r4 | r0 = r4;
0x00010cbc bl 0x10a80 | fprintf (r0, r1, r2)
0x00010cc0 b 0x10bd8 | goto label_2;
| }
0x00010cc4 cmp r4, 0 |
| if (r4 == 0) {
0x00010cc8 beq 0x10d70 | goto label_13;
| }
0x00010ccc bl 0x10a8c | avahi_client_get_version_string ();
0x00010cd0 ldr r6, [pc, 0x120] | r6 = optind;
0x00010cd4 subs sl, r0, 0 | sl = r0 - 0;
| if (sl != r0) {
0x00010cd8 bne 0x10d34 | goto label_14;
| }
0x00010cdc ldr r0, [r5, 4] | r0 = *((r5 + 4));
0x00010ce0 ldr r6, [r6] | r6 = *(r6);
0x00010ce4 bl 0x10b1c | avahi_client_errno ();
0x00010ce8 bl 0x10a2c | avahi_strerror ();
0x00010cec ldr r1, [pc, 0x128] | r1 = "Failed_to_create_client_object:__s";
0x00010cf0 mov r2, r0 | r2 = r0;
| do {
0x00010cf4 mov r0, r6 | r0 = r6;
| label_6:
0x00010cf8 bl 0x10a80 | fprintf (r0, "Failed_to_create_client_object:__s", r2)
| label_4:
0x00010cfc ldr r3, [pc, 0x108] | r3 = "_s_0.7";
0x00010d00 ldr r0, [r3, 4] | r0 = *(0x10e0c);
0x00010d04 mov r5, r3 | r5 = r3;
0x00010d08 cmp r0, 0 |
| if (r0 != 0) {
0x00010d0c beq 0x10d14 |
0x00010d10 bl 0x109f0 | avahi_client_free ();
| }
0x00010d14 bl 0x1130c | fcn_0001130c ();
0x00010d18 ldr r0, [r5] | r0 = *(r5);
0x00010d1c cmp r0, 0 |
| if (r0 != 0) {
0x00010d20 beq 0x10d28 |
0x00010d24 bl 0x10ad4 | avahi_simple_poll_free ();
| }
0x00010d28 mov r0, r4 | r0 = r4;
0x00010d2c add sp, sp, 0x14 |
0x00010d30 pop {r4, r5, r6, r7, r8, sb, sl, fp, pc} |
| label_14:
0x00010d34 ldr r0, [r5, 4] | r0 = *((r5 + 4));
0x00010d38 bl 0x10b04 | r0 = avahi_client_get_host_name_fqdn ();
0x00010d3c subs r3, r0, 0 | r3 = r0 - 0;
| if (r3 != r0) {
0x00010d40 bne 0x10d60 | goto label_15;
| }
0x00010d44 ldr r0, [r5, 4] | r0 = *((r5 + 4));
0x00010d48 ldr r6, [r6] | r6 = *(r6);
0x00010d4c bl 0x10b1c | avahi_client_errno ();
0x00010d50 bl 0x10a2c | avahi_strerror ();
0x00010d54 ldr r1, [pc, 0xc4] | r1 = "Failed_to_query_version_string:__s";
0x00010d58 mov r2, r0 | r2 = r0;
0x00010d5c b 0x10cf4 |
| } while (1);
| label_15:
0x00010d60 mov r2, sl | r2 = sl;
0x00010d64 ldr r1, [pc, 0xb8] | r1 = "Failed_to_query_host_name:__s";
0x00010d68 ldr r0, [r6] | r0 = *(r6);
0x00010d6c bl 0x10a80 | fprintf (r0, "Failed_to_query_host_name:__s", r2)
| label_13:
0x00010d70 ldr r3, [r8] | r3 = *(r8);
0x00010d74 ldr r0, [r7, 4] | r0 = *((r7 + 4));
0x00010d78 ldr r1, [sb, r3, lsl 2] | offset_0 = r3 << 2;
| r1 = *((sb + offset_0));
0x00010d7c bl 0x10abc | r0 = avahi_client_set_host_name ();
0x00010d80 cmp r0, 0 |
| if (r0 < 0) {
0x00010d84 bge 0x10da8 |
0x00010d88 ldr r3, [pc, 0x68] | r3 = optind;
0x00010d8c ldr r0, [r7, 4] | r0 = *((r7 + 4));
0x00010d90 ldr r4, [r3] | r4 = optind;
0x00010d94 bl 0x10b1c | avahi_client_errno ();
0x00010d98 bl 0x10a2c | avahi_strerror ();
0x00010d9c ldr r1, [pc, 0x84] | r1 = "Server version: %s; Host name: %s\n";
0x00010da0 mov r2, r0 | r2 = r0;
0x00010da4 b 0x10cb8 | goto label_3;
| }
0x00010da8 cmp r4, 0 |
| if (r4 == 0) {
0x00010dac beq 0x10cfc | goto label_4;
| }
0x00010db0 ldr r0, [r7, 4] | r0 = *((r7 + 4));
0x00010db4 bl 0x10b04 | avahi_client_get_host_name_fqdn ();
0x00010db8 ldr r3, [pc, 0x38] | r3 = optind;
0x00010dbc subs r2, r0, 0 | r2 = r0 - 0;
| if (r2 != r0) {
0x00010dc0 ldrne r1, [pc, 0x64] | r1 = "Host name successfully changed to %s\n";
| goto label_16;
| }
| if (r2 != r0) {
| label_16:
0x00010dc4 bne 0x10c24 | goto label_5;
| }
0x00010dc8 ldr r0, [r7, 4] | r0 = *((r7 + 4));
0x00010dcc ldr r5, [r3] | r5 = *(r3);
0x00010dd0 bl 0x10b1c | avahi_client_errno ();
0x00010dd4 bl 0x10a2c | avahi_strerror ();
0x00010dd8 ldr r1, [pc, 0x40] | r1 = "Failed_to_query_version_string:__s";
0x00010ddc mov r2, r0 | r2 = r0;
0x00010de0 mov r0, r5 | r0 = r5;
0x00010de4 b 0x10cf8 | goto label_6;
| }
[*] Function printf used 8 times avahi-set-host-name
