Many programming languages employ a stack to manage data during program execution time. Such languages include languages like C, C++, and Java® (note: the term(s) “Java” and the like may be subject to trademark rights in various jurisdictions throughout the world and are used here only in reference to the products or services properly denominated by the marks to the extent that such trademark rights may exist). A stack is used to store and manage data associated with subroutine calls, which may also be called procedures, functions, or methods, depending on the programming language. In response to such a call, the stack stores information. For example, the stack can store a return address, which is a memory address at which to resume program execution in response to completion of the call. The stack can store data which is extendable or non-extendable in length.
A stack overflow is a computer security attack which occurs when a program writes to a memory address on the program's stack outside of the intended data structure. A stack overflow attack can involve writing data beyond the portion of the stack in which an extendable length data value is stored, thus overwriting adjacent data. Such an attack can function to overwrite the function return address with a pointer to attacker-controlled data or code.