Control flow: Difference between revisions

One way to attack a piece of software is to redirect the flow of execution of a program. A variety of [[control-flow integrity]] techniques, including [[Stack canary|stack canaries]], [[buffer overflow protection]], shadow stacks, and [[Virtual method table|vtable]] pointer verification, are used to defend against these attacks.<ref>{{cite web|url=https://nebelwelt.net/blog/20141007-CFICPSCPIdiffs.html|title=On differences between the CFI, CPS, and CPI properties|last1=Payer|first1=Mathias|author-link1=Mathias Payer |last2=Kuznetsov|first2=Volodymyr|website=nebelwelt.net|access-date=2016-06-01}}</ref><ref>{{cite web|url=http://www.darkreading.com/vulnerabilities---threats/adobe-flash-bug-discovery-leads-to-new-attack-mitigation-method/d/d-id/1323092|title=Adobe Flash Bug Discovery Leads To New Attack Mitigation Method|website=Dark Reading|date=10 November 2015|access-date=2016-06-01}}</ref><ref>{{cite webpress release|url=http://www.prnewswire.com/news-releases/endgame-to-present-at-black-hat-usa-2016-300267060.html|title=Endgame to Present at Black Hat USA 2016|last=Endgame|website=www.prnewswire.com|access-date=2016-06-01}}</ref>