The vptr points to the third item in the vtable. You can see that from your class dump :
vptr=((& A::_ZTV1A) + 16u)
or by comparing in-memory values with the member function addresses.
So, what you want to modify is the first two items :
my_vtab[0] = &A::bar;
my_vtab[1] = &A::foo;
Additionally, don't construct the new vtable with member function pointers, but rather with normal function pointers (or even void*
). Eg. :
typedef void (*func)();
or :
typedef void* func;
The reason for that is that member function pointers already deal with virtual member functions, and hence are not appropriate as an entry in a vtable (for more info, refer to the question Why the size of a pointer to a function is different from the size of a pointer to a member function? eg.).