Polymorphism is an integral concept of object oriented programming languages. It allows the same definitions to be used with different types of data, and particularly different classes of objects, which results in more general and abstract implementations. There are two kinds of polymorphism supported with existing object oriented programming languages including static and dynamic polymorphism. Static polymorphism is performed during compile-time and dynamic polymorphism is performed during run-time.
Inheritance allows an object of a derived class (e.g. an object from a child class, where the child class is derived from a parent class) to inherit characteristics of its base class (e.g. the parent or super class). Multiple-inheritance allows a class to be derived from more than one base class, allowing the objects of the class to inherit characteristics from all of its associated base classes. However, multiple-inheritance is conducive to problems.
For example, a problem may arise in a situation where class B is derived from class A, class C is derived from class A, and class D is derived from both class B and class C. Specifically, this type of multiple-inheritance allows the objects of class D to inherit characteristics from class B, class C and class A, such that class D inherits class A twice (i.e. through class B and class C). This multiple-inheritance causes ambiguity in the behavior of objects within class D containing characteristics of class A.
Instances where objects of one class inherit the characteristics of another class in a plurality of instances are known as “diamond inheritance.” object oriented programming languages provide language constructs to resolve this kind of ambiguity, such as virtual base classes in C++. For example, in C++, class A can be made into a virtual base class to avoid multiple instances of class A in class D. When objects of classes with “diamond inheritance” are laid out in memory, virtual base classes, such as those in C++, float at the end of the layout and any reference to their location, whether direct or indirect, is kept at the beginning of the layout.
One problem with “diamond inheritance” and the way in which object oriented programming languages respond to the same is that vulnerabilities exist in the way in which compilers implement support for it. In particular, for each virtual base class, compilers store the offsets that the virtual base class has from the start of each of the child classes that derive from such virtual base class. When a polymorphic behavior is invoked, the compiler uses these offsets to traverse through various virtual base classes to determine the class specific implementation of the desired behavior. This approach creates a problem in that the offset can be changed to point to any other with unwanted behaviors. This enables a hacker, etc. to gain complete control over an associated application.
There is thus a need for overcoming these and/or other problems associated with the prior art.