You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
the if on line 31 succeeds if x is negative. This is a problem if the compiler puts secret at a lower address than array1, which is the case on my Mac (the offset calculation in main will make malicious_x and therefore x negative). In this case, the program doesn't actually demonstrate a spectre attack. The fix would be to check that x is both greater than or equal to zero and less than array1_size. I'm not sure how to do that without causing branching (I guess that using && must cause branching because of short-circuiting and will mess up branch prediction. Would something like "...int test = x < array1_size; test &= x >= 0; if(test) ..." work?).
The text was updated successfully, but these errors were encountered:
the if on line 31 succeeds if x is negative. This is a problem if the compiler puts secret at a lower address than array1, which is the case on my Mac (the offset calculation in main will make malicious_x and therefore x negative). In this case, the program doesn't actually demonstrate a spectre attack. The fix would be to check that x is both greater than or equal to zero and less than array1_size. I'm not sure how to do that without causing branching (I guess that using && must cause branching because of short-circuiting and will mess up branch prediction. Would something like "...int test = x < array1_size; test &= x >= 0; if(test) ..." work?).
The text was updated successfully, but these errors were encountered: