lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Sat, 29 Sep 2007 08:35:15 -0400
From: <full-disclosure@...hmail.com>
To: <full-disclosure@...ts.grok.org.uk>,<rodrigob@...kover.org>
Subject: Re: Firefox 2.0.0.7 has a very serious
	calculation bug

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Not so much it required such a long thread.

On Fri, 28 Sep 2007 15:29:18 -0400 Rodrigo Barbosa
<rodrigob@...kover.org> wrote:
>On Fri, Sep 28, 2007 at 09:09:02PM +0200, Michal Zalewski wrote:
>> On Sat, 29 Sep 2007, Jimby Sharp wrote:
>>
>> > I don't get the same from C-style double arithmetics. Could
>you provide
>> > a sample code that you believe should show the same behavior?
>>
>> If you don't, it's presumably because the subtraction is
>optimized out by
>> the compiler, or because you printf() with an insufficient
>precision in
>> format spec. The following should do the trick:
>>
>> volatile double a = 5.2;
>> volatile double b = 0.1;
>> main() { printf("%.16lf\n",a-b); }
>
>Confirmed here with:
>
>gcc (GCC) 4.1.1 20070105 (Red Hat 4.1.1-52)
>
>Actually quite interesting.
>
>--
>Rodrigo Barbosa
>"Quid quid Latine dictum sit, altum viditur"
>"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Charset: UTF8
Version: Hush 2.5

wpwEAQECAAYFAkb+RoIACgkQ+dWaEhErNvTOsgP/ZcU7BhwhtlxVR3DGfKQU7mn5uLVR
cN9rMB+G+yvM8CtdwrN3d0aJDCd2LFIal0XhnzvlPIV86wAhWic2gS89TRGHt9J82mKp
PyqHJWN0OAfMY0EjbURREjaz4dxmfV0d+T8la5b/vLRDhcI7HlH7YvLBrLcuDSAcySZX
5BtQnKE=
=uIWZ
-----END PGP SIGNATURE-----

--
Click here to find great prices on contact lenses.  Save now.
http://tagline.hushmail.com/fc/Ioyw6h4ea3BpGtXYQZ6VgDfUuhClr58eVgjo8X0nsCkACj902Us7mY/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