[*] Binary protection state of boa
No RELRO No Canary found NX disabled No PIE No RPATH No RUNPATH Symbols
[*] Function system tear down of boa
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/2097216-5451840.squashfs_v4_le_extract/usr/boa/boa @ 0x4092e8 */
| #include <stdint.h>
|
; (fcn) sym.get_request () | void get_request () {
0x004092e8 addiu sp, sp, -0x58 |
0x004092ec addiu v0, zero, -0x2153 | v0 = -0x2153;
0x004092f0 addiu a1, sp, 0x30 | a1 = sp + 0x30;
0x004092f4 sw s1, 0x4c(sp) | *(var_4ch) = s1;
0x004092f8 addiu a2, sp, 0x44 | a2 = sp + 0x44;
0x004092fc addiu s1, zero, 0x10 | s1 = 0x10;
0x00409300 sw s2, 0x50(sp) | *(var_50h) = s2;
0x00409304 sw ra, 0x54(sp) | *(var_54h) = ra;
0x00409308 sw s0, 0x48(sp) | *(var_48h) = s0;
0x0040930c sw s1, 0x44(sp) | *(var_44h) = s1;
0x00409310 sh v0, 0x30(sp) | *(var_30h) = v0;
0x00409314 addiu s2, zero, -1 | s2 = -1;
0x00409318 jal 0x40f7a0 | fcn_0040f7a0 ();
0x0040931c move s0, v0 | s0 = v0;
| if (v0 == s2) {
0x00409320 beq v0, s2, 0x4094b4 | goto label_6;
| }
0x00409324 slti v0, v0, 0x400 | v0 = (v0 < 0x400) ? 1 : 0;
0x00409328 addiu a1, sp, 0x20 | a1 = sp + 0x20;
| if (v0 != 0) {
0x0040932c bnez v0, 0x40936c | goto label_7;
| }
0x00409330 lui a0, 0x41 | a0 = 0x410000;
0x00409334 lui a2, 0x41 | a2 = 0x410000;
| /* str.request.c */
0x00409338 addiu a0, a0, -0x1a48 | a0 += -0x1a48;
0x0040933c addiu a1, zero, 0x60 | a1 = 0x60;
| /* str.Got_fd___FD_SETSIZE. */
0x00409340 addiu a2, a2, -0x1a34 | a2 += -0x1a34;
| do {
0x00409344 jal 0x407dd8 | sym_log_error_mesg ();
0x00409348 nop |
0x0040934c move a0, s0 | a0 = s0;
0x00409350 jal 0x40fb90 | fcn_0040fb90 ();
0x00409354 lw ra, 0x54(sp) | ra = *(var_54h);
| label_3:
0x00409358 lw s2, 0x50(sp) | s2 = *(var_50h);
0x0040935c lw s1, 0x4c(sp) | s1 = *(var_4ch);
0x00409360 lw s0, 0x48(sp) | s0 = *(var_48h);
0x00409364 addiu sp, sp, 0x58 |
0x00409368 jr ra | return v0;
| label_7:
0x0040936c move a0, s0 | a0 = s0;
0x00409370 addiu a2, sp, 0x40 | a2 = sp + 0x40;
0x00409374 sw s1, 0x40(sp) | *(var_40h) = s1;
0x00409378 jal 0x40fbb0 | fcn_0040fbb0 ();
0x0040937c lui a0, 0x41 | a0 = 0x410000;
| if (v0 == 0) {
0x00409380 bnez v0, 0x4094f8 |
0x00409384 jal 0x408e30 | sym_new_request ();
0x00409388 nop |
0x0040938c move s1, v0 | s1 = v0;
| if (v0 == 0) {
0x00409390 beqz v0, 0x4095c0 | goto label_8;
| }
0x00409394 lui v0, 0x42 | v0 = 0x420000;
0x00409398 lw v1, 0x10c(v0) | v1 = *((v0 + 67));
0x0040939c lui v0, 0x42 | v0 = 0x420000;
0x004093a0 lw v0, 0x168(v0) | v0 = *((v0 + 90));
0x004093a4 addiu a3, s1, 0x2ca6 | a3 = s1 + 0x2ca6;
