[*] Binary protection state of impdbg
No RELRO No Canary found NX disabled No PIE No RPATH No RUNPATH No Symbols
[*] Function system tear down of impdbg
; assembly | /* r2dec pseudo code output */
| /* /logs/firmware/unblob_extracted/firmware_extract/6225984-11075644.jffs2_new_extract/bin/impdbg @ 0x400bb0 */
| #include <stdint.h>
|
; (fcn) main () | int32_t main () {
| /* [11] -r-x section size 3952 named .text */
0x00400bb0 addiu sp, sp, -0xb0 |
0x00400bb4 addiu v0, zero, 1 | v0 = 1;
0x00400bb8 sw ra, 0xac(sp) | *(var_ach) = ra;
0x00400bbc sw fp, 0xa8(sp) | *(var_a8h) = fp;
0x00400bc0 sw s7, 0xa4(sp) | *(var_a4h) = s7;
0x00400bc4 sw s6, 0xa0(sp) | *(var_a0h) = s6;
0x00400bc8 sw s5, 0x9c(sp) | *(var_9ch) = s5;
0x00400bcc sw s4, 0x98(sp) | *(var_98h) = s4;
0x00400bd0 sw s3, 0x94(sp) | *(var_94h) = s3;
0x00400bd4 sw s2, 0x90(sp) | *(var_90h) = s2;
0x00400bd8 sw s1, 0x8c(sp) | *(var_8ch) = s1;
0x00400bdc sw s0, 0x88(sp) | *(var_88h) = s0;
| if (a0 == v0) {
0x00400be0 beq a0, v0, 0x400f78 | goto label_5;
| }
0x00400be4 move s0, a0 | s0 = a0;
0x00400be8 move s1, a1 | s1 = a1;
0x00400bec jal 0x401280 | sym_shm_init ();
0x00400bf0 addiu a0, sp, 0x20 | a0 = sp + 0x20;
0x00400bf4 move a1, zero | a1 = 0;
0x00400bf8 addiu a2, zero, 0x4c | a2 = 0x4c;
0x00400bfc jal 0x4020f0 | fcn_004020f0 ();
0x00400c00 lui v0, 0x40 | v0 = 0x400000;
0x00400c04 lw v0, 0x1ce8(v0) | v0 = *((v0 + 1850));
0x00400c08 lui s7, 0x40 | s7 = 0x400000;
0x00400c0c lui s4, 0x40 | s4 = 0x400000;
0x00400c10 sw v0, 0x80(sp) | *(var_80h) = v0;
0x00400c14 lui s3, 0x40 | s3 = 0x400000;
0x00400c18 lui s2, 0x41 | s2 = 0x410000;
0x00400c1c lui fp, 0x40 | fp = 0x400000;
| /* str.main */
0x00400c20 addiu s7, s7, 0x1f78 | s7 += 0x1f78;
| /* esilref: ',
@' */
0x00400c24 addiu s4, s4, 0x1f60 | s4 += 0x1f60;
0x00400c28 addiu v1, sp, 0x7c | v1 = sp + 0x7c;
| do {
0x00400c2c sw v1, 0x10(sp) | *(var_10h) = v1;
0x00400c30 move a0, s0 | a0 = s0;
0x00400c34 move a1, s1 | a1 = s1;
0x00400c38 addiu a2, s3, 0x1cb8 | a2 = s3 + 0x1cb8;
| /* esilref: 'enc_info' */
0x00400c3c addiu a3, s2, 0x2240 | a3 = s2 + 0x2240;
0x00400c40 sw zero, 0x7c(sp) | *(var_7ch) = 0;
0x00400c44 jal 0x402170 | fcn_00402170 ();
0x00400c48 move s5, v0 | s5 = v0;
0x00400c4c addiu v0, zero, -1 | v0 = -1;
0x00400c50 addiu v0, zero, 0x3f | v0 = 0x3f;
| if (s5 == v0) {
0x00400c54 beq s5, v0, 0x400ddc | goto label_6;
| }
0x00400c58 lw v0, 0x7c(sp) | v0 = *(var_7ch);
