1. Field
The present disclosure pertains to the field of information processing, and more particularly, to the field of security in information processing systems.
2. Description of Related Art
The security of an information processing system may be compromised by an attack that maliciously takes advantage of a processor's support of control flow transfers. For example, various return address corrupting techniques may be employed by malicious software for carrying out a return-oriented programming (ROP) attack. ROP is a method of hijacking the execution flow of the current process by exploiting a return instruction which, in many processor architectures, retrieves from the top of a procedure stack the address of the next instruction to be executed, usually being the instruction following the corresponding call instruction within the calling routine. By modifying the return address on the stack, an attacker can divert the execution flow of the current process to a deviant memory location.
An attacker may use a variety of techniques to corrupt the stack, which is referred to as stack pivoting. For example, when a legitimate software routine uses the stack as an input buffer, the stack may be corrupted by maliciously supplying more input data than the routine is expecting to receive.