lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 28 Sep 2007 14:38:03 -0400
From: "Brian Kim" <bmhkim@...il.com>
To: "Susam Pal" <susam@...am.in>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Firefox 2.0.0.7 has a very serious
	calculation bug

On 9/28/07, Susam Pal <susam@...am.in> wrote:
> Let's take this C code.
>
> #include <stdio.h>
>
> int main(int argc, char **argv) {
>   float a = 0.7;
>   if(a == 0.7) {
>     printf("%f is equal to %f\n", a, 0.7);
>   } else {
>     printf("%f is not equal to %f\n", a, 0.7);
>   }
> }
>
> On many implementations (not necessarily all implementations) we will
> get the output as:-
>
> 0.700000 is not equal to 0.700000
>
> For example, on my Debian Etch with gcc 4.1.2, the output is as shown
> above. This doesn't mean it is a bug in GCC. We can't call this a bug in
> GCC because it's just a limitation of floating point math. The
> programmer should be careful of these floating point issues while
> programming.
>
> Similarly, if someone doesn't take care of the floating point behavior
> while writing code in JavaScript, we should say that the JavaScript code
> has the bug instead of saying that the bug is in Firefox.
>
> Regards,
> Susam Pal
> http://susam.in/
>
> carl hardwick wrote, On Friday 28 September 2007 09:46 PM:
> > There's a flaw in Firefox 2.0.0.7 allows javascript to execute wrong
> > subtractions.
> >
> > PoC concept here:
> > javascript:5.2-0.1
> > (copy this code into address bar)
> >
> > Firefox 2.0.0.7 result: 5.1000000000000005 (WRONG!)
> > Internet Explorer 7 result: 5.1 (OK)
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Wouldn't that be because (float)0.7 != (double)0.7?

Also, relevant to the whole discussion:
http://www.cygnus-software.com/papers/comparingfloats/comparingfloats.htm

Cheers!
Brian

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