| if (s5 == v0) {
0x00400c5c beq s5, v0, 0x400ddc | goto label_6;
| }
0x00400c60 sltiu v1, v0, 6 | v1 = (v0 < 6) ? 1 : 0;
0x00400c64 sll v0, v0, 2 | v0 <<= 2;
| if (v1 != 0) {
0x00400c68 bnez v1, 0x400c94 | goto label_7;
| }
| /* str.err:__s__d_ */
0x00400c6c addiu a0, fp, 0x1b60 | a0 = fp + 0x1b60;
0x00400c70 move a1, s7 | a1 = s7;
0x00400c74 addiu a2, zero, 0x80 | a2 = 0x80;
0x00400c78 jal 0x402160 | fcn_00402160 ();
0x00400c7c lui v0, 0x40 | v0 = 0x400000;
| /* str.getopt_long_returned_c__d_n */
0x00400c80 addiu a0, v0, 0x1db0 | a0 = "getopt_long returned c %d\n";
0x00400c84 move a1, s5 | a1 = s5;
0x00400c88 jal 0x402160 | fcn_00402160 ();
0x00400c8c addiu v1, sp, 0x7c | v1 = sp + 0x7c;
0x00400c90 b 0x400c2c |
| } while (1);
| label_7:
0x00400c94 addu v0, s4, v0 | v0 = s4 + v0;
0x00400c98 lw v0, (v0) | v0 = *(v0);
0x00400c9c jr v0 | v0 ();
0x00400ca0 nop |
| label_6:
0x00400ddc lw v0, 0x20(sp) | v0 = *(var_20h);
| if (v0 != 0) {
0x00400de0 bnez v0, 0x400f28 | goto label_8;
| }
0x00400de4 nop |
0x00400de8 lw v0, 0x24(sp) | v0 = *(var_24h);
| if (v0 != 0) {
| label_3:
0x00400dec bnez v0, 0x400f18 | goto label_9;
| }
0x00400df0 nop |
0x00400df4 lw v0, 0x68(sp) | v0 = *(var_68h);
| if (v0 != 0) {
| label_2:
0x00400df8 bnez v0, 0x400f08 | goto label_10;
| }
0x00400dfc nop |
0x00400e00 lw v1, 0x28(sp) | v1 = *(var_28h);
| label_1:
0x00400e04 lw v0, 0x60(sp) | v0 = *(var_60h);
0x00400e08 addu v0, v1, v0 | v0 = v1 + v0;
0x00400e0c addiu v1, zero, 1 | v1 = 1;
0x00400e10 addiu v1, zero, 2 | v1 = 2;
| if (v0 == v1) {
0x00400e14 beq v0, v1, 0x400fc0 | goto label_11;
| }
0x00400e18 lw a1, 0x64(sp) | a1 = *(var_64h);
| if (v0 == v1) {
0x00400e1c beq v0, v1, 0x400fd4 | goto label_12;
| }
| label_4:
0x00400e20 lui s2, 0x41 | s2 = 0x410000;
0x00400e24 jal 0x40152c | sym_shm_deinit ();
0x00400e28 lw v1, 0x22d0(s2) | v1 = *((s2 + 2228));
0x00400e2c slt v1, v1, s0 | v1 = (v1 < s0) ? 1 : 0;
0x00400e30 move v0, zero | v0 = 0;
| if (v1 == 0) {
0x00400e34 bnez v1, 0x400e70 |
| label_0:
0x00400e38 lw ra, 0xac(sp) | ra = *(var_ach);
0x00400e3c lw fp, 0xa8(sp) | fp = *(var_a8h);
0x00400e40 lw s7, 0xa4(sp) | s7 = *(var_a4h);
0x00400e44 lw s6, 0xa0(sp) | s6 = *(var_a0h);
0x00400e48 lw s5, 0x9c(sp) | s5 = *(var_9ch);
0x00400e4c lw s4, 0x98(sp) | s4 = *(var_98h);
0x00400e50 lw s3, 0x94(sp) | s3 = *(var_94h);
0x00400e54 lw s2, 0x90(sp) | s2 = *(var_90h);
0x00400e58 lw s1, 0x8c(sp) | s1 = *(var_8ch);
0x00400e5c lw s0, 0x88(sp) | s0 = *(var_88h);
0x00400e60 addiu sp, sp, 0xb0 |
0x00400e64 jr ra | return v0;
| }
0x00400e70 lui a0, 0x40 | a0 = "non-option ARGV-elements: ";
| /* str.non_option_ARGV_elements:_ */
0x00400e74 addiu a0, a0, 0x1e00 |
0x00400e78 jal 0x402160 | fcn_00402160 ();
0x00400e7c lw v0, 0x22d0(s2) | v0 = *((s2 + 2228));
0x00400e80 slt v1, v0, s0 | v1 = (v0 < s0) ? 1 : 0;
0x00400e84 lui s3, 0x40 | s3 = 0x400000;
| if (v1 == 0) {
0x00400e88 beqz v1, 0x400ebc | goto label_13;
| }
| /* esilref: '&s ' */
0x00400e8c addiu s3, s3, 0x1e1c | s3 += 0x1e1c;
0x00400e90 sll v1, v0, 2 | v1 = v0 << 2;
| do {
0x00400e94 addu v1, s1, v1 | v1 = s1 + v1;
0x00400e98 lw a1, (v1) | a1 = *(v1);
0x00400e9c addiu v0, v0, 1 | v0++;
0x00400ea0 move a0, s3 | a0 = s3;
0x00400ea4 sw v0, 0x22d0(s2) | *((s2 + 2228)) = v0;
0x00400ea8 jal 0x402160 | fcn_00402160 ();
0x00400eac lw v0, 0x22d0(s2) | v0 = *((s2 + 2228));
0x00400eb0 slt v1, v0, s0 | v1 = (v0 < s0) ? 1 : 0;
0x00400eb4 sll v1, v0, 2 | v1 = v0 << 2;
0x00400eb8 bnez v1, 0x400e94 |
| } while (v1 != 0);
| label_13:
0x00400ebc addiu a0, zero, 0xa | a0 = 0xa;
0x00400ec0 jal 0x402050 | fcn_00402050 ();
0x00400ec4 move v0, zero | v0 = 0;
0x00400ec8 b 0x400e38 | goto label_0;
| label_10:
0x00400f08 jal 0x40189c | sym_system_info ()
0x00400f0c nop |
0x00400f10 lw v1, 0x28(sp) | v1 = *(var_28h);
0x00400f14 b 0x400e04 | goto label_1;
| label_9:
0x00400f18 jal 0x401820 | sym_fs_info ();
0x00400f1c nop |
0x00400f20 lw v0, 0x68(sp) | v0 = *(var_68h);
0x00400f24 b 0x400df8 | goto label_2;
| label_8:
0x00400f28 jal 0x4016d4 | sym_enc_info ();
0x00400f2c nop |
0x00400f30 lw v0, 0x24(sp) | v0 = *(var_24h);
0x00400f34 b 0x400dec | goto label_3;
| label_5:
0x00400f78 jal 0x40166c | sym_help ();
0x00400f7c nop |
0x00400f80 move v0, zero | v0 = 0;
0x00400f84 b 0x400e38 | goto label_0;
| label_11:
0x00400fc0 lui a0, 0x40 | a0 = "err: arg not enough for save picture [path] [type]";
| /* str.err:_arg_not_enough_for_save_picture__path___type_ */
0x00400fc4 addiu a0, a0, 0x1dcc |
0x00400fc8 jal 0x402180 | fcn_00402180 ();
0x00400fcc b 0x400e20 | goto label_4;
0x00400fd0 nop |
| label_12:
0x00400fd4 addiu a0, sp, 0x2c | a0 = sp + 0x2c;
0x00400fd8 jal 0x401924 | sym_misc_save_pic ();
0x00400fdc b 0x400e20 | goto label_4;
0x00400fe0 nop |
| }
[*] Function system used 2 times impdbg
