If you spend much time browsing news.ycombinator.com or just about any place where C programming is discussed, chances are you've heard about the International Obfuscated C Code Contest, or simply the "obfuscated C contest," where contestants submit short programs written in the C programming language. The allure of the contest lies in the requirement for programs to be obfuscated: written so that their source code gives little indication of the program's purpose. In addition, entries are limited to 4,096 bytes of C source code, meaning that the contest isn't simply about overcomplicated "enterprise" code.
In other words, IOCCC winners not only need to consist of incomprehensible C, but also tend to do something interesting with a very small amount of source code. These goals fit together nicely, as attempting to pack a complex program into a small file is also inherently conducive to producing unreadable C.
In brief, I submitted a program that modifies a MIDI file in order to add a "boots-and-cats" drum beat. The program reads a standard midi file (SMF) from stdin and writes a new MIDI, including the drum track, to stdout. More-complete usage instructions are available on its IOCCC page, so to save time that's all I'll write about usage here.
If you're curious about the un-obfuscated program that I originally wrote, this was the final working version. I tried to keep the functions names and comments understandable, but it will make a lot more sense to readers familiar with the MIDI "SMF" file format:
As for the obfuscated version:
It even compiles with -pedantic -Wall -Werror -Wextra -O3!
My primary obfuscation goal was to include no C literals (strings, numbers,
or characters) in the final program. Other than that, the obfuscation was
fairly simple.
typedef the common types.printf diagnostic strings with exit codes.
malloc and fwrite
functions with macros.main function. Since stdin
was guaranteed to be non-NULL in order for the program to work, I
can use it to get my first number: k = !!stdin;. In other
words, k = 1.
1, start building more values using
shifts, adds, bitwise ORs, etc. It quickly got difficult to keep track
of these, even when writing the program.
As proud as I am to have been included in this year's winners, nothing makes my
own skills feel more inadequate than beholding the brilliant
entry by Nicholas Carlini.
If you've been involved with low-level computer security, you're likely already
aware that C's standard printf function (well, to be specific, C's
format string) is packed with far more features than ought to be included in a
sane programming language. However, knowing that printf is
Turing-complete is one thing; creating a printf-oriented program
is quite another. The simple main function in Carlini's entry is
a beautiful punchline after its massive chunk of format-string madness. The
IOCCC never fails to be an inspiration.
Another entry I found awesome was Yusuke Endoh's minesweeper. Despite being the most prolific IOCCC winner and the world's foremost quine master, Endoh has far from exhausted his creativity. In fairness, my favorite part of this program is not the obfuscation (though there's nothing wrong with that), but the brilliant gimmick of automating away the satisfying part of Minesweeper, leaving only the frustrating luck-based decisions.
Finally, kudos to Tsoj's entry
for exposing me to a new class of hideous C formatting. I wonder if there's a
way to configure clang-format to indent code from the right...