0x004093a8 addiu a0, sp, 0x20 | a0 = sp + 0x20;
0x004093ac addiu a1, s1, 0x5c | a1 = s1 + 0x5c;
0x004093b0 addiu a2, zero, 0x401 | a2 = 0x401;
0x004093b4 sw a3, 0x34(s1) | *((s1 + 13)) = a3;
0x004093b8 sw v1, 8(s1) | *((s1 + 2)) = v1;
0x004093bc sw s0, (s1) | *(s1) = s0;
0x004093c0 sw zero, 4(s1) | *((s1 + 1)) = 0;
0x004093c4 sw v0, 0x18(s1) | *((s1 + 6)) = v0;
0x004093c8 jal 0x407acc | sym_ascii_sockaddr ();
0x004093cc lw a0, (s1) | a0 = *(s1);
0x004093d0 addiu a1, zero, 4 | a1 = 4;
0x004093d4 addiu a2, zero, 0x80 | a2 = 0x80;
0x004093d8 jal 0x40fb70 | fcn_0040fb70 ();
0x004093dc lui a0, 0x41 | a0 = 0x410000;
| if (v0 == s2) {
0x004093e0 beq v0, s2, 0x4095ec | goto label_9;
| }
0x004093e4 lw a0, (s1) | a0 = *(s1);
| label_5:
0x004093e8 addiu a1, zero, 2 | a1 = 2;
0x004093ec addiu a2, zero, 1 | a2 = 1;
0x004093f0 jal 0x40fb70 | fcn_0040fb70 ();
0x004093f4 addiu v1, zero, -1 | v1 = -1;
0x004093f8 lui a0, 0x41 | a0 = 0x410000;
| if (v0 == v1) {
0x004093fc beq v0, v1, 0x4095d0 | goto label_10;
| }
0x00409400 lui s0, 0x42 | s0 = 0x420000;
| label_4:
0x00409404 lw v0, 0x2860(s0) | v0 = *((s0 + 2584));
0x00409408 addiu s2, zero, 4 | s2 = 4;
| if (v0 == 0) {
0x0040940c beqz v0, 0x40952c | goto label_11;
| }
| label_0:
0x00409410 lui a3, 0x42 | a3 = 0x420000;
0x00409414 lw v1, -0x70(a3) | v1 = *((a3 - 28));
0x00409418 slt v0, v0, v1 | v0 = (v0 < v1) ? 1 : 0;
0x0040941c addiu v0, zero, 4 | v0 = 4;
| if (v0 != 0) {
0x00409420 bnez v0, 0x409580 | goto label_12;
| }
| label_1:
0x00409424 addiu a1, s1, 0x464 | a1 = s1 + 0x464;
| label_2:
0x00409428 addiu a2, zero, 0x401 | a2 = 0x401;
0x0040942c addiu a0, sp, 0x30 | a0 = sp + 0x30;
0x00409430 jal 0x407acc | sym_ascii_sockaddr ();
0x00409434 addiu a0, sp, 0x30 | a0 = sp + 0x30;
0x00409438 jal 0x407b0c | sym_net_port ();
0x0040943c lui v1, 0x42 | v1 = 0x420000;
0x00409440 lui a1, 0x42 | a1 = 0x420000;
0x00409444 lw a0, 0x178(v1) | a0 = *((v1 + 94));
0x00409448 lw a2, (s1) | a2 = *(s1);
0x0040944c lw a1, 0x134(a1) | a1 = *((a1 + 77));
0x00409450 addiu a0, a0, 1 | a0++;
0x00409454 sw v0, 0x460(s1) | *((s1 + 280)) = v0;
0x00409458 slt a1, a1, a2 | a1 = (a1 < a2) ? 1 : 0;
0x0040945c sw a0, 0x178(v1) | *((v1 + 94)) = a0;
| if (a1 != 0) {
0x00409460 beqz a1, 0x40947c |
0x00409464 move a0, s1 | a0 = s1;
0x00409468 jal 0x40a820 | sym_send_r_service_unavailable ();
0x0040946c addiu v0, zero, 9 | v0 = 9;
0x00409470 sw v0, 4(s1) | *((s1 + 1)) = v0;
0x00409474 lui v0, 0x42 | v0 = 0x420000;
0x00409478 sw zero, 0xe70(v0) | *((v0 + 924)) = 0;
