Intended Security Hole?
Manfred Nowak
svv1999 at hotmail.com
Wed Oct 24 14:07:28 PDT 2012
Chris Cain wrote:
> So, no, the implementation wouldn't be changed during runtime
> since it must be provided when linking.
Thats an expressed intent only. Reason: the linker does not know any
thing about the language; the linker would be satisfied if there
exists any function the linker can link to ... but the linker would
not prohibit any replacement of that function during runtime.
Conclusion: until a proof of the imposibility, there might exist
cases in which such replacement is possible.
Example for a _visible_ hijack:
-----------------------------------------------------
private import std.stdio;
abstract class Base {
void foo(float f);
}
class Derived1 : Base {
void foo(float f) { writefln("f =1= %f", f); }
}
class Derived2 : Base {
void foo(float f) { writefln("f =2= %f", f); }
}
void main() {
Base b;
float f = 2.5;
auto d1 = new Derived1;
b= d1;
b.foo( f); // f =1= 2.500000
auto d2= new Derived2;
b= d2;
b.foo( f); // f =2= 2.500000
}
-----------------------------------------
Can be proved that it is impossible to make the assignment `b= d2;'
invisible?
-manfred
More information about the Digitalmars-d-learn
mailing list