{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,7,3]],"date-time":"2026-07-03T17:01:47Z","timestamp":1783098107506,"version":"3.54.6"},"publisher-location":"New York, NY, USA","reference-count":29,"publisher":"ACM","license":[{"start":{"date-parts":[[2008,10,27]],"date-time":"2008-10-27T00:00:00Z","timestamp":1225065600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2008,10,27]]},"DOI":"10.1145\/1455770.1455776","type":"proceedings-article","created":{"date-parts":[[2008,11,6]],"date-time":"2008-11-06T13:49:50Z","timestamp":1225979390000},"page":"27-38","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":237,"title":["When good instructions go bad"],"prefix":"10.1145","author":[{"given":"Erik","family":"Buchanan","sequence":"first","affiliation":[{"name":"University of California, San Diego, La Jolla, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Ryan","family":"Roemer","sequence":"additional","affiliation":[{"name":"University of California, San Diego, La Jolla, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Hovav","family":"Shacham","sequence":"additional","affiliation":[{"name":"University of California, San Diego, La Jolla, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Stefan","family":"Savage","sequence":"additional","affiliation":[{"name":"University of California, San Diego, La Jolla, CA, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"320","published-online":{"date-parts":[[2008,10,27]]},"reference":[{"issue":"5","key":"e_1_3_2_1_1_1","volume":"56","author":"Bulba","year":"2000","unstructured":"Bulba and Kil3r. Bypassing StackGuard and StackShield. Phrack Magazine , 56 ( 5 ), May . 2000 . http:\/\/www.phrack.org\/archives\/56\/p56-0x05. Bulba and Kil3r. Bypassing StackGuard and StackShield. Phrack Magazine, 56(5), May. 2000. http:\/\/www.phrack.org\/archives\/56\/p56-0x05.","journal-title":"Bypassing StackGuard and StackShield. Phrack Magazine"},{"key":"e_1_3_2_1_2_1","volume-title":"Protecting Solaris with ProPolice\/SSP","author":"Cartwright J.","year":"2003","unstructured":"J. Cartwright . Protecting Solaris with ProPolice\/SSP . May . 2003 . http:\/\/www.grok.org.uk\/docs\/ssp.html. J. Cartwright. Protecting Solaris with ProPolice\/SSP. May. 2003. http:\/\/www.grok.org.uk\/docs\/ssp.html."},{"key":"e_1_3_2_1_3_1","first-page":"63","volume-title":"Proc. 7th USENIX Security Conference","author":"Cowan C.","year":"1998","unstructured":"C. Cowan , C. Pu , D. Maier , J. Walpole , P. Bakke , S. Beattie , A. Grier , P. Wagle , Q. Zhang , and H. Hinton . StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks . In Proc. 7th USENIX Security Conference , pages 63 -- 78 , San Antonio, Texas , Jan. 1998 . C. Cowan, C. Pu, D. Maier, J. Walpole, P. Bakke, S. Beattie, A. Grier, P. Wagle, Q. Zhang, and H. Hinton. StackGuard: Automatic adaptive detection and prevention of buffer-overflow attacks. In Proc. 7th USENIX Security Conference, pages 63--78, San Antonio, Texas, Jan. 1998."},{"issue":"9","key":"e_1_3_2_1_4_1","volume":"59","author":"Durden T.","year":"2002","unstructured":"T. Durden . Bypassing PaX ASLR protection. Phrack Magazine , 59 ( 9 ), June 2002 . http:\/\/www.phrack.org\/archives\/59\/p59-0x09.txt. T. Durden. Bypassing PaX ASLR protection. Phrack Magazine, 59(9), June 2002. http:\/\/www.phrack.org\/archives\/59\/p59-0x09.txt.","journal-title":"Phrack Magazine"},{"key":"e_1_3_2_1_5_1","unstructured":"H. Etoh. GCC extension for protecting applications from stack-smashing attacks. http:\/\/www.trl.ibm.com\/projects\/security\/ssp\/.  H. Etoh. GCC extension for protecting applications from stack-smashing attacks. http:\/\/www.trl.ibm.com\/projects\/security\/ssp\/."