Compile and run this.
#include <stdio.h>
int main(int argc, char **argv) {
float a = 0.7;
if(a == 0.7) {
printf("%f is equal to %f\n", a, 0.7);
} else {
printf("%f is not equal to %f\n", a, 0.7);
}
}
On many implementations (not necessarily all implementations) you will
get the output as:-
0.700000 is not equal to 0.700000
For example, on my Debian Etch with gcc 4.1.2, the output is as shown
above. This doesn't mean it is a bug in 'gcc'. It's just a limitation
of floating point math. If someone doesn't take care of the floating
point behavior while writing code in JavaScript, it is a bug in the
JavaScript code and not a bug in Firefox.
Regards,
Susam Pal
http://susam.in/
On 9/28/07, blah <blah@blakogre.com> wrote:
IE7 was fine for me, showed up in FF 2.0.0.7
However, I think it's much wider-spread than initially thought. I
found the same most unsettling results using:
javascript:4.2-0.1
javascript:3.2-0.1
javascript:2.2-0.1
I did not have time to try more, but obviously all of you can see the
possibilities. Because it appears this works with any number, I've
dubbed it the FIB, (Firefox Infinite Bug).
I think this should get its own exploit category, too, since
assuredly, perhaps one day, this will be exploitable.
On 9/28/07, Steven Adair <steven@securityzone.org> wrote:
So are we dealing with an RDCB (Recently Disclosed Calculation Bug) or was
this just a mistake?
Steven
Actually, I see 5.1000000000000005 in both browsers.
Larry Seltzer
eWEEK.com Security Center Editor
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
