Skip to content

Instantly share code, notes, and snippets.

@mouseos

mouseos/keyevent.c

Created May 3, 2023 15:55
Show Gist options
  • Save mouseos/c66ac3c71d21fe7a2d9d242a9abbf772 to your computer and use it in GitHub Desktop.
Save mouseos/c66ac3c71d21fe7a2d9d242a9abbf772 to your computer and use it in GitHub Desktop.
Download ZIP
clova desk /bin/keyevent hex-lays
Raw
keyevent.c
/* This file was generated by the Hex-Rays decompiler version 8.2.0.221215.
Copyright (c) 2007-2021 Hex-Rays <[email protected]>
Detected compiler: GNU C++
*/
#include <defs.h>
//-------------------------------------------------------------------------
// Function declarations
void sub_1458();
// __int64 __fastcall __libc_init(_QWORD, _QWORD, _QWORD, _QWORD); weak
// int __fastcall __cxa_atexit(void (__fastcall *lpfunc)(void *), void *obj, void *lpdso_handle);
// __int64 __fastcall __register_atfork(_QWORD, _QWORD, _QWORD, _QWORD); weak
// __int64 __fastcall SpecialCharacterFilter(_QWORD, _QWORD, _QWORD); weak
// int open(const char *file, int oflag, ...);
// __int64 __android_log_print(_QWORD, _QWORD, const char *, ...); weak
// __int64 __fastcall __write_chk(_QWORD, _QWORD, _QWORD, _QWORD); weak
// int close(int fd);
// FILE *fopen(const char *filename, const char *modes);
// int fprintf(FILE *stream, const char *format, ...);
// int fclose(FILE *stream);
// void sync(void);
// __int64 __fastcall property_set(_QWORD, _QWORD); weak
// __int64 __fastcall property_get(_QWORD, _QWORD, _QWORD); weak
// int strcmp(const char *s1, const char *s2);
// __int64 __fastcall __errno(_QWORD); weak
// char *strerror(int errnum);
// int execl(const char *path, const char *arg, ...);
// __int64 __snprintf_chk(_QWORD, _QWORD, _QWORD, _QWORD, const char *, ...); weak
// __int64 __fastcall mixer_open(_QWORD); weak
// int usleep(__useconds_t useconds);
// __int64 __fastcall mixer_get_ctl_by_name(_QWORD, _QWORD); weak
// __int64 __fastcall mixer_ctl_set_value(_QWORD, _QWORD, _QWORD); weak
// __int64 __fastcall mixer_close(_QWORD); weak
// void *memset(void *s, int c, size_t n);
// char *strstr(const char *haystack, const char *needle);
// int sigaddset(sigset_t *set, int signo);
// int sigaction(int sig, const struct sigaction *act, struct sigaction *oact);
// int pthread_mutex_lock(pthread_mutex_t *mutex);
// ssize_t send(int fd, const void *buf, size_t n, int flags);
// int pthread_mutex_unlock(pthread_mutex_t *mutex);
// void *malloc(size_t size);
// void free(void *ptr);
// char *getenv(const char *name);
// __int64 strtol(const char *nptr, char **endptr, int base);
// int listen(int fd, int n);
// int accept(int fd, struct sockaddr *addr, socklen_t *addr_len);
// int pthread_mutex_init(pthread_mutex_t *mutex, const pthread_mutexattr_t *mutexattr);
// int ioctl(int fd, unsigned __int64 request, ...);
// void *realloc(void *ptr, size_t size);
// char *strdup(const char *s);
// __int64 __fastcall __read_chk(_QWORD, _QWORD, _QWORD, _QWORD); weak
// char *strncpy(char *dest, const char *src, size_t n);
// size_t strnlen(const char *string, size_t maxlen);
// void *memmove(void *dest, const void *src, size_t n);
// DIR *opendir(const char *name);
// struct dirent *readdir(DIR *dirp);
// int closedir(DIR *dirp);
// void *calloc(size_t nmemb, size_t size);
// int inotify_init(void);
// int inotify_add_watch(int fd, const char *name, uint32_t mask);
// __int64 __fastcall __poll_chk(_QWORD, _QWORD, _QWORD, _QWORD); weak
