The PUSH/POP/SP mechanics you implement here are exactly what x86's RSP register and ARM's SP do on every function call, and stack-based buffer overflows, one of the most exploited vulnerability classes in CVE history, happen precisely because this LIFO memory can be overwritten past its bounds. Stack canaries and non-executable-stack protections in glibc and the Linux kernel exist specifically to defend this structure.