| }
0x0040947c lui v0, 0x42 | v0 = 0x420000;
0x00409480 lw v1, 0x174(v0) | v1 = *((v0 + 93));
0x00409484 lui a0, 0x42 | a0 = 0x420000;
0x00409488 move a1, s1 | a1 = s1;
0x0040948c addiu v1, v1, 1 | v1++;
| /* obj.request_ready */
0x00409490 addiu a0, a0, 0x2858 | a0 += 0x2858;
0x00409494 sw v1, 0x174(v0) | *((v0 + 93)) = v1;
0x00409498 jal 0x408794 | sym_enqueue ();
0x0040949c lw ra, 0x54(sp) | ra = *(var_54h);
0x004094a0 lw s2, 0x50(sp) | s2 = *(var_50h);
0x004094a4 lw s1, 0x4c(sp) | s1 = *(var_4ch);
0x004094a8 lw s0, 0x48(sp) | s0 = *(var_48h);
0x004094ac addiu sp, sp, 0x58 |
0x004094b0 jr ra | return v0;
| label_6:
0x004094b4 jal 0x40fab0 | fcn_0040fab0 ();
0x004094b8 nop |
0x004094bc lw v1, (v0) | v1 = *(v0);
0x004094c0 addiu v0, zero, 0xb | v0 = 0xb;
0x004094c4 lui a0, 0x41 | a0 = 0x410000;
| if (v1 == v0) {
0x004094c8 beq v1, v0, 0x40950c | goto label_13;
| }
0x004094cc lui a2, 0x41 | a2 = 0x410000;
| /* str.request.c */
0x004094d0 addiu a0, a0, -0x1a48 | a0 += -0x1a48;
0x004094d4 addiu a1, zero, 0x59 | a1 = 0x59;
| /* str.accept */
0x004094d8 addiu a2, a2, -0x1a3c | a2 += -0x1a3c;
0x004094dc jal 0x407dd8 | sym_log_error_mesg ();
0x004094e0 lw ra, 0x54(sp) | ra = *(var_54h);
0x004094e4 lw s2, 0x50(sp) | s2 = *(var_50h);
0x004094e8 lw s1, 0x4c(sp) | s1 = *(var_4ch);
0x004094ec lw s0, 0x48(sp) | s0 = *(var_48h);
0x004094f0 addiu sp, sp, 0x58 |
0x004094f4 jr ra | return v0;
| }
0x004094f8 lui a2, 0x41 | a2 = 0x410000;
| /* str.request.c */
0x004094fc addiu a0, a0, -0x1a48 | a0 += -0x1a48;
0x00409500 addiu a1, zero, 0x8a | a1 = 0x8a;
| /* str.getsockname */
0x00409504 addiu a2, a2, -0x1a1c | a2 += -0x1a1c;
0x00409508 b 0x409344 |
| } while (1);
| label_13:
0x0040950c lw ra, 0x54(sp) | ra = *(var_54h);
0x00409510 lui v0, 0x42 | v0 = 0x420000;
0x00409514 lw s2, 0x50(sp) | s2 = *(var_50h);
0x00409518 lw s1, 0x4c(sp) | s1 = *(var_4ch);
0x0040951c lw s0, 0x48(sp) | s0 = *(var_48h);
0x00409520 sw zero, 0xe70(v0) | *((v0 + 924)) = 0;
0x00409524 addiu sp, sp, 0x58 |
0x00409528 jr ra | return v0;
| label_11:
0x0040952c lw a0, (s1) | a0 = *(s1);
0x00409530 addiu v0, sp, 0x40 | v0 = sp + 0x40;
0x00409534 sw v0, 0x10(sp) | *(var_10h) = v0;
0x00409538 ori a1, zero, 0xffff | a1 = 0xffff;
0x0040953c addiu a2, zero, 0x1001 | a2 = 0x1001;
| /* obj.system_bufsize.4671 */
0x00409540 addiu a3, s0, 0x2860 | a3 = s0 + 0x2860;
0x00409544 sw s2, 0x40(sp) | *(var_40h) = s2;
0x00409548 jal 0x40fa80 | fcn_0040fa80 ();
0x0040954c lui a0, 0x41 | a0 = 0x410000;
| if (v0 == 0) {
0x00409550 bnez v0, 0x409560 |
