[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <3eab9ed60710011109v2b0ce067q89dbd5e032a4a58f@mail.gmail.com>
Date: Mon, 1 Oct 2007 23:39:16 +0530
From: "Jimby Sharp" <jimbysharp@...il.com>
To: wac <waldoalvarez00@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Firefox 2.0.0.7 has a very serious
calculation bug
> Also notice that if there is really a problem in FF javascript engine it goes beyond the
> browser. You could run Tamarin, Spidermonkey or Rhino on the server side and perform some
> processing there with javascript.
For heaven's sake please try to understand that it is not a problem at all.
> As a side comment I wanted to tell you that what is out there on the internet is not a
> standart. Is what IE dictates. IE rules the internet whether you like or not.
Go and read the ECMA standard. A standard is standard and it has
nothing to do with IE.
> I don't think that's a fair comparison. If you make the right algorithm and you do not get the
> expected results *is* not your fault but what are you sitting at (compiler, framework, library
> ...).
I fail to understand which part of my argument you failed to
understand. strcpy() provides the expected result for the right
algorithm so we do not say there is a bug in gcc. if someone uses
strcpy() to read user's input directly into a buffer, we say there is
a bug in the program.
Similarly, Firefox javascript floating point math gives expected
results. So there is no bug in Firefox. Now if you write a program
assuming the results of the floating math are absolutely accurate,
your program might have a bug.
---------------------------------------------------------------------------------------------
My protest against stupid Indian security researcher:-
Aditya K Sood is an asshole: http://secnichebogus.blogspot.com/
---------------------------------------------------------------------------------------------
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists