Solved

C++ Accidental Access to Private Object Variable

Posted on 2013-01-11
4
621 Views
Last Modified: 2013-01-11
Given a class with a private variable and a public getter method, if a programmer were to return a reference to the private variable, then users of that method could have direct modifiable access to that private variable (i.e., modify the variable value without using an object method).

I don't like this. (Tough luck on me, I guess. But why would the C++ standard allow this?)

Is there a way to keep private variables truly private so that the above cannot happen?
0
Comment
Question by:phoffric
  • 2
  • 2
4 Comments
 
LVL 40

Accepted Solution

by:
evilrix earned 200 total points
ID: 38769270
>> why would the C++ standard allow this?
Simple answer: because it does - it is up to you as the coder to ensure your code is safe. C++, unlike most other languages, doesn't hold your hand.

>> Is there a way to keep private variables truly private so that the above cannot happen?
Yes, return a const reference/pointer... although there is nothing to prevent the user from casting const away.
0
 
LVL 32

Author Closing Comment

by:phoffric
ID: 38769279
Darn, I am being considered for a lead position at a new company, so I started think about how someone can mess things up and thought about these kinds of problems. I knew about your suggestions, but I guess it will be the code reviews that will have to save us from this type of coding from getting into production. Without the code reviews to catch this, no doubt initial systems testing will pass fine. But someday, someone would start modifying these private object variables using their own "local" variables.

I heard that C can shoot you in the foot; and that C++ tries to improve on that; but when the coding goes too far awry, C++ can blow off your face.
0
 
LVL 40

Expert Comment

by:evilrix
ID: 38769290
C++, like C, is a very low-level programming language. It gives you the tools but doesn't really stop you abusing them. Just like a hammer, when used incorrectly, can cause havoc so can C/C++. If you are the team lead you should ensure you have a coding standard document and ensure all your team adhere to it.  If you don't have one then this is a good place to start.
0
 
LVL 32

Author Comment

by:phoffric
ID: 38769304
Thanks! I have worked with government coding standards; yet I have not seen the protection required to avoid the above potential maintance issue. There were some useful things like:
 if ( x == 0 ) {...} // not allowed
 if ( 0 == x ) {...} // allowed
to prevent accidental use of = instead of ==.
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In days of old, returning something by value from a function in C++ was necessarily avoided because it would, invariably, involve one or even two copies of the object being created and potentially costly calls to a copy-constructor and destructor. A…
Many modern programming languages support the concept of a property -- a class member that combines characteristics of both a data member and a method.  These are sometimes called "smart fields" because you can add logic that is applied automaticall…
The viewer will learn how to pass data into a function in C++. This is one step further in using functions. Instead of only printing text onto the console, the function will be able to perform calculations with argumentents given by the user.
The viewer will be introduced to the member functions push_back and pop_back of the vector class. The video will teach the difference between the two as well as how to use each one along with its functionality.

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question