Where do private variables live on the stack in C++

I'm trying to overflow a buffe开发者_JAVA百科r in C++ that is a private variable. Where does it live on the stack? Is this possible?

Something like

class aClass{
private:
  char buffer[SIZE];
public:
}

---

Public and private variables are not treated any differently in terms of layout. A class allocated on the stack has it's internal data members allocated on the stack- that's regardless of being private or public.

class MyClass {
public:
    int PublicInt;
private:
    int PrivateInt;
};

int main() {
    MyClass instance;
}

is equivalent to, in memory terms

int main() {
    int a, b;
};

---

Er... Your question sounds like "What color is blue sky?". And the answer is, apparently, "blue".

When a variable is allocated "on the stack" it lives on the stack. There's no more detailed explanation to it. "On the stack" is the answer to "where?" question. Stack memory is uniform. There's no more detailed "where" than plain and simple "on the stack".

The fact that your array is a private member of the class makes no difference whatsoever. The entire array is an integral part of the object. If you define an object of your class type as a local object ("on the stack"), then the entire array will live on the stack, regardless of whether it is private or not.

If that doesn't answer your question, ten you have to re-state it in a more meaningful way.

---

Yes, its possible, the variable is laid out on the stack in contiguous order as the rest of the members of that object; moreover, in C++ the data itself will always be accessible by lower level mechanisms. The private/public paradigm is simply a protection designed to prevent accidental access at compile time, but it in no way means that it is impossible to access that data.

The problem you will face however is that "The order of allocation of nonstatic members separated by an access-specifier is unspecified." according to section 9.2 clause 12 of the standard. See this post for more info.

That being said, if you wrote the code you are talking about (and therefore you have the capability to modify it), I would strongly suggest changing your design so you don't have to do this. There is a keyword in C++ called "friend" or "friend class" you may want to look-up.

Or... you could cheat, as this poster suggests.

---

Here is a simple program that may corrupt the stack; it actually produces undefined behavior or behavior that is platform dependent:

void function_destroyer(int a, double b, char c)
{
  unsigned char array[1];
  for (int i = 0; i < 32; ++i)
  {
    array[1 - i] = 0x24; // A value chosen at random
  }
  return;
}

int main(void)
{
  function_destroyer(1, 1.5. 'f');
  return EXIT_FAILURE;
}

The stack may be corrupted by accessing elements before the first element in the array. This depends on the compiler generating a stack and passing variables on the stack.

---

Try the following:

#include <string.h>

void foo (char *bar)
{
   char  c[12];

   strcpy(c, bar);  // no bounds checking...
}

int main (int argc, char **argv)
{
   foo(argv[1]); 
}

---

Writing past the array can be considered as an example of buffer overflow. You can do this how ever, but I don't know what you are trying to achieve by doing so.

 void aClass:: bufferOverflow() // Assuming this a member of aClass
 {
      for( int i=0; i<(SIZE+2), ++i )
          buffer[i] = 'a'; // Writing past the 2 locations.
 }

Where does it live on the stack?

Stack it self is a storage location. What do you mean by where it lives on stack.