Replying to @vm_call
a single ret won't work (reliably) for spoofing because the caller allocated stack space could be trashed, and that's where your proposed solution would place the return address anyways, to filter out everything reliably they'd need some sort of symbolic execution.
6:13 AM - 27 Jan 2020
0 replies
0 retweets
2 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.