},{"key":"e_1_3_2_1_6_1","first-page":"5","volume-title":"SSYM'01: Proceedings of the 10th conference on USENIX Security Symposium","author":"Frantzen M.","year":"2001","unstructured":"M. Frantzen and M. Shuey . StackGhost: Hardware facilitated stack protection . In SSYM'01: Proceedings of the 10th conference on USENIX Security Symposium , pages 5 -- 5 , Berkeley, CA, USA , 2001 . USENIX Association. M. Frantzen and M. Shuey. StackGhost: Hardware facilitated stack protection. In SSYM'01: Proceedings of the 10th conference on USENIX Security Symposium, pages 5--5, Berkeley, CA, USA, 2001. USENIX Association."},{"key":"e_1_3_2_1_7_1","unstructured":"S. Hudson. JFlex -- the fast scanner generator for Java. http:\/\/www2.cs.tum.edu\/projects\/cup\/.  S. Hudson. JFlex -- the fast scanner generator for Java. http:\/\/www2.cs.tum.edu\/projects\/cup\/."},{"key":"e_1_3_2_1_8_1","volume-title":"Penetration Testing","author":"Ivaldi M.","year":"2007","unstructured":"M. Ivaldi . Re : Older SPARC return-into-libc exploits . Penetration Testing , Aug. 2007 . M. Ivaldi. Re: Older SPARC return-into-libc exploits. Penetration Testing, Aug. 2007."},{"key":"e_1_3_2_1_9_1","unstructured":"G. Klein. CUP LALR parser generator for Java. http:\/\/jflex.de\/.  G. Klein. CUP LALR parser generator for Java. http:\/\/jflex.de\/."},{"key":"e_1_3_2_1_10_1","volume-title":"x86-64 buffer overflow exploits and the borrowed code chunks exploitation technique","author":"Krahmer S.","year":"2005","unstructured":"S. Krahmer . x86-64 buffer overflow exploits and the borrowed code chunks exploitation technique . Sept. 2005 . http:\/\/www.suse.de\/krahmer\/no-nx.pdf. S. Krahmer. x86-64 buffer overflow exploits and the borrowed code chunks exploitation technique. Sept. 2005. http:\/\/www.suse.de\/krahmer\/no-nx.pdf."},{"key":"e_1_3_2_1_11_1","volume-title":"Bugtraq","author":"McDonald J.","year":"1999","unstructured":"J. McDonald . Defeating Solaris\/SPARC non-executable stack protection . Bugtraq , Mar. 1999 . J. McDonald. Defeating Solaris\/SPARC non-executable stack protection. Bugtraq, Mar. 1999."},{"key":"e_1_3_2_1_12_1","unstructured":"Microsoft. \/GS (buffer security check).  Microsoft. \/GS (buffer security check)."},{"key":"e_1_3_2_1_13_1","volume-title":"Windows XP Tablet PC Edition","year":"2005","unstructured":"Microsoft. KB 875352: A detailed description of the Data Execution Prevention (DEP) feature in Windows XP Service Pack 2 , Windows XP Tablet PC Edition 2005 , and Windows Server 2003, Sept. 2006. Online : http:\/\/support.microsoft.com\/KB\/875352. Microsoft. KB 875352: A detailed description of the Data Execution Prevention (DEP) feature in Windows XP Service Pack 2, Windows XP Tablet PC Edition 2005, and Windows Server 2003, Sept. 2006. Online: http:\/\/support.microsoft.com\/KB\/875352."},{"issue":"4","key":"e_1_3_2_1_14_1","volume":"58","author":"The","year":"2001","unstructured":"Nergal. The advanced return-into-lib(c) exploits: PaX case study. Phrack Magazine , 58 ( 4 ), Dec. 2001 . http:\/\/www.phrack.org\/archives\/58\/p58-0x04. Nergal. The advanced return-into-lib(c) exploits: PaX case study. Phrack Magazine, 58(4), Dec. 2001. http:\/\/www.phrack.org\/archives\/58\/p58-0x04.","journal-title":"Phrack Magazine"},{"key":"e_1_3_2_1_15_1","volume-title":"Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software","author":"Newsome J.","year":"2005","unstructured":"J. Newsome and D. X. Song . Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software . In NDSS. The Internet Society , 2005 . J. Newsome and D. X. Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In NDSS. The Internet Society, 2005."},{"key":"e_1_3_2_1_16_1","volume-title":"Solaris\u2122 operating environment security","author":"Noordergraaf A.","year":"2000","unstructured":"A. Noordergraaf and KeithWatson. Solaris\u2122 operating environment security . Jan. 2000 . A. Noordergraaf and KeithWatson. Solaris\u2122 operating environment security. Jan. 2000."},{"key":"e_1_3_2_1_17_1","unstructured":"OpenBSD Foundation. OpenBSD 3.3 release. May 2003. http:\/\/www.openbsd.org\/33.html.  OpenBSD Foundation. OpenBSD 3.3 release. May 2003. http:\/\/www.openbsd.org\/33.html."},{"key":"e_1_3_2_1_18_1","unstructured":"OpenBSD Foundation. OpenBSD 3.4 release. Nov. 2003. http:\/\/www.openbsd.org\/34.html.  OpenBSD Foundation. OpenBSD 3.4 release. Nov. 2003. http:\/\/www.openbsd.org\/34.html."},{"key":"e_1_3_2_1_19_1","unstructured":"OpenBSD Foundation. OpenBSD 3.5 release. May. 2004. http:\/\/www.openbsd.org\/35.html.  OpenBSD Foundation. OpenBSD 3.5 release. May. 2004. http:\/\/www.openbsd.org\/35.html."},{"key":"e_1_3_2_1_20_1","volume-title":"Assembly Language Programming, and C","author":"Paul R. P.","year":"1999","unstructured":"R. P. Paul . SPARC Architecture , Assembly Language Programming, and C . Prentice Hall PTR , Upper Saddle River, NJ, USA, 1999 . R. P. Paul. SPARC Architecture, Assembly Language Programming, and C. Prentice Hall PTR, Upper Saddle River, NJ, USA, 1999."},{"key":"e_1_3_2_1_21_1","unstructured":"PaX Team. Homepage of the PaX Team. http:\/\/pax.grsecurity.net\/.  PaX Team. Homepage of the PaX Team. http:\/\/pax.grsecurity.net\/."},{"key":"e_1_3_2_1_22_1","unstructured":"PaX Team. PaX address space layout randomization. http:\/\/pax.grsecurity.net\/docs\/aslr.txt.  PaX Team. PaX address space layout randomization. http:\/\/pax.grsecurity.net\/docs\/aslr.txt."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315313"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1030083.1030124"},{"key":"e_1_3_2_1_25_1","unstructured":"Solar Designer. Linux kernel patch from the Openwall project. http:\/\/www.openwall.com\/linux.  Solar Designer. Linux kernel patch from the Openwall project. http:\/\/www.openwall.com\/linux."},{"key":"e_1_3_2_1_26_1","volume-title":"Bugtraq","author":"Designer Solar","year":"1997","unstructured":"Solar Designer . Getting around non--executable stack (and fix) . Bugtraq , Aug. 1997 . Solar Designer. Getting around non--executable stack (and fix). Bugtraq, Aug. 1997."},{"key":"e_1_3_2_1_27_1","volume-title":"Inc.","author":"Int'l SPARC","year":"1994","unstructured":"SPARC Int'l , Inc. The SPARC Architecture Manual (Version 9). Prentice-Hall , Inc. , Englewood Cliffs, NJ, USA , 1994 . SPARC Int'l, Inc. The SPARC Architecture Manual (Version 9). Prentice-Hall, Inc., Englewood Cliffs, NJ, USA, 1994."},{"key":"e_1_3_2_1_28_1","unstructured":"SPARC Int'l Inc. System V Application Binary Interface SPARC Processor Supplement. 1996.  SPARC Int'l Inc. System V Application Binary Interface SPARC Processor Supplement. 1996."},{"key":"e_1_3_2_1_29_1","unstructured":"Vendicator. Stack Shield: A \"stack smashing\" technique protection tool for linux. http:\/\/www.angelfire.com\/sk\/stackshield\/.  Vendicator. Stack Shield: A \"stack smashing\" technique protection tool for linux. http:\/\/www.angelfire.com\/sk\/stackshield\/."}],"event":{"name":"CCS08: 15th ACM Conference on Computer and Communications Security 2008","location":"Alexandria Virginia USA","acronym":"CCS08","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control","ACM Association for Computing Machinery"]},"container-title":["Proceedings of the 15th ACM conference on Computer and communications security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1455770.1455776","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1455770.1455776","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T22:54:14Z","timestamp":1750287254000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1455770.1455776"}},"subtitle":["generalizing return-oriented programming to RISC"],"short-title":[],"issued":{"date-parts":[[2008,10,27]]},"references-count":29,"alternative-id":["10.1145\/1455770.1455776","10.1145\/1455770"],"URL":"https:\/\/doi.org\/10.1145\/1455770.1455776","relation":{},"subject":[],"published":{"date-parts":[[2008,10,27]]},"assertion":[{"value":"2008-10-27","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}