- Forum
- General C++ Programming
- To access private methods via public int
To access private methods via public interface
Hello! I'd like to share with you what I found out. Please tell me if it's a normal and well-known behaviour, or something unexpected (as I think).
If you define an interface as a base class with a public pure-virtual method, you can actually access a private method of a derived class which implements that pure-virtual method.
I said it unexpected, because if I define something private, I expect nobody can access it from outside. Of course it seems trivial, because thinking about the interface, you would probably declare also the method in the derived class as public, not private. Anyway, you are executing a private method from the outside...
Here comes the code. Just copy and paste it in a "main.cpp" file, it's ready to be compiled and executed:
Simply compiled and executed with these commands:
GCC doesn't even warn, and I've not tried with Win compiler.
Thanks for reading and contributing!
If you define an interface as a base class with a public pure-virtual method, you can actually access a private method of a derived class which implements that pure-virtual method.
I said it unexpected, because if I define something private, I expect nobody can access it from outside. Of course it seems trivial, because thinking about the interface, you would probably declare also the method in the derived class as public, not private. Anyway, you are executing a private method from the outside...
Here comes the code. Just copy and paste it in a "main.cpp" file, it's ready to be compiled and executed:
|
|
Simply compiled and executed with these commands:
|
|
GCC doesn't even warn, and I've not tried with Win compiler.
Thanks for reading and contributing!
Yes that right because ptr is Interface and in that class it is public. If ptr was a pointer to derived it would be hidden.
Welcome to polymorphism
Welcome to polymorphism
Yep, but it's a pointer of type Interface that actually points to a Derived object. Thus, the code is executing a private method from outside the class.
I would expect at least a warning from the compiler.
Think at this scenario... You defined the interface with the public pure-virtual method, and then the derived class "Derived1" which implement that method as public. Few derived classes after, ad example in "Derived4" you forgot about the interface and defined a private method with the same name, which reads the private member "value" (I know this is stupid for a Get method, but it could be anything else. It's just to keep the example consistent with the posted code).
Then you deliver the library to the user and teach him to use the interface to access the method in "Derived1". A lucky user could, by chance, find out that with something like
he can get access to that private member "value" that you thought to be private.
I confirm that it seems to me a possible-yet-lucky way to access a private member you are meant not to access...
I would expect at least a warning from the compiler.
Think at this scenario... You defined the interface with the public pure-virtual method, and then the derived class "Derived1" which implement that method as public. Few derived classes after, ad example in "Derived4" you forgot about the interface and defined a private method with the same name, which reads the private member "value" (I know this is stupid for a Get method, but it could be anything else. It's just to keep the example consistent with the posted code).
Then you deliver the library to the user and teach him to use the interface to access the method in "Derived1". A lucky user could, by chance, find out that with something like
|
|
he can get access to that private member "value" that you thought to be private.
I confirm that it seems to me a possible-yet-lucky way to access a private member you are meant not to access...
Topic archived. No new replies allowed.