[*] Binary protection state of libsysutils.so
No RELRO No Canary found NX disabled DSO No RPATH No RUNPATH Symbols
[*] Function mmap tear down of libsysutils.so
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/6225984-11075644.jffs2_new_extract/lib/libsysutils.so @ 0x2d0c */
| #include <stdint.h>
|
; (fcn) sym.SU_CIPHER_Init () | void SU_CIPHER_Init () {
0x00002d0c lui gp, 2 |
0x00002d10 addiu gp, gp, -0x3cec |
0x00002d14 addu gp, gp, t9 | gp += t9;
0x00002d18 addiu sp, sp, -0x30 |
0x00002d1c sw s0, 0x28(sp) | *(var_28h) = s0;
0x00002d20 lw s0, -0x7fe4(gp) | s0 = *((gp - 8185));
0x00002d24 sw gp, 0x20(sp) | *(var_20h) = gp;
0x00002d28 sw ra, 0x2c(sp) | *(var_2ch) = ra;
0x00002d2c lw v0, 0x7020(s0) | v0 = *((s0 + 7176));
0x00002d30 lw a0, -0x7fd8(gp) | a0 = *((gp - 8182));
| if (v0 >= 0) {
0x00002d34 bgez v0, 0x2e20 | goto label_1;
| }
0x00002d38 lw t9, -0x7fb4(gp) | t9 = sym.imp.open;
0x00002d3c move a1, zero | a1 = 0;
0x00002d40 addiu a0, a0, 0x61d8 | a0 += str._dev_aes;
0x00002d44 jalr t9 | t9 ();
0x00002d48 sw v0, 0x7020(s0) | *((s0 + 7176)) = v0;
0x00002d4c lw gp, 0x20(sp) | gp = *(var_20h);
| if (v0 < 0) {
0x00002d50 bltz v0, 0x2eec | goto label_2;
| }
0x00002d54 lw s0, -0x7fe4(gp) | s0 = *((gp - 8185));
0x00002d58 lw t9, -0x7efc(gp) | t9 = sym.imp.ioctl;
0x00002d5c lui a1, 0x2000 | a1 = 0x20000000;
0x00002d60 move a0, v0 | a0 = v0;
0x00002d64 addiu a1, a1, 0x416e | a1 += 0x416e;
| /* obj.para */
0x00002d68 addiu a2, s0, 0x7174 | a2 = s0 + 0x7174;
0x00002d6c jalr t9 | t9 ();
0x00002d70 lw gp, 0x20(sp) | gp = *(var_20h);
| if (v0 != 0) {
0x00002d74 bnez v0, 0x2e8c | goto label_3;
| }
0x00002d78 lw a0, -0x7fd8(gp) | a0 = *((gp - 8182));
0x00002d7c lw t9, -0x7fb4(gp) | t9 = sym.imp.open;
0x00002d80 addiu a1, zero, 0x12 | a1 = 0x12;
0x00002d84 addiu a0, a0, 0x6218 | a0 += str._dev_mem;
0x00002d88 jalr t9 | t9 ();
0x00002d8c lw gp, 0x20(sp) | gp = *(var_20h);
0x00002d90 lw v1, -0x7fe4(gp) | v1 = *((gp - 8185));
0x00002d94 sw v0, 0x7634(v1) | *((v1 + 7565)) = v0;
| if (v0 < 0) {
0x00002d98 bltz v0, 0x2f2c | goto label_4;
| }
0x00002d9c lw v1, 0x7174(s0) | v1 = *((s0 + 7261));
0x00002da0 lw t9, -0x7f28(gp) | t9 = sym.imp.mmap
0x00002da4 sw v0, 0x10(sp) | *(var_10h) = v0;
0x00002da8 ext v0, v1, 0, 0x1d | __asm ("ext v0, v1, 0, 0x1d");
0x00002dac move a0, zero | a0 = 0;
0x00002db0 lui a1, 0x20 | a1 = 0x200000;
0x00002db4 addiu a2, zero, 3 | a2 = 3;
0x00002db8 addiu a3, zero, 1 | a3 = 1;
0x00002dbc sw v0, 0x14(sp) | *(var_14h) = v0;
0x00002dc0 jalr t9 | t9 ();
0x00002dc4 lw gp, 0x20(sp) | gp = *(var_20h);
0x00002dc8 lw a0, 0x7174(s0) | a0 = *((s0 + 7261));
0x00002dcc lui a2, 0x10 | a2 = 0x100000;
0x00002dd0 lw v1, -0x7f90(gp) | v1 = *(gp);
| /* obj.para */
0x00002dd4 addiu a1, s0, 0x7174 | a1 = s0 + 0x7174;
0x00002dd8 addu a3, v0, a2 | a3 = v0 + a2;
0x00002ddc sw v0, (v1) | *(v1) = v0;
0x00002de0 lw v1, -0x7fe4(gp) | v1 = *((gp - 8185));
0x00002de4 addu a2, a0, a2 | a2 = a0 + a2;
0x00002de8 addiu a1, a1, 0x4ec | a1 += 0x4ec;
0x00002dec addiu v1, v1, 0x71a0 | v1 += 0x71a0;
| do {
0x00002df0 sw v0, (v1) | *(v1) = v0;
0x00002df4 sw a3, 8(v1) | *((v1 + 2)) = a3;
0x00002df8 sw a0, -4(v1) | *((v1 - 1)) = a0;
0x00002dfc sw a2, 4(v1) | *((v1 + 1)) = a2;
0x00002e00 addiu v1, v1, 0x4c | v1 += 0x4c;
0x00002e04 bne v1, a1, 0x2df0 |
| } while (v1 != a1);
0x00002e08 nop |
0x00002e0c move v0, zero | v0 = 0;
| do {
0x00002e10 lw ra, 0x2c(sp) | ra = *(var_2ch);
0x00002e14 lw s0, 0x28(sp) | s0 = *(var_28h);
0x00002e18 addiu sp, sp, 0x30 |
0x00002e1c jr ra | return v1;
| label_1:
0x00002e20 lw t9, -0x7f78(gp) | t9 = sym.imp.IMP_Log_Get_Option;
0x00002e24 jalr t9 | t9 ();
0x00002e28 nop |
0x00002e2c lw gp, 0x20(sp) | gp = *(var_20h);
0x00002e30 move a1, v0 | a1 = v0;
0x00002e34 addiu a0, zero, 3 | a0 = 3;
0x00002e38 lw v1, -0x7fd8(gp) | v1 = *((gp - 8182));
0x00002e3c lw a3, -0x7fd8(gp) | a3 = *((gp - 8182));
0x00002e40 lw t9, -0x7f58(gp) | t9 = sym.imp.imp_log_fun;
0x00002e44 addiu v1, v1, 0x6148 | v1 += str._home_b_xbyu_work_isvp_w_proj_sdk_lv3_src_sysutils_cipher_cipher.c;
0x00002e48 sw v1, 0x10(sp) | *(var_10h) = v1;
0x00002e4c addiu v1, zero, 0x30 | v1 = 0x30;
0x00002e50 sw v1, 0x14(sp) | *(var_14h) = v1;
0x00002e54 lw v1, -0x7fd8(gp) | v1 = *((gp - 8182));
0x00002e58 addiu a2, zero, 2 | a2 = 2;
0x00002e5c addiu a3, a3, 0x6140 | a3 += str.Cipher;
0x00002e60 addiu v1, v1, 0x6390 | v1 += obj.__func__.3807;
0x00002e64 sw v1, 0x18(sp) | *(var_18h) = v1;
0x00002e68 lw v1, -0x7fd8(gp) | v1 = *((gp - 8182));
0x00002e6c addiu v1, v1, 0x61b0 | v1 += str.you_have_already_init_cipher_before__n;
0x00002e70 sw v1, 0x1c(sp) | *(var_1ch) = v1;
0x00002e74 jalr t9 | t9 ();
0x00002e78 lw ra, 0x2c(sp) | ra = *(var_2ch);
0x00002e7c lw s0, 0x28(sp) | s0 = *(var_28h);
0x00002e80 addiu v0, zero, -0xa | v0 = -0xa;
0x00002e84 addiu sp, sp, 0x30 |
0x00002e88 jr ra | return v1;
| label_3:
0x00002e8c lw t9, -0x7f78(gp) | t9 = sym.imp.IMP_Log_Get_Option;
0x00002e90 jalr t9 | t9 ();
0x00002e94 nop |
0x00002e98 lw gp, 0x20(sp) | gp = *(var_20h);
0x00002e9c lw v1, -0x7fd8(gp) | v1 = *((gp - 8182));
0x00002ea0 lw t9, -0x7f58(gp) | t9 = sym.imp.imp_log_fun;
0x00002ea4 addiu v1, v1, 0x6148 | v1 += str._home_b_xbyu_work_isvp_w_proj_sdk_lv3_src_sysutils_cipher_cipher.c;
0x00002ea8 sw v1, 0x10(sp) | *(var_10h) = v1;
0x00002eac addiu v1, zero, 0x3b | v1 = 0x3b;
0x00002eb0 sw v1, 0x14(sp) | *(var_14h) = v1;
0x00002eb4 lw v1, -0x7fd8(gp) | v1 = *((gp - 8182));
0x00002eb8 addiu v1, v1, 0x6390 | v1 += obj.__func__.3807;
0x00002ebc sw v1, 0x18(sp) | *(var_18h) = v1;
0x00002ec0 lw v1, -0x7fd8(gp) | v1 = *((gp - 8182));
0x00002ec4 addiu v1, v1, 0x61f4 | v1 += str.ioctl_:IOCTL_AES_GET_PBUFF_error__n;
| label_0:
0x00002ec8 lw a3, -0x7fd8(gp) | a3 = *((gp - 8182));
0x00002ecc move a1, v0 | a1 = v0;
0x00002ed0 sw v1, 0x1c(sp) | *(var_1ch) = v1;
0x00002ed4 addiu a0, zero, 3 | a0 = 3;
0x00002ed8 addiu a2, zero, 2 | a2 = 2;
0x00002edc addiu a3, a3, 0x6140 | a3 += str.Cipher;
0x00002ee0 jalr t9 | t9 ();
0x00002ee4 addiu v0, zero, -0xb | v0 = -0xb;
0x00002ee8 b 0x2e10 |
| } while (1);
| label_2:
0x00002eec lw t9, -0x7f78(gp) | t9 = sym.imp.IMP_Log_Get_Option;
0x00002ef0 jalr t9 | t9 ();
0x00002ef4 nop |
0x00002ef8 lw gp, 0x20(sp) | gp = *(var_20h);
0x00002efc lw v1, -0x7fd8(gp) | v1 = *((gp - 8182));
0x00002f00 lw t9, -0x7f58(gp) | t9 = sym.imp.imp_log_fun;
0x00002f04 addiu v1, v1, 0x6148 | v1 += str._home_b_xbyu_work_isvp_w_proj_sdk_lv3_src_sysutils_cipher_cipher.c;
0x00002f08 sw v1, 0x10(sp) | *(var_10h) = v1;
0x00002f0c addiu v1, zero, 0x36 | v1 = 0x36;
0x00002f10 sw v1, 0x14(sp) | *(var_14h) = v1;
0x00002f14 lw v1, -0x7fd8(gp) | v1 = *((gp - 8182));
0x00002f18 addiu v1, v1, 0x6390 | v1 += obj.__func__.3807;
0x00002f1c sw v1, 0x18(sp) | *(var_18h) = v1;
0x00002f20 lw v1, -0x7fd8(gp) | v1 = *((gp - 8182));
0x00002f24 addiu v1, v1, 0x61e4 | v1 += str.open___error___n;
0x00002f28 b 0x2ec8 | goto label_0;
| label_4:
0x00002f2c lw t9, -0x7f78(gp) | t9 = sym.imp.IMP_Log_Get_Option;
0x00002f30 jalr t9 | t9 ();
0x00002f34 nop |
0x00002f38 lw gp, 0x20(sp) | gp = *(var_20h);
0x00002f3c lw v1, -0x7fd8(gp) | v1 = *((gp - 8182));
0x00002f40 lw t9, -0x7f58(gp) | t9 = sym.imp.imp_log_fun;
0x00002f44 addiu v1, v1, 0x6148 | v1 += str._home_b_xbyu_work_isvp_w_proj_sdk_lv3_src_sysutils_cipher_cipher.c;
0x00002f48 sw v1, 0x10(sp) | *(var_10h) = v1;
0x00002f4c addiu v1, zero, 0x41 | v1 = 0x41;
0x00002f50 sw v1, 0x14(sp) | *(var_14h) = v1;
0x00002f54 lw v1, -0x7fd8(gp) | v1 = *((gp - 8182));
0x00002f58 addiu v1, v1, 0x6390 | v1 += obj.__func__.3807;
0x00002f5c sw v1, 0x18(sp) | *(var_18h) = v1;
0x00002f60 lw v1, -0x7fd8(gp) | v1 = *((gp - 8182));
0x00002f64 addiu v1, v1, 0x6224 | v1 += str.open__dev_mem_failed._n;
0x00002f68 b 0x2ec8 | goto label_0;
| }
[*] Function mmap used 2 times libsysutils.so