0x00409554 lw v0, 0x40(sp) | v0 = *(var_40h);
| if (v0 == s2) {
0x00409558 beq v0, s2, 0x409608 | goto label_14;
| }
0x0040955c nop |
| }
0x00409560 lui a2, 0x41 | a2 = 0x410000;
| /* str.request.c */
0x00409564 addiu a0, a0, -0x1a48 | a0 += -0x1a48;
0x00409568 addiu a1, zero, 0xb3 | a1 = 0xb3;
| /* str.getsockopt_SNDBUF_ */
0x0040956c addiu a2, a2, -0x19ac | a2 += -0x19ac;
0x00409570 jal 0x407dd8 | sym_log_error_mesg ();
0x00409574 addiu v0, zero, 1 | v0 = 1;
0x00409578 sw v0, 0x2860(s0) | *((s0 + 2584)) = v0;
0x0040957c b 0x409410 | goto label_0;
| label_12:
0x00409580 lw a0, (s1) | a0 = *(s1);
0x00409584 sw v0, 0x10(sp) | *(var_10h) = v0;
0x00409588 ori a1, zero, 0xffff | a1 = 0xffff;
0x0040958c addiu a2, zero, 0x1001 | a2 = 0x1001;
| /* obj.sockbufsize */
0x00409590 addiu a3, a3, -0x70 | a3 += -0x70;
0x00409594 jal 0x40f820 | fcn_0040f820 ();
0x00409598 addiu v1, zero, -1 | v1 = -1;
0x0040959c lui a0, 0x41 | a0 = 0x410000;
| if (v0 != v1) {
0x004095a0 bne v0, v1, 0x409424 | goto label_1;
| }
0x004095a4 lui a2, 0x41 | a2 = 0x410000;
| /* str.request.c */
0x004095a8 addiu a0, a0, -0x1a48 | a0 += -0x1a48;
0x004095ac addiu a1, zero, 0xbb | a1 = 0xbb;
| /* str.setsockopt:_unable_to_set_socket_buffer_size */
0x004095b0 addiu a2, a2, -0x1998 | a2 += -0x1998;
0x004095b4 jal 0x407dd8 | sym_log_error_mesg ();
0x004095b8 addiu a1, s1, 0x464 | a1 = s1 + 0x464;
0x004095bc b 0x409428 | goto label_2;
| label_8:
0x004095c0 move a0, s0 | a0 = s0;
0x004095c4 jal 0x40fb90 | fcn_0040fb90 ();
0x004095c8 lw ra, 0x54(sp) | ra = *(var_54h);
0x004095cc b 0x409358 | goto label_3;
| label_10:
0x004095d0 lui a2, 0x41 | a2 = 0x410000;
| /* str.request.c */
0x004095d4 addiu a0, a0, -0x1a48 | a0 += -0x1a48;
0x004095d8 addiu a1, zero, 0xa2 | a1 = 0xa2;
| /* str.fctnl:_unable_to_set_close_on_exec_for_new_socket */
0x004095dc addiu a2, a2, -0x19e0 | a2 += -0x19e0;
0x004095e0 jal 0x407dd8 | sym_log_error_mesg ();
0x004095e4 lui s0, 0x42 | s0 = 0x420000;
0x004095e8 b 0x409404 | goto label_4;
| label_9:
0x004095ec lui a2, 0x41 | a2 = 0x410000;
| /* str.request.c */
0x004095f0 addiu a0, a0, -0x1a48 | a0 += -0x1a48;
0x004095f4 addiu a1, zero, 0x9e | a1 = 0x9e;
| /* str.fcntl:_unable_to_set_new_socket_to_non_block */
0x004095f8 addiu a2, a2, -0x1a10 | a2 += -0x1a10;
0x004095fc jal 0x407dd8 | sym_log_error_mesg ();
0x00409600 lw a0, (s1) | a0 = *(s1);
0x00409604 b 0x4093e8 | goto label_5;
| label_14:
0x00409608 lw v0, 0x2860(s0) | v0 = *((s0 + 2584));
0x0040960c b 0x409410 | goto label_0;
| }
[*] Function system used 2 times boa
