How can you tell the type of a void pointer?

TLDR: You can’t

There’s a writeup on a newly found vulnerability in Adobe Acrobat Readers:

We all know that void pointers are by definition typeless, may point to any object, and any object may be cast to it. But surely, after we’ve cast an object pointer to a void pointer, it’s still possible somehow to detect its origin type, right? Not quite.

Once an object is cast to a void pointer, it’s absolutely impossible to detect its origin type. So, how do we check the type of a void*? The answer is that we don’t. And when you try, what you get is a vulnerability.

In case you’re not familiar with void pointers in C/C++, you can assign _any_ pointer to a void pointer, regardless of the type.

void *ptr = any_ptr;

This can be helpful if you don’t know what kind of a pointer you will receive in a function, etc. But usually it’s better to avoid them like the plague.

Post a comment or leave a trackback: Trackback URL.

Leave a Reply

Your email address will not be published.