Date: Mon, 17 Feb 2025 16:03:43 +0530
I had read many times that hackers have taken control of a system by using
a RCE (Remote Code Ececution) attack.
So, they are also doing it from outside the process.
The virtual table pointer is at the bottom of the C++ object structure. So,
the virtual functions addresses can be changed to some other code/function
address.
But anyways, I just highlighted this. Its ok with me if there is no
security issue because of this.
Regards,
Amit
On Mon, Feb 17, 2025, 3:43 PM mauro russo <ing.russomauro_at_[hidden]> wrote:
> please,
>
> read "Private variables in a C++ class can't be accessed directly" in the
> correct perspective.
>
> Hackers operate from outside the process, not from inside the process.
>
>
> Il giorno lun 17 feb 2025 alle ore 11:10 Amit via Std-Discussion <
> std-discussion_at_[hidden]> ha scritto:
>
>> I don't know. I am not a hacker. I am just saying that may be hackers
>> know or may be not.
>>
>> But I can definitely mess up any object. So, data is not quite safe in
>> C++ as it has been advertised.
>>
>> "Private variables in a C++ class can't be accessed directly" is a very
>> popular statement.
>>
>> Regards,
>> Amit
>>
>>
>> On Mon, Feb 17, 2025, 3:29 PM Tiago Freire <tmiguelf_at_[hidden]> wrote:
>>
>>> How?
>>>
>>>
>>>
>>>
>>>
>>> *From:* Std-Discussion <std-discussion-bounces_at_[hidden]> *On
>>> Behalf Of *Amit via Std-Discussion
>>> *Sent:* Monday, February 17, 2025 10:54 AM
>>> *To:* Jan Schultke <janschultke_at_[hidden]>
>>> *Cc:* Amit <amitchoudhary0523_at_[hidden]>;
>>> std-discussion_at_[hidden]
>>> *Subject:* Re: [std-discussion] C++ language has a big security hole.
>>>
>>>
>>>
>>> In all C++ object layouts, I have seen that members follow the previous
>>> one as in a C structure.
>>>
>>>
>>>
>>> My main point is that hackers/bad people can take advantage of this.
>>>
>>>
>>>
>>> Regards,
>>>
>>> Amit
>>>
>>>
>>>
>>>
>>>
>>> On Mon, Feb 17, 2025, 3:17 PM Jan Schultke <janschultke_at_[hidden]>
>>> wrote:
>>>
>>> Your code has undefined behavior because you cannot obtain your j_ptr
>>> by doing i_ptr + 1. A past the end pointer is not a pointer to the
>>> next member.
>>>
>>> However, the example is correct without j_ptr. It is possible to
>>> obtain a pointer to the first member of a standard-layout class such
>>> as MyClass, even if that member is private.
>>>
>>> I wouldn't really call it a security hole. The only way you will do
>>> this in idiomatic C++ code is with reinterpret_cast, and
>>> reinterpret_cast is a giant red flag which says "I'm an expert, I know
>>> what I'm doing, and what I'm doing is potentially dangerous". This
>>> never happens by accident.
>>>
>>> --
>> Std-Discussion mailing list
>> Std-Discussion_at_[hidden]
>> https://lists.isocpp.org/mailman/listinfo.cgi/std-discussion
>>
>
a RCE (Remote Code Ececution) attack.
So, they are also doing it from outside the process.
The virtual table pointer is at the bottom of the C++ object structure. So,
the virtual functions addresses can be changed to some other code/function
address.
But anyways, I just highlighted this. Its ok with me if there is no
security issue because of this.
Regards,
Amit
On Mon, Feb 17, 2025, 3:43 PM mauro russo <ing.russomauro_at_[hidden]> wrote:
> please,
>
> read "Private variables in a C++ class can't be accessed directly" in the
> correct perspective.
>
> Hackers operate from outside the process, not from inside the process.
>
>
> Il giorno lun 17 feb 2025 alle ore 11:10 Amit via Std-Discussion <
> std-discussion_at_[hidden]> ha scritto:
>
>> I don't know. I am not a hacker. I am just saying that may be hackers
>> know or may be not.
>>
>> But I can definitely mess up any object. So, data is not quite safe in
>> C++ as it has been advertised.
>>
>> "Private variables in a C++ class can't be accessed directly" is a very
>> popular statement.
>>
>> Regards,
>> Amit
>>
>>
>> On Mon, Feb 17, 2025, 3:29 PM Tiago Freire <tmiguelf_at_[hidden]> wrote:
>>
>>> How?
>>>
>>>
>>>
>>>
>>>
>>> *From:* Std-Discussion <std-discussion-bounces_at_[hidden]> *On
>>> Behalf Of *Amit via Std-Discussion
>>> *Sent:* Monday, February 17, 2025 10:54 AM
>>> *To:* Jan Schultke <janschultke_at_[hidden]>
>>> *Cc:* Amit <amitchoudhary0523_at_[hidden]>;
>>> std-discussion_at_[hidden]
>>> *Subject:* Re: [std-discussion] C++ language has a big security hole.
>>>
>>>
>>>
>>> In all C++ object layouts, I have seen that members follow the previous
>>> one as in a C structure.
>>>
>>>
>>>
>>> My main point is that hackers/bad people can take advantage of this.
>>>
>>>
>>>
>>> Regards,
>>>
>>> Amit
>>>
>>>
>>>
>>>
>>>
>>> On Mon, Feb 17, 2025, 3:17 PM Jan Schultke <janschultke_at_[hidden]>
>>> wrote:
>>>
>>> Your code has undefined behavior because you cannot obtain your j_ptr
>>> by doing i_ptr + 1. A past the end pointer is not a pointer to the
>>> next member.
>>>
>>> However, the example is correct without j_ptr. It is possible to
>>> obtain a pointer to the first member of a standard-layout class such
>>> as MyClass, even if that member is private.
>>>
>>> I wouldn't really call it a security hole. The only way you will do
>>> this in idiomatic C++ code is with reinterpret_cast, and
>>> reinterpret_cast is a giant red flag which says "I'm an expert, I know
>>> what I'm doing, and what I'm doing is potentially dangerous". This
>>> never happens by accident.
>>>
>>> --
>> Std-Discussion mailing list
>> Std-Discussion_at_[hidden]
>> https://lists.isocpp.org/mailman/listinfo.cgi/std-discussion
>>
>
Received on 2025-02-17 10:33:59