__int64 __fastcall sub_17C8(__int64 a1, __int64 a2, __int64 a3, __int64 a4, __int64 a5, __int64 a6, __int64 a7, __int64 a8, __int64 a9);
__int64 __fastcall start(__int64 a1, __int64 a2, __int64 a3, __int64 a4, __int64 a5, __int64 a6, __int64 a7, __int64 a8, __int64 a9);
__int64 (*__fastcall sub_1824(__int64 (*result)(void)))(void);
__int64 __fastcall sub_184C(void *a1);
__int64 __fastcall sub_1880(__int64 a1, __int64 a2, __int64 a3);
__int64 __fastcall sub_18B8(char a1);
__int64 sub_19B8();
__int64 __fastcall sub_1B40(unsigned int a1);
char *sub_1CB0();
__int64 sub_1D50();
__int64 __fastcall sub_1DE8(_DWORD *a1, int a2, unsigned int a3);
__int64 __fastcall sub_1ED8(unsigned int a1, int a2);
__int64 sub_1F5C();
void sub_2108();
void sub_228C();
__int64 __fastcall sub_2470(const char *a1);
__int64 __fastcall sub_2710(const char *a1, unsigned int a2);
__int64 __fastcall sub_2914(const char *a1);
__int64 __fastcall sub_2A20(); // weak
//-------------------------------------------------------------------------
// Data declarations
_UNKNOWN unk_2EA3; // weak
_UNKNOWN unk_4B28; // weak
_UNKNOWN unk_4B38; // weak
_UNKNOWN unk_4B48; // weak
_UNKNOWN unk_5000; // weak
char *off_5008 = "keyevent"; // weak
int dword_5010; // weak
int dword_5014; // weak
int dword_5018; // weak
int dword_501C; // weak
char byte_5020; // weak
char byte_5021; // weak
char byte_5022; // weak
char byte_5023; // weak
char byte_5024; // weak
char byte_5025; // weak
char byte_5026; // weak
char byte_5027; // weak
char byte_5028; // weak
char byte_5029; // weak
__int64 qword_5030; // weak
int dword_5038; // weak
__int64 qword_5040; // weak
pthread_mutex_t stru_5048; // weak
//----- (0000000000001458) ----------------------------------------------------
void sub_1458()
{
JUMPOUT(0LL);
}
// 1468: control flows out of bounds to 0
//----- (00000000000017C8) ----------------------------------------------------
__int64 __fastcall sub_17C8(
__int64 a1,
__int64 a2,
__int64 a3,
__int64 a4,
__int64 a5,
__int64 a6,
__int64 a7,
__int64 a8,
__int64 a9)
{
__int64 v9; // x0
__int64 v10; // x1
__int64 v11; // x2
__int64 v12; // x3
__int64 v13; // x4
__int64 v14; // x5
__int64 v15; // x6
__int64 v16; // x7
_QWORD v18[3]; // [xsp+28h] [xbp+28h] BYREF
v18[0] = &unk_4B28;
v18[1] = &unk_4B38;
v18[2] = &unk_4B48;
v9 = __libc_init(a1, 0LL, sub_2A20, v18);
return start(v9, v10, v11, v12, v13, v14, v15, v16, a9);
}
// 1819: variable 'v10' is possibly undefined
// 1819: variable 'v11' is possibly undefined
// 1819: variable 'v12' is possibly undefined
// 1819: variable 'v13' is possibly undefined
// 1819: variable 'v14' is possibly undefined
// 1819: variable 'v15' is possibly undefined
// 1819: variable 'v16' is possibly undefined
// 1478: using guessed type __int64 __fastcall __libc_init(_QWORD, _QWORD, _QWORD, _QWORD);
// 2A20: using guessed type __int64 __fastcall sub_2A20();
//----- (000000000000181C) ----------------------------------------------------
__int64 __fastcall start(
__int64 a1,
__int64 a2,
__int64 a3,
__int64 a4,
__int64 a5,
__int64 a6,
__int64 a7,
__int64 a8,
__int64 a9)
{
return sub_17C8((__int64)&a9, a2, a3, a4, a5, a6, a7, a8, a9);
}
//----- (0000000000001824) ----------------------------------------------------
__int64 (*__fastcall sub_1824(__int64 (*result)(void)))(void)
{
if ( result )
return (__int64 (*)(void))result();
return result;
}
//----- (000000000000184C) ----------------------------------------------------
__int64 __fastcall sub_184C(void *a1)
{
return __cxa_atexit((void (__fastcall *)(void *))sub_1824, a1, &unk_5000);
}
//----- (0000000000001880) ----------------------------------------------------
__int64 __fastcall sub_1880(__int64 a1, __int64 a2, __int64 a3)
{
return __register_atfork(a1, a2, a3, 20480LL);
}
// 1498: using guessed type __int64 __fastcall __register_atfork(_QWORD, _QWORD, _QWORD, _QWORD);
//----- (00000000000018B8) ----------------------------------------------------
__int64 __fastcall sub_18B8(char a1)
{
const char *v2; // x0
unsigned int v3; // w19
const char *v4; // x1
__int64 v6[6]; // [xsp+0h] [xbp-90h] BYREF
char v7[56]; // [xsp+30h] [xbp-60h] BYREF
strcpy(v7, "/sys/devices/soc.0/qpnp-power-on-1/timer_reset");
memset(v6, 0, 47);
v2 = (const char *)SpecialCharacterFilter(v7, v6, 47LL);
v3 = open(v2, 2);
if ( (v3 & 0x80000000) != 0 )
return __android_log_print(6LL, "KeyEvent", "Factory Reset File open Error");
if ( (a1 & 1) != 0 )
{
__android_log_print(4LL, "KeyEvent", "Timer Reset OFF");
v4 = "1";
}
else
{
__android_log_print(4LL, "KeyEvent", "Timer Reset ON");
v4 = "0";
}
__write_chk(v3, v4, 1LL, 2LL);
return close(v3);
}
// 14A8: using guessed type __int64 __fastcall SpecialCharacterFilter(_QWORD, _QWORD, _QWORD);
// 14C8: using guessed type __int64 __android_log_print(_QWORD, _QWORD, const char *, ...);
// 14D8: using guessed type __int64 __fastcall __write_chk(_QWORD, _QWORD, _QWORD, _QWORD);
//----- (00000000000019B8) ----------------------------------------------------
__int64 sub_19B8()
{
FILE *v0; // x0
FILE *v1; // x19
__int64 v2; // x0
unsigned int v3; // w19
char *v4; // x0
unsigned int v6; // w19
char *v7; // x0
char s2[8]; // [xsp+8h] [xbp-48h] BYREF
__int64 v9; // [xsp+10h] [xbp-40h]
__int64 v10; // [xsp+18h] [xbp-38h]
__int64 v11; // [xsp+20h] [xbp-30h]
v0 = fopen("/cache/recovery/command", "w");
v1 = v0;
if ( v0 )
{
fprintf(v0, "%s\n", "--wipe_data");
fclose(v1);
sync();
v10 = 0LL;
v11 = 0LL;
*(_QWORD *)s2 = 0LL;
v9 = 0LL;
v2 = property_set("sys.powerctl", "reboot,recovery");
if ( (_DWORD)v2 || (property_get("sys.powerctl", s2, &unk_2EA3), v2 = strcmp("reboot,recovery", s2), (_DWORD)v2) )
{
v3 = *(_DWORD *)__errno(v2);
v4 = strerror(v3);
__android_log_print(6LL, "KeyEvent", "property_set_verified() failed -- %s %d(%s)\n", "sys.powerctl", v3, v4);
execl("/system/bin/sh", "sh", "-c", "/system/bin/reboot recovery", 0LL);
}
return 0LL;
}
else
{
v6 = *(_DWORD *)__errno(0LL);
v7 = strerror(v6);
__android_log_print(6LL, "KeyEvent", "fopen() failed -- %d(%s)\n", v6, v7);
__android_log_print(6LL, "KeyEvent", "write_recovery_command() failed\n");
return 0xFFFFFFFFLL;
}
}
// 14C8: using guessed type __int64 __android_log_print(_QWORD, _QWORD, const char *, ...);
// 1548: using guessed type __int64 __fastcall property_set(_QWORD, _QWORD);
// 1558: using guessed type __int64 __fastcall property_get(_QWORD, _QWORD, _QWORD);
// 1578: using guessed type __int64 __fastcall __errno(_QWORD);
//----- (0000000000001B40) ----------------------------------------------------
__int64 __fastcall sub_1B40(unsigned int a1)
{
__int64 v1; // x19
int i; // w20
__int64 v3; // x0
__int64 ctl_by_name; // x0
char v6[100]; // [xsp+4h] [xbp-8Ch] BYREF
__snprintf_chk(v6, 100LL, 0LL, 100LL, "PRI_MI2S_RX Audio Mixer MultiMedia%d", a1);
v1 = mixer_open(0LL);
if ( v1 )
goto LABEL_6;
for ( i = 0; i < 10; ++i )
{
__android_log_print(6LL, 0LL, "mixer open error try -- %d", (unsigned int)i);
usleep(0x7A120u);
v3 = mixer_open(0LL);
v1 = v3;
if ( v3 )
break;
}
if ( v3 )
{
LABEL_6:
ctl_by_name = mixer_get_ctl_by_name(v1, v6);
if ( ctl_by_name )
{
if ( (unsigned int)mixer_ctl_set_value(ctl_by_name, 0LL, 0LL) )
