VTBL games

Little game with changing vtbl entry for an instance. Probably more interesting part would be class-wide modification, but it's usually in read only area (text segment). For completeness of demo we'll dispatch calls to regular function, not member function. On Windows this means this is not passed, as it uses a bit different calling convention between member and regular functions (this in ECX).
#include <stdio.h>
#include <stdlib.h>

class A {
public:
  virtual void foo() {
    printf("A::foo(): %p\\n", this);
  }
};

class B : public A {
public:
  virtual void foo() {
    printf("B::foo(): %p\\n", this);
  }
};

A\* get() {
  if (rand() & 1) {
    return new A();
  } else {
    return new B();
  }
}


void bar(void\* thiz) {
  printf("bar: %p\\n", thiz);
}

int main() {
  A\* a = get();
  void\* vt[] = { (void\*)bar };

  a->foo();

  \*(void\*\*)a = &vt;

  a->foo();
  

  return 0;
}
Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

nike

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today