Question

What protection measures do jump oriented and return oriented programming overcome or are vulnerable to?

Answer 1

Jump Oriented Programming is vulnerable to segmentation fault issue

while Return Oriented programming is vulnerable to  buffer overflows .

Both of them overcomes the other's vulnerability .

JOP is extremely similar to ROP. It is useful when stack protections are in use, thus preventing stack buffer overwrites, stack pivoting, or return address filtering (a form of partial control flow enforcement). This allows heap-only exploitation via heap corruption, UAF, etc.

#include <string.h>

void foo (char *bar)
{
   char  c[12];

   strcpy(c, bar);  // no bounds checking so if bar is of length 100 then it takes other memory which   
                    // was not intended for it and can cause many problems .
}

int main (int argc, char **argv)
{
   foo(argv[1]);

   return 0;
}

Coming to JOP the segmentation fault / heap corruption issues may arise .

In ROP the OS has a view of the program through segmentation . So if there is function f1 of 100 lines the whole function is loaded in a page in RAM while execution of the program .

So in JOP,the program may damage the allocator's view of the heap.

It may cause memory leak (where some memory isn't returned to the heap and is inaccessible to the program afterward) .