--- Tiny C Compiler X (scramble) --- C Scripting Everywhere - The Smallest ANSI C compiler ----------------------------------------------------------------------- Features: -------- - SMALL! You can compile and execute C code everywhere, for example on rescue disks. - FAST! tcc generates optimized x86 code. No byte code overhead. Compile, assemble and link about 7 times faster than 'gcc -O0'. - SCRAMBLE! It can generate obfuscated code and LFSR the data segment - UNLIMITED! Any C dynamic library can be used directly. TCC is heading torward full ISOC99 compliance. TCC can of course compile itself. - Compile and execute C source directly. No linking or assembly necessary. Full C preprocessor included. - C script supported : just add '#!/usr/bin/tcc -run' at the first line of your C source, and execute it directly from the command line. Documentation: ------------- 1) Installation on a i386/x86_64/arm Linux/OSX/FreeBSD host You need dietlibc to compile the i386 version of the compiler and to compile static C programs. You may grab it from http://www.fefe.de/dietlibc ./configure make make test make install Notes: For OSX and FreeBSD, gmake should be used instead of make. For Windows read tcc-win32.txt. makeinfo must be installed to compile the doc. By default, tcc is installed in /usr/bin. ./configure --help shows configuration options. 2) Introduction We assume here that you know ANSI C. Look at the example ex1.c to know what the programs look like. The include file can be used if you want a small basic libc include support (especially useful for floppy disks). Of course, you can also use standard headers, although they are slower to compile. You can begin your C script with '#!/usr/bin/tcc -run' on the first line and set its execute bits (chmod a+x your_script). Then, you can launch the C code as a shell or perl script :-) The command line arguments are put in 'argc' and 'argv' of the main functions, as in ANSI C. 3) Code and Data Scramble With the '-x' switch the compiler heavily pollutes the generated code making it larger and slower. The purpose of this operation is to obfuscate the generated code and make reverse engineering harder. The '-x' switch by itself will enable all the scrambling options. You may select individual scrambling features by adding them after the '-x': * 'c' obfuscate all calls * 'j' obfuscate all long jumps * 'f' obfuscate parameters passed to external (library) functions * 'p' obfuscate parameters passed to local functions * 's' obfuscate the stack (size of local variables and their references) * 'b' obfuscate functions prolog * 'e' obfuscate functions epilog (returns are replaced with jumps) * 'l' xor all strings with a LFSR and un-xor each when accessed * 'd' xor the entire data segment with a LFSR The LFSR initial value as well as the unscrambling code is different with every compile. TCC generates read only objects in the data section (rather than rodata) and the entire section can be encrypted (xor-ed). If strings obfuscation is turned on then each string will have a 16 byte variable header and each string will be xor-ed with a random LFSR seed. This option is particularly useful because it can be turned on per compiled object. The strings will be decrypted only at run time. The code overhead for each reference to a string or to a struct/array of strings is 84 bytes. A string is decrypted in place when it is first referenced, any further references will use the already decrypted string. Code obfuscation is mainly achieved by inserting random data between genuine operations. This tricks disassemblers because they will try to disassemble the random data. They will miss real opcodes due to variable size garbage instructions engulfing the former ones. All addressing is changed to offset addressing using a variable base (usually in '%ebx'). This prevents disassemblers to generate any cross-references for both functions and data. The scrambling functionality is a patch against a stripped down version of tcc 0.9.27 which handles exclusively only i386 code. Both the Linux version and the cross-compiled version which generates Windows code work. The current release passes 'tcctest.c' with all scrambling switches enabled. If you want to compile this compiler for a Windows platform you will probably fail (mainly because I'm using '/dev/urandom'). You can generate Windows code from Linux with the cross-compiler. Generating static executables was broken on my Debian system (with stock tcc 0.9.27) so I've patched this version to use 'dietlibc'. This has the advantage of making small executables which run on any kernel version (the bloated libc checks kernel versions and refuses to run even if you don't need any of the newer functionality). The '-run' switch (used for C scripting) now creates (in memory) static versions of your C. This is faster and the program occupies less space. You you don't want statically linked scripts you'll have to use '-rdynamic' with the '-run' switch. This was my hobby project over the last few days. I don't plan to support this fork, add scrambling for other processors or add any other features from future tcc releases. The scrambling generates only Intel 32bit code for Linux and Windows. Friday, 30 April 2010 (C) Emil 4) Examples ex1.c: simplest example (hello world). Can also be launched directly as a script: './ex1.c'. ex2.c: more complicated example: find a number with the four operations given a list of numbers (benchmark). ex3.c: compute fibonacci numbers (benchmark). ex4.c: more complicated: X11 program. Very complicated test in fact because standard headers are being used ! As for ex1.c, can also be launched directly as a script: './ex4.c'. ex5.c: 'hello world' with standard glibc headers. tcc.c: TCC can of course compile itself. Used to check the code generator. tcctest.c: auto test for TCC which tests many subtle possible bugs. Used when doing 'make test'. 4) Full Documentation Please read tcc-doc.html to have all the features of TCC. Additional information is available for the Windows port in tcc-win32.txt. License: ------- TCC (X) is distributed under the GNU Lesser General Public License Fabrice Bellard & Emil