Seonglae ChoDirectly overwriting the code is not possible because the address and protection mechanisms are mutually dependent. Instead, we inject the code into the stack and return to the injected code, which requires the stack to be executable.
Data Execution Prevention
Stack is by default not executable in modern OSs. Return to stack will trigger a segmentation fault. (Readable and Writable but Not eXecutable)