[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Firefox 2.0.0.7 has a very serious calculation bug



On 9/28/07, Susam Pal <susam@xxxxxxxx> wrote:
> Let's take this C code.
>
> #include <stdio.h>
>
> int main(int argc, char **argv) {
>   float a = 0.7;
>   if(a == 0.7) {
>     printf("%f is equal to %f\n", a, 0.7);
>   } else {
>     printf("%f is not equal to %f\n", a, 0.7);
>   }
> }
>
> On many implementations (not necessarily all implementations) we will
> get the output as:-
>
> 0.700000 is not equal to 0.700000
>
> For example, on my Debian Etch with gcc 4.1.2, the output is as shown
> above. This doesn't mean it is a bug in GCC. We can't call this a bug in
> GCC because it's just a limitation of floating point math. The
> programmer should be careful of these floating point issues while
> programming.
>
> Similarly, if someone doesn't take care of the floating point behavior
> while writing code in JavaScript, we should say that the JavaScript code
> has the bug instead of saying that the bug is in Firefox.
>
> Regards,
> Susam Pal
> http://susam.in/
>
> carl hardwick wrote, On Friday 28 September 2007 09:46 PM:
> > There's a flaw in Firefox 2.0.0.7 allows javascript to execute wrong
> > subtractions.
> >
> > PoC concept here:
> > javascript:5.2-0.1
> > (copy this code into address bar)
> >
> > Firefox 2.0.0.7 result: 5.1000000000000005 (WRONG!)
> > Internet Explorer 7 result: 5.1 (OK)
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Wouldn't that be because (float)0.7 != (double)0.7?

Also, relevant to the whole discussion:
http://www.cygnus-software.com/papers/comparingfloats/comparingfloats.htm

Cheers!
Brian

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/