Threat of Return-Oriented Programming: A Roadmap to Widespread Use
James Restall
8 June 2009
Abstract
This paper analyzes and evaluates the threat proposed by Hovav Shacham’s ‘return-oriented
programming’ by looking at the hindrances faced by users of the attack at each
stage of their implementation. We determine the extent to which the complexity,
alternative attacks, stack protections, architecture, operating system and
libraries affect the likelihood of future widespread use of the attack
technique. We show that the attack is general and extends to Windows, that it
can be automated using our GadgetFinder and GadgetCreater tools and that it is a wider threat than
previously shown due to extensions added to the gadget search. Finally we argue
that alternative techniques are being used over return-oriented programming due
to their relative simplicity.