Return-oriented programming

Return-oriented programming (ROP) is a typical code-reuse attack, where an attacker directs control flow through existing code with a malicious result. ROP attack represents an advanced version of a stack-smashing attack. A stack buffer overflow occurs when a program writes to a memory address on the program's call stack outside of the intended data structure, usually with a fixed-length buffer.

ROP is an exploit technique that enables code execution on the target system. By obtaining control of the call stack, the attacker controls the flow of existing trusted software running on the computer and manipulates it to perform a task other than what was intended.