Zephyr Project API 3.7.0
A Scalable Open Source RTOS
|
#include <zephyr/types.h>
Go to the source code of this file.
Functions | |
static uint32_t | k_array_index_sanitize (uint32_t index, uint32_t array_size) |
Sanitize an array index against bounds check bypass attacks aka the Spectre V1 vulnerability. | |
Sanitize an array index against bounds check bypass attacks aka the Spectre V1 vulnerability.
CPUs with speculative execution may speculate past any size checks and leak confidential data due to analysis of micro-architectural properties. This will unconditionally truncate any out-of-bounds indexes to zero in the speculative execution path using bit twiddling instead of any branch instructions.
Example usage:
if (index < size) { index = k_array_index_sanitize(index, size); data = array[index]; }
index | Untrusted array index which has been validated, but not used |
array_size | Size of the array |