Heap spraying

In computer security, heap spraying is a technique used in exploits to facilitate arbitrary code execution.

Chance alignments of memory and timing introduce a lot of randomness (from the attacker's point of view).

A heap spray can be used to introduce a large amount of order to compensate for this and increase the chances of successful exploitation.

During exploitation of a security issue, the application code can often be made to read an address from an arbitrary location in memory.

It is therefore common to spray with a single byte that translates to both a valid address and a NOP or NOP-like instruction on the target architecture.

[13] Two CORE researchers, Federico Muttis and Anibal Sacco, showed that the heap can be sprayed with a very high allocation granularity through the use of technologies introduced with HTML5.