{
__android_log_print(6LL, 0LL, "error setting value %d on %s ", "mix_off", v6);
mixer_close(v1);
return 0xFFFFFFFFLL;
}
else
{
mixer_close(v1);
return 0LL;
}
}
else
{
__android_log_print(6LL, 0LL, "%s: could not get %s ctl", "mix_off", v6);
mixer_close(v1);
return 4294967274LL;
}
}
else
{
__android_log_print(6LL, 0LL, "mixer open error");
return 0xFFFFFFFFLL;
}
}
// 14C8: using guessed type __int64 __android_log_print(_QWORD, _QWORD, const char *, ...);
// 15A8: using guessed type __int64 __snprintf_chk(_QWORD, _QWORD, _QWORD, _QWORD, const char *, ...);
// 15B8: using guessed type __int64 __fastcall mixer_open(_QWORD);
// 15D8: using guessed type __int64 __fastcall mixer_get_ctl_by_name(_QWORD, _QWORD);
// 15E8: using guessed type __int64 __fastcall mixer_ctl_set_value(_QWORD, _QWORD, _QWORD);
// 15F8: using guessed type __int64 __fastcall mixer_close(_QWORD);
//----- (0000000000001CB0) ----------------------------------------------------
char *sub_1CB0()
{
char *result; // x0
char s[92]; // [xsp+Ch] [xbp-74h] BYREF
memset(s, 0, sizeof(s));
property_get("sys.powerctl", s, "no value");
if ( strstr(s, "reboot") || (result = strstr(s, "shutdown")) != 0LL )
{
sub_1B40(1u);
return (char *)sub_1B40(2u);
}
return result;
}
// 1558: using guessed type __int64 __fastcall property_get(_QWORD, _QWORD, _QWORD);
//----- (0000000000001D50) ----------------------------------------------------
__int64 sub_1D50()
{
__int64 v1[2]; // [xsp+8h] [xbp-38h] BYREF
__int64 v2[2]; // [xsp+18h] [xbp-28h] BYREF
v2[0] = 0LL;
v2[1] = 0LL;
v1[0] = 0LL;
v1[1] = (__int64)sub_1CB0;
sigaddset((sigset_t *)v2, 15);
sigaction(15, (const struct sigaction *)v1, 0LL);
sigaction(2, (const struct sigaction *)v1, 0LL);
return property_set("ro.infr.shutdownreceiver", "keyevent");
}
// 1548: using guessed type __int64 __fastcall property_set(_QWORD, _QWORD);
//----- (0000000000001DE8) ----------------------------------------------------
__int64 __fastcall sub_1DE8(_DWORD *a1, int a2, unsigned int a3)
{
__int64 result; // x0
const char *v6; // x3
int v7; // w20
__int64 v8; // x0
unsigned int v9; // w20
char *v10; // x0
result = 0xFFFFFFFFLL;
if ( a1 && a2 )
{
if ( *a1 == 101 )
v6 = "CMD_DEMO_MODE";
else
v6 = 0LL;
__android_log_print(4LL, "KeyEvent", "notify to client: cmd:%s\n", v6);
pthread_mutex_lock(&stru_5048);
v7 = send(a3, a1, 4uLL, 0);
v8 = pthread_mutex_unlock(&stru_5048);
if ( (v7 & 0x80000000) != 0 )
{
v9 = *(_DWORD *)__errno(v8);
v10 = strerror(v9);
__android_log_print(6LL, "KeyEvent", "send failed %d -- errno=%d (%s)", a3, v9, v10);
return 0xFFFFFFFFLL;
}
else
{
__android_log_print(4LL, "KeyEvent", "notify to sock[%d] OK", a3);
return 0LL;
}
}
return result;
}
// 14C8: using guessed type __int64 __android_log_print(_QWORD, _QWORD, const char *, ...);
// 1578: using guessed type __int64 __fastcall __errno(_QWORD);
// 5048: using guessed type pthread_mutex_t stru_5048;
//----- (0000000000001ED8) ----------------------------------------------------
__int64 __fastcall sub_1ED8(unsigned int a1, int a2)
{
_DWORD *v4; // x0
void *v5; // x19
v4 = malloc(4uLL);
v5 = v4;
if ( v4 )
{
*v4 = a2;
if ( (sub_1DE8(v4, 4, a1) & 0x80000000) != 0 )
{
return 0xFFFFFFFFLL;
}
else
{
free(v5);
return 0LL;
}
}
else
{
__android_log_print(6LL, "KeyEvent", "notify_keyword_detected: buffer malloc() failed");
return 0xFFFFFFFFLL;
}
}
// 14C8: using guessed type __int64 __android_log_print(_QWORD, _QWORD, const char *, ...);
//----- (0000000000001F5C) ----------------------------------------------------
