Read the original article: Fighting exploits with Control-Flow Integrity (CFI) in Clang
Many available exploits are based on techniques such as Return Oriented Programming and Shell Code Injection and execution, as well as other ways an attacker can gain control and subvert the expected execution flow from an application’s execution flow. These exploits aren’t novel, nor are techniques to try to prevent them. Compilers deploy a wide range of hardening at compilation-time to mitigate the risk of arbitrary code execution.
Read the original article: Fighting exploits with Control-Flow Integrity (CFI) in Clang