4

I have a basic C++ question that unfortunately baffles me. Recently I ran across an article that uses down-casting to access a class's private member using down-casting. My question is why does it work?

Given that I have a parent class P with a private member m_p of type dummy* then the method used was to create a hack class hackP as follows:

class hackP: public P {
public:
dummy *m_p;
};

which apparently gains access to class P private member m_p using a code snippet like

P parent = ...;
hackP *hp = (hackP*)&parent;
// access parent m_p as hp->m_p

Any help would be appreciated.

Shafik Yaghmour
  • 154,301
  • 39
  • 440
  • 740
Paul Tarr
  • 251
  • 3
  • 9
  • Umm, m_p is public? What's the hack? – Michael Dorgan May 28 '13 at 16:46
  • @MichaelDorgan: It's public in `hackP`, but presumably occupying the same offset as something private in `P`. That's the hack. – Fred Larson May 28 '13 at 16:47
  • 4
    You could do it by making hackP not inherit from P as long as the classes between HP and P aligned perfectly using that type-cast (not a good idea). But the inheritance part baffles me as that should change the signature in memory around enough to break that. – Michael Dorgan May 28 '13 at 16:52
  • 1
    Errors in the code aside (as @MichaelDorgan mentioned, there should be no inheritance) this is Undefined Behaviour. As such, and as far as the Standard is concerned, the only reason why it works is *pure luck*. – syam May 28 '13 at 16:53
  • 2
    @PaulTarr: Do you have a link to said article? I think something got lost in the translation. – Fred Larson May 28 '13 at 16:54
  • 3
    GotW #76 seems relevant: http://www.gotw.ca/gotw/076.htm – Shafik Yaghmour May 28 '13 at 16:56
  • @ShafikYaghmour, make that an answer. It fits the bill perfectly here and taught me a thing or two to boot! :) – Michael Dorgan May 28 '13 at 17:00
  • @Fred The original article that sparked this question is at http://pareis.com/2010/03/23/accessing-the-original-webkit-api-in-qtwebkit-hybrid-apps/ and is under the section titled "alternate access". – Paul Tarr May 28 '13 at 19:05

1 Answers1

5

It looks like GotW #76 Uses and Abuses of Access Rights cover this topic pretty well and I have to say I picked up some interesting tid bits that I did not know from it.

This article Access to private members. That's easy! takes a bit more effort to wrap your head around but seems more flexible.

This answer from this thread Is private member hacking defined behaviour? which is very similar but not identical seems to indicate this is undefined behavior since the layout would not guaranteed to be the same between access-qualifier sections. From the draft C++ standard, section 9.2 Class members says (emphasis mine):

Nonstatic data members of a (non-union) class with the same access control (Clause 11) are allocated so that later members have higher addresses within a class object. The order of allocation of non-static data members with different access control is unspecified (11).

Community
  • 1
  • 1
Shafik Yaghmour
  • 154,301
  • 39
  • 440
  • 740
  • The references GotW #76 and private member hacking defined behavior are much appreciated. The latter especially. I'll just have to try the hack out with my compiler and see what happens since I am working with a supplied dll and cannot recompile it. Thanks for the reply. – Paul Tarr May 28 '13 at 19:06