__int64 sub_1F5C()
{
char *v0; // x0
const char *v1; // x19
int *v2; // x20
int v3; // w0
int v4; // w19
unsigned int v5; // w21
char *v6; // x0
unsigned int v7; // w19
socklen_t addr_len; // [xsp+14h] [xbp-ECh] BYREF
struct sockaddr addr; // [xsp+18h] [xbp-E8h] BYREF
char name[72]; // [xsp+88h] [xbp-78h] BYREF
__android_log_print(3LL, "KeyEvent", "broadcast_init()");
__snprintf_chk(name, 64LL, 0LL, 64LL, "ANDROID_SOCKET_%s", off_5008);
v0 = getenv(name);
v1 = v0;
if ( !v0 || (v2 = (int *)__errno(v0), *v2 = 0, v3 = strtol(v1, 0LL, 10), v4 = v3, *v2) || (v3 & 0x80000000) != 0 )
{
__android_log_print(6LL, "KeyEvent", "android_get_control_socket() failed");
return (unsigned int)-1;
}
if ( !listen(v3, 128) )
{
addr_len = 110;
v7 = accept(v4, &addr, &addr_len);
if ( (v7 & 0x80000000) != 0 )
{
__android_log_print(6LL, "KeyEvent", "accept() failed");
}
else
{
if ( (pthread_mutex_init(&stru_5048, 0LL) & 0x80000000) == 0 )
{
__android_log_print(3LL, "KeyEvent", "broadcast_init() OK");
return v7;
}
__android_log_print(6LL, "KeyEvent", "pthread_mutex_init() failed");
}
return (unsigned int)-1;
}
v5 = *v2;
v6 = strerror(*v2);
__android_log_print(6LL, "KeyEvent", "listen() failed - errno:%d, %s", v5, v6);
close(v4);
return (unsigned int)-1;
}
// 14C8: using guessed type __int64 __android_log_print(_QWORD, _QWORD, const char *, ...);
// 1578: using guessed type __int64 __fastcall __errno(_QWORD);
// 15A8: using guessed type __int64 __snprintf_chk(_QWORD, _QWORD, _QWORD, _QWORD, const char *, ...);
// 5008: using guessed type char *off_5008;
// 5048: using guessed type pthread_mutex_t stru_5048;
//----- (0000000000002108) ----------------------------------------------------
void sub_2108()
{
if ( byte_5020 != 1 || byte_5021 != 1 || (byte_5022 & 1) != 0 || (byte_5023 & 1) != 0 || (byte_5024 & 1) != 0 )
{
if ( byte_5025 != 1 )
goto LABEL_16;
if ( !byte_5020 )
goto LABEL_15;
}
else if ( (byte_5025 & 1) == 0 )
{
byte_5025 = 1;
}
if ( byte_5021 != 1 || (byte_5022 & 1) != 0 || (byte_5023 & 1) != 0 || byte_5024 == 1 )
LABEL_15:
byte_5025 = 0;
LABEL_16:
if ( byte_5023 == 1 )
{
if ( (byte_5026 & 1) == 0 )
byte_5026 = 1;
}
else if ( byte_5026 )
{
byte_5026 = 0;
byte_5027 = 0;
dword_5018 = 0;
dword_501C = 0;
}
if ( byte_5021 == 1 && byte_5022 == 1 )
{
if ( (byte_5028 & 1) == 0 )
byte_5028 = 1;
}
else if ( byte_5028 != 1 )
{
return;
}
if ( (((unsigned __int8)byte_5020 | (unsigned __int8)byte_5021 ^ 1) & 1) != 0
|| byte_5023 & 1 | ((byte_5022 & 1) == 0)
|| byte_5024 == 1 )
{
byte_5028 = 0;
}
}
// 5018: using guessed type int dword_5018;
// 501C: using guessed type int dword_501C;
// 5020: using guessed type char byte_5020;
// 5021: using guessed type char byte_5021;
// 5022: using guessed type char byte_5022;
// 5023: using guessed type char byte_5023;
// 5024: using guessed type char byte_5024;
// 5025: using guessed type char byte_5025;
// 5026: using guessed type char byte_5026;
// 5027: using guessed type char byte_5027;
// 5028: using guessed type char byte_5028;
//----- (000000000000228C) ----------------------------------------------------
void sub_228C()
{
int v0; // w9
int v1; // w14
int v2; // w11
int v3; // w11
int v4; // w9
const char *v5; // x1
char v6[2]; // [xsp+Ch] [xbp-24h] BYREF
char s1[10]; // [xsp+Eh] [xbp-22h] BYREF
if ( byte_5024 == 1 && (byte_5027 & 1) == 0 )
{
byte_5027 = 1;
v0 = dword_5018 + 1;
v1 = 1 << (4 * dword_5018++);
dword_501C |= v1;
}
else
{
if ( byte_5022 == 1 && (byte_5027 & 1) == 0 )
{
v2 = 2;
}
else
{
if ( byte_5021 != 1 || (byte_5027 & 1) != 0 )
