OTCC Deobfuscated

The Obfuscated Tiny C Compiler: Deobfuscated and Explained

Building

A 32-bit i686 or greater machine running Linux (and possibly BSD) is required. I tested on qemu-system-i386.

Command: ./build.sh

This will build:

otcc_fix.c => otcc
otcc_commented_fix.c => otcc_commented

Running

./otcc otccex.c 5

./otcc_commented otccex.c 5

Self-compiling

./otcc otcc_fix.c otccex.c 5

./otcc_commented otcc_commented_fix.c otccex.c 5

Fixes

The original OTCC assumes all heap memory and global vars are <0x80000000 but this is not a gaurentee on modern x86-32 distros. In testing, I used Alpine Linux 3.17.3 which does a lot of hardening for security reasons.

To resolve the issue, OTCC was patched to only compile small offsets in (-512, 512) as stack offsets

$ diff otcc.c otcc_fix.c
168c168
< s((e<512)<<7|5,n;
---
> s((e<512&-e<512)<<7|5,n;

Name		Name	Last commit message	Last commit date
Latest commit History 15 Commits
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
build.sh		build.sh
malloc_shim.c		malloc_shim.c
otcc.c		otcc.c
otcc_commented.c		otcc_commented.c
otcc_commented_fix.c		otcc_commented_fix.c
otcc_expanded.c		otcc_expanded.c
otcc_fix.c		otcc_fix.c
otccex.c		otccex.c

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

OTCC Deobfuscated

Building

Running

Self-compiling

Fixes

About

Releases

Packages

Languages

License

xorvoid/otcc_deobfuscated

Folders and files

Latest commit

History

Repository files navigation

OTCC Deobfuscated

Building

Running

Self-compiling

Fixes

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages