| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <46FD4365.9000003@susam.in>
Date: Fri, 28 Sep 2007 23:39:41 +0530
From: Susam Pal <susam@...am.in>
To: carl hardwick <hardwick.carl@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Firefox 2.0.0.7 has a very serious
calculation bug
Let's take this C code.
#include <stdio.h>
int main(int argc, char **argv) {
float a = 0.7;
if(a == 0.7) {
printf("%f is equal to %f\n", a, 0.7);
} else {
printf("%f is not equal to %f\n", a, 0.7);
}
}
On many implementations (not necessarily all implementations) we will
get the output as:-
0.700000 is not equal to 0.700000
For example, on my Debian Etch with gcc 4.1.2, the output is as shown
above. This doesn't mean it is a bug in GCC. We can't call this a bug in
GCC because it's just a limitation of floating point math. The
programmer should be careful of these floating point issues while
programming.
Similarly, if someone doesn't take care of the floating point behavior
while writing code in JavaScript, we should say that the JavaScript code
has the bug instead of saying that the bug is in Firefox.
Regards,
Susam Pal
http://susam.in/
carl hardwick wrote, On Friday 28 September 2007 09:46 PM:
> There's a flaw in Firefox 2.0.0.7 allows javascript to execute wrong
> subtractions.
>
> PoC concept here:
> javascript:5.2-0.1
> (copy this code into address bar)
>
> Firefox 2.0.0.7 result: 5.1000000000000005 (WRONG!)
> Internet Explorer 7 result: 5.1 (OK)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists