hi Amit,

I am not an expert in security field.

However, IMHO, what you indicate is not a security issue.

Here you are inside the same process. Each process has access to its memory
space.

Private members for classes is a support to the good design (OOP).

Note also that you are using old-style C-cast, that allow you to do dirty
things,
that any static analyzer or rule-checking would complain this practice,
that jeopardize
code quality , maintainability, etc.



Il giorno lun 17 feb 2025 alle ore 10:33 Amit via Std-Discussion <
std-discussion_at_[hidden]> ha scritto:

> C++ language has a big security hole. You can change the values of the
> private member variables directly by getting the pointer to the
> object. So, private member variables are actually not private, they
> are public. Below is the example code:
>
>
> --------------------------------------------------------------------------------
>
> #include <iostream>
>
> using namespace std;
>
> class MyClass
> {
>
> private:
> int i;
> int j;
>
> public:
> MyClass(int a, int b)
> {
> i = a;
> j = b;
> }
>
> void print_data()
> {
> cout << endl;
> cout << "i = " << i << ", j = " << j;
> }
>
> }; // end of class MyClass
>
> int main(void)
> {
>
> MyClass myobj(1, 4);
>
> myobj.print_data();
>
> MyClass *m = &myobj;
>
> int *i_ptr = (int *)(m);
> int *j_ptr = i_ptr + 1;
>
> *i_ptr = 10;
> *j_ptr = 20;
>
> myobj.print_data();
>
> cout << endl << endl;
>
> return 0;
>
> } // end of function main()
>
>
> --------------------------------------------------------------------------------
>
> The output is:
>
> i = 1, j = 4
> i = 10, j = 20
>
> So, you see that the values of the private member variables ('i' and
> 'j') were changed directly by using pointers. So, the 'private'
> keyword actually didn't serve its purpose.
>
> Regards,
> Amit
> --
> Std-Discussion mailing list
> Std-Discussion_at_[hidden]
> https://lists.isocpp.org/mailman/listinfo.cgi/std-discussion
>