Kebab Version
Don't like this style? Click here to change it! blue.css
Once compiler makers learned of all the buffer overflow hijacking they added an automated defense, the stack protector, known as the CANARY
The canary works like this:
At the beginning of any function call that uses user input it reads 8 mostly-random bytes, the canary, (generated once per process/run of the executable) and stores them at: RBP-0x8
Then the user and code go about normal life.
Before the final ret instruction it will check the 8-bytes just left of the Base Pointer against the original 8 byte canary. If the canary has been altered it will NOT CALL ret, instead it will call _stack_check_fail which will abort the program.