{
v0 = dword_5018;
byte_5027 = 0;
goto LABEL_12;
}
v2 = 3;
}
byte_5027 = 1;
v0 = dword_5018 + 1;
v3 = v2 << (4 * dword_5018++);
dword_501C |= v3;
}
LABEL_12:
if ( v0 == 8 )
{
property_get("ro.product.name", s1, &unk_2EA3);
if ( !strcmp(s1, "if_s700n") )
v4 = 321986851;
else
v4 = 0;
if ( dword_501C == v4 )
{
property_get("sys.infr.usb", v6, "0");
byte_5029 = v6[0];
if ( v6[0] == 49 )
v5 = "0";
else
v5 = "1";
property_set("sys.infr.usb", v5);
}
dword_501C = 0;
dword_5018 = 0;
}
}
// 1548: using guessed type __int64 __fastcall property_set(_QWORD, _QWORD);
// 1558: using guessed type __int64 __fastcall property_get(_QWORD, _QWORD, _QWORD);
// 5018: using guessed type int dword_5018;
// 501C: using guessed type int dword_501C;
// 5021: using guessed type char byte_5021;
// 5022: using guessed type char byte_5022;
// 5024: using guessed type char byte_5024;
// 5027: using guessed type char byte_5027;
// 5029: using guessed type char byte_5029;
// 228C: using guessed type char var_24[2];
//----- (0000000000002470) ----------------------------------------------------
__int64 __fastcall sub_2470(const char *a1)
{
const char *v2; // x0
__int64 v3; // x0
int v4; // w20
__int64 v5; // x0
int *v6; // x0
char *v7; // x4
int *v8; // x0
char *v9; // x4
__int64 v10; // x0
int *v11; // x0
char *v12; // x4
__int64 result; // x0
__int64 v14; // x0
int *v15; // x0
char *v16; // x0
void *v17; // x0
void *v18; // x0
__int64 v19; // x8
char *v20; // x0
int v21; // w9
char *v22; // x8
char v23[8]; // [xsp+8h] [xbp-1148h] BYREF
int v24; // [xsp+10h] [xbp-1140h] BYREF
char v25[4]; // [xsp+14h] [xbp-113Ch] BYREF
char s[4096]; // [xsp+18h] [xbp-1138h] BYREF
_BYTE v27[80]; // [xsp+1018h] [xbp-138h] BYREF
char v28[80]; // [xsp+1068h] [xbp-E8h] BYREF
char v29[88]; // [xsp+10B8h] [xbp-98h] BYREF
v24 = 1;
memset(s, 0, sizeof(s));
v2 = (const char *)SpecialCharacterFilter(a1, s, 4096LL);
v3 = open(v2, 2);
v4 = v3;
if ( (v3 & 0x80000000) != 0 )
{
v8 = (int *)__errno(v3);
v9 = strerror(*v8);
__android_log_print(6LL, "KeyEvent", "could not open %s, %s\n", a1, v9);
return 0xFFFFFFFFLL;
}
v5 = ioctl(v3, 0x80044501uLL, v25);
if ( (_DWORD)v5 )
{
v6 = (int *)__errno(v5);
v7 = strerror(*v6);
__android_log_print(6LL, "KeyEvent", "could not get driver version for %s, %s\n", a1, v7);
return 0xFFFFFFFFLL;
}
v10 = ioctl(v4, 0x80084502uLL, v23);
if ( (_DWORD)v10 )
{
v11 = (int *)__errno(v10);
v12 = strerror(*v11);
__android_log_print(6LL, "KeyEvent", "could not get driver id for %s, %s\n", a1, v12);
return 0xFFFFFFFFLL;
}
v29[79] = 0;
v28[79] = 0;
v27[79] = 0;
if ( ioctl(v4, 0x804F4506uLL, v29) <= 0 )
v29[0] = 0;
if ( ioctl(v4, 0x804F4507uLL, v28) <= 0 )
v28[0] = 0;
if ( ioctl(v4, 0x804F4508uLL, v27) <= 0 )
v27[0] = 0;
v14 = ioctl(v4, 0x400445A0uLL, &v24);
if ( (_DWORD)v14 )
{
v15 = (int *)__errno(v14);
v16 = strerror(*v15);
__android_log_print(6LL, "KeyEvent", "Can't enable monotonic clock reporting: %s\n", v16);
}
v17 = realloc((void *)qword_5030, 8LL * dword_5038 + 8);
if ( v17 && (qword_5030 = (__int64)v17, (v18 = realloc((void *)qword_5040, 8LL * dword_5038 + 8)) != 0LL) )
{
qword_5040 = (__int64)v18;
v19 = qword_5030 + 8LL * dword_5038;
*(_DWORD *)v19 = v4;
*(_WORD *)(v19 + 4) = 1;
v20 = strdup(a1);
v21 = dword_5038;
v22 = v20;
result = 0LL;
*(_QWORD *)(qword_5040 + 8LL * dword_5038) = v22;
dword_5038 = v21 + 1;
}
else
{
__android_log_print(6LL, "KeyEvent", "out of memory\n");
return 0xFFFFFFFFLL;
}
return result;
}
// 14A8: using guessed type __int64 __fastcall SpecialCharacterFilter(_QWORD, _QWORD, _QWORD);
