opal_error_to_human shows how subtle and deep Spectre v1 can go. this one is probably not useful but it shows the evolving power of our Spectre v1 static analysis tool. only 2600+ instances to go through ;).

Mar 18, 2018 · 11:58 AM UTC

1
1
7
Replying to @paxteam
That's code I maintain. Would you suggest hardening that function in anyway?
1
you can always use array_index_nospec yourself but honestly, doing all these changes by hand will never scale and it should be done by the compiler instead (which is where we're going).
3