US Patent 10360373 Return address encryption

Disclosed in some examples are methods, systems, and machine readable media for encrypting return addresses with a cryptographic key. The call and return operations may be changed to incorporate an XOR operation on the return address with the cryptographic key. Upon calling a function, the return address may be XORed with the key which encrypts the return address. The encrypted return address may then be placed upon the stack. Upon returning from the function, the return address may be retrieved from the stack and XORed with the cryptographic key which then decrypts the return address. The processor may then return control to the address indicated by the unencrypted return address. This method makes modifications of the return address useless as an attack vector because the result of modifying the return address will be unpredictable to the attacker as a result of the XOR operation done on the return address.