// 14C8: using guessed type __int64 __android_log_print(_QWORD, _QWORD, const char *, ...);
// 1578: using guessed type __int64 __fastcall __errno(_QWORD);
// 5030: using guessed type __int64 qword_5030;
// 5038: using guessed type int dword_5038;
// 5040: using guessed type __int64 qword_5040;
// 2470: using guessed type char var_113C[4];
// 2470: using guessed type char var_1148[8];
// 2470: using guessed type char var_98[88];
// 2470: using guessed type char var_E8[80];
//----- (0000000000002710) ----------------------------------------------------
__int64 __fastcall sub_2710(const char *a1, unsigned int a2)
{
__int64 chk; // x0
int v4; // w19
int *v5; // x0
size_t v7; // x0
int v8; // w25
char *v9; // x20
char *v10; // x28
size_t v11; // x0
__int64 v12; // x22
__int64 v13; // x26
__int64 v14; // x27
char *v15; // x21
int v16; // w22
int v17; // w8
char *v18; // x0
char v19[512]; // [xsp+8h] [xbp-1258h] BYREF
char dest[4096]; // [xsp+208h] [xbp-1058h] BYREF
chk = __read_chk(a2, v19, 512LL, 512LL);
v4 = chk;
if ( (int)chk > 15 )
{
strncpy(dest, a1, 0x1000uLL);
v7 = strnlen(dest, 0x1000uLL);
v8 = 0;
dest[v7] = 47;
v9 = &dest[v7 + 1];
do
{
v10 = &v19[v8];
if ( *((_DWORD *)v10 + 3) )
{
v11 = strnlen(dest, 0x1000uLL);
strncpy(v9, v10 + 16, 4096 - v11);
if ( (v10[5] & 1) != 0 )
{
sub_2470(dest);
}
else
{
v12 = dword_5038;
if ( dword_5038 >= 2 )
{
v13 = qword_5040;
v14 = 1LL;
while ( 1 )
{
v15 = *(char **)(v13 + 8 * v14);
if ( !strcmp(v15, dest) )
break;
if ( v12 <= ++v14 )
goto LABEL_14;
}
v16 = v12 + ~(_DWORD)v14;
free(v15);
memmove((void *)(qword_5040 + 8 * v14), (const void *)(qword_5040 + 8 * v14 + 8), 8LL * v16);
memmove((void *)(qword_5030 + 8 * v14), (const void *)(qword_5030 + 8 * v14 + 8), 8LL * v16);
--dword_5038;
}
}
}
LABEL_14:
v17 = *((_DWORD *)v10 + 3) + 16;
v4 -= v17;
v8 += v17;
}
while ( v4 > 15 );
return 0LL;
}
else
{
v5 = (int *)__errno(chk);
if ( *v5 == 4 )
{
return 0LL;
}
else
{
v18 = strerror(*v5);
__android_log_print(6LL, "KeyEvent", "could not get event, %s\n", v18);
return 1LL;
}
}
}
// 14C8: using guessed type __int64 __android_log_print(_QWORD, _QWORD, const char *, ...);
// 1578: using guessed type __int64 __fastcall __errno(_QWORD);
// 1718: using guessed type __int64 __fastcall __read_chk(_QWORD, _QWORD, _QWORD, _QWORD);
// 5030: using guessed type __int64 qword_5030;
// 5038: using guessed type int dword_5038;
// 5040: using guessed type __int64 qword_5040;
// 2710: using guessed type char dest[4096];
//----- (0000000000002914) ----------------------------------------------------
__int64 __fastcall sub_2914(const char *a1)
{
DIR *v2; // x19
size_t v3; // x0
char *v4; // x20
struct dirent *i; // x0
const char *d_name; // x21
size_t v7; // x0
char dest[4096]; // [xsp+8h] [xbp-1038h] BYREF
v2 = opendir(a1);
if ( !v2 )
return 0xFFFFFFFFLL;
strncpy(dest, a1, 0x1000uLL);
v3 = strnlen(dest, 0x1000uLL);
dest[v3] = 47;
v4 = &dest[v3 + 1];
for ( i = readdir(v2); i; i = readdir(v2) )
{
d_name = i->d_name;
if ( i->d_name[0] != 46 || i->d_name[1] && (i->d_name[1] != 46 || i->d_name[2]) )
{
v7 = strnlen(dest, 0x1000uLL);
strncpy(v4, d_name, 4096 - v7);
sub_2470(dest);
}
}
closedir(v2);
return 0LL;
}
// 2914: using guessed type char dest[4096];
//----- (0000000000002A20) ----------------------------------------------------
__int64 sub_2A20()
{
int v0; // w0
__int64 v1; // x8
__int64 v2; // x0
__int64 v3; // x2
int v4; // w8
__int64 v5; // x28
__int64 v6; // x21
int *v7; // x0
char *v8; // x0
