-5

I have read about c++ pointers and their pitfalls, one of which is that one can access private data members of other class objects using pointer hacks as mentioned here and here. Surely pointers in c++ gives a lot of flexibility to the language but what's the use of it if it can hamper the core OOP features of the language like data hiding ? Is this really a trade-off between security & flexibility ?

dedman
  • 868
  • 6
  • 16
  • 1
    Flexibility (more often efficiency, especially in the systems programming domain), but also compatibility with C. Removing unchecked pointers would have created a _very_ different language. Even today's best efforts such as Rust still leave escape hatches such as _unsafe_ that allow efficiency where the standard language is too restrictive. – user4815162342 Jun 17 '18 at 19:22
  • 2
    Member access level is not meant to provide security. – user7860670 Jun 17 '18 at 19:23
  • 6
    "access private data members" There are many many way more dangerous things you can do. The reason is the same as why people are allowed to drive motor vehicles or operate heavy machinery despite of the ever present danger. Pointers are the heavy machinery of C++. If you can avoid them, by all means do. If you need them, use caution and training. – n. m. could be an AI Jun 17 '18 at 19:32
  • 1
    Pointers don’t “hamper ... data hiding”. Abuse of pointers might. Access control protects against errors, not malice. – Pete Becker Jun 17 '18 at 20:26

3 Answers3

6

C++ is first and foremost a low level language that extends traditional C with fancier language constructs. With few exceptions, nothing was removed.

C++ is not just an OO language. It is functional, declarative, procedural, structural amd object oriented. It can even be used as a portable assembler, like C often is.

Pointers are a thin abstraction on top of how CPUs access memory. Having access to raw pointers in-language enables a huge amount of efficient code. Every systems programming language permits access to raw pointers; sometimes guarded by "unsafe" blocks; and C++ is also a systems programming language.

If you are coming at C++ from a single perspective, and wondering why it seems strangely shaped for your goals, try looking at it from another direction.

Yakk - Adam Nevraumont
  • 262,606
  • 27
  • 330
  • 524
4

C++ was originally built on the C language. It added features without removing any. C had pointers and therefore C++ has pointers. Compatibility with the C interface remains an essential feature of C++. Therefore pointers will never be not-allowed.

Besides compatibility, pointers are very useful. Introducing object oriented programming to a system programming language being the initial reason for C++, it should be noted that indirection is essential for implementing runtime polymorphism. Sure, there is another method of indirection in C++ - references, but references are more limited and cannot be used to implement all algorithms that require the use of pointers.

Pointers are also required to implement node based data structures such as trees or linked lists.

c++ pointers and their pitfalls, one of which is that one can access private data members of other class objects using pointer hacks as mentioned here

That trick isnt so much enabled by the pointer but by the use of reinterpret_cast. It would be much more sensible to question why that language feature is allowed.

and here

Both this and the previous are cases where the language does not allow breaking of encapsulation. The problem isn't the pointer. The problem is that C++ - like C - has undefined behaviour (UB) when certain rules are violated.

You might be wondering, why does a language have UB. The answer is that if the rules were required to be checked at runtime to avoid UB, the program would necessarily be slower than it could be when we assume that the program didn't make a mistake. Since C and C++ are low level system programming languages, performance was chosen at the cost of protecting against bad programmers.

eerorika
  • 232,697
  • 12
  • 197
  • 326
0

There is no trade-off involving security. That's because there is nothing to trade, since C++ does not offer security. The language offers tools (like data hiding) and compilers offer guardrails (most warnings) to help you do the right thing, but if you are determined to do the wrong thing in your program, you have the freedom to do so. Vive la résistance! Watch program crash override and acid burn.

Besides, if you want to access private members, there is a much simpler method that does not involve undefined behavior: edit the header files, and either change "private" to "public" or add your class/function as a friend. (I'm not sure if this affects ABI. You might need to recompile libraries. I did say "simpler" not "quicker".) No pointers involved.

JaMiT
  • 14,422
  • 4
  • 15
  • 31