__int64 v10; // [xsp+0h] [xbp-70h] BYREF
unsigned __int16 v11; // [xsp+12h] [xbp-5Eh]
int v12; // [xsp+14h] [xbp-5Ch]
sub_1D50();
dword_5010 = sub_1F5C();
byte_5027 = 0;
dword_5018 = 0;
byte_5020 = 0;
byte_5021 = 0;
byte_5022 = 0;
byte_5023 = 0;
byte_5024 = 0;
byte_5025 = 0;
byte_5028 = 0;
byte_5026 = 0;
dword_5014 = 0;
dword_5038 = 1;
qword_5030 = (__int64)calloc(1uLL, 8uLL);
v0 = inotify_init();
v1 = qword_5030;
*(_DWORD *)qword_5030 = v0;
*(_WORD *)(v1 + 4) = 1;
v2 = inotify_add_watch(v0, "/dev/input", 0x300u);
if ( (v2 & 0x80000000) != 0 )
{
v7 = (int *)__errno(v2);
v8 = strerror(*v7);
__android_log_print(6LL, "KeyEvent", "could not add watch for %s, %s\n", "/dev/input", v8);
return 1LL;
}
if ( (sub_2914("/dev/input") & 0x80000000) != 0 )
{
__android_log_print(6LL, "KeyEvent", "scan dir failed for %s\n", "/dev/input");
return 1LL;
}
do
{
LABEL_3:
if ( (byte_5025 & 1) != 0 )
{
v3 = 5000LL;
}
else if ( (byte_5028 & 1) != 0 )
{
v3 = 5000LL;
}
else
{
v3 = 0xFFFFFFFFLL;
dword_5014 = 0;
}
if ( !(unsigned int)__poll_chk(qword_5030, (unsigned int)dword_5038, v3, -1LL) )
{
if ( byte_5025 == 1 )
{
__android_log_print(4LL, "KeyEvent", "Factory Event Count :%d\n", (unsigned int)dword_5014);
sub_18B8(1);
usleep(0x64u);
sub_18B8(0);
v4 = dword_5014++;
if ( v4 >= 1 )
{
__android_log_print(4LL, "KeyEvent", "Factory Reset!!!");
sub_19B8();
}
}
if ( byte_5028 == 1 )
{
__android_log_print(4LL, "KeyEvent", "=========================DEMO MODE!!!");
if ( (sub_1ED8(dword_5010, 101) & 0x80000000) != 0 )
{
dword_5010 = sub_1F5C();
sub_1ED8(dword_5010, 101);
}
}
}
if ( (*(_BYTE *)(qword_5030 + 6) & 1) != 0 )
sub_2710("/dev/input", *(_DWORD *)qword_5030);
v5 = 0LL;
v6 = 1LL;
}
while ( dword_5038 < 2 );
while ( (*(_BYTE *)(qword_5030 + v5 + 14) & 1) == 0 )
{
LABEL_33:
++v6;
v5 += 8LL;
if ( v6 >= dword_5038 )
goto LABEL_3;
}
if ( (int)__read_chk(*(unsigned int *)(qword_5030 + v5 + 8), &v10, 24LL, 24LL) > 23 )
{
if ( v11 <= 0x72u )
{
if ( v11 == 91 )
{
byte_5021 = v12 != 0;
}
else if ( v11 == 114 )
{
byte_5024 = v12 != 0;
}
}
else
{
switch ( v11 )
{
case 0x73u:
byte_5023 = v12 != 0;
break;
case 0xA4u:
byte_5022 = v12 != 0;
break;
case 0x74u:
byte_5020 = v12 != 0;
break;
}
}
sub_2108();
if ( byte_5026 == 1 )
sub_228C();
goto LABEL_33;
}
__android_log_print(6LL, "KeyEvent", "could not get event\n");
return 1LL;
}
// 14C8: using guessed type __int64 __android_log_print(_QWORD, _QWORD, const char *, ...);
// 1578: using guessed type __int64 __fastcall __errno(_QWORD);
// 1718: using guessed type __int64 __fastcall __read_chk(_QWORD, _QWORD, _QWORD, _QWORD);
// 17B8: using guessed type __int64 __fastcall __poll_chk(_QWORD, _QWORD, _QWORD, _QWORD);
// 2A20: using guessed type __int64 __fastcall sub_2A20();
// 5010: using guessed type int dword_5010;
// 5014: using guessed type int dword_5014;
// 5018: using guessed type int dword_5018;
// 5020: using guessed type char byte_5020;
// 5021: using guessed type char byte_5021;
// 5022: using guessed type char byte_5022;
// 5023: using guessed type char byte_5023;
// 5024: using guessed type char byte_5024;
// 5025: using guessed type char byte_5025;
// 5026: using guessed type char byte_5026;
// 5027: using guessed type char byte_5027;
// 5028: using guessed type char byte_5028;
// 5030: using guessed type __int64 qword_5030;
// 5038: using guessed type int dword_5038;
// nfuncs=142 queued=20 decompiled=20 lumina nreq=0 worse=0 better=0
// ALL OK, 20 function(s) have been successfully decompiled
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment