[NoW] Arithmetic caveat in Lua 5.3

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[NoW] Arithmetic caveat in Lua 5.3

Egor Skriptunoff-2
"NoW" stands for "Nitpicking on Wednesdays" :-)
(unimportant questions about Lua design and implementation)
 
Hi!
 
It was impossible in Lua 5.2, but is possible since Lua 5.3:
There exist numbers x and y such that
   assert(x > y and x - y == 0)
This potentially could break the logic of your script.
When migrating old projects to newer Lua versions,
make sure your application withstands new options of maliciously crafted input.

-- Egor
Reply | Threaded
Open this post in threaded view
|

Re: [NoW] Arithmetic caveat in Lua 5.3

Dirk Laurie-2
Op Wo. 9 Jan. 2019 om 22:37 het Egor Skriptunoff
<[hidden email]> geskryf:

> It was impossible in Lua 5.2, but is possible since Lua 5.3:
> There exist numbers x and y such that
>    assert(x > y and x - y == 0)
> This potentially could break the logic of your script.
> When migrating old projects to newer Lua versions,
> make sure your application withstands new options of maliciously crafted input.

When I was taught Fortran II in 1965, our very first programming
assignment was to find the fixed point of a function by iteration. The
test case was maliciously crafted [1] by the professor so that in the
arithmetic of our computer (the University possed exactly one) the
iteration xnew = f(xold) would alternate between two values. Those of
use whose programs were equivalent to
    repeat xold,xnew = xnew,f(xold) until xold == xnew
or
    repeat xold,xnew = xnew,f(xold) until xold-xnew == 0
debugged furiously and blamed the computer. At the next class he
explained the reason for the phenomenon and taught us never to use
tests such as x-y == 0 or x==y.

So I don't think it is quite fair to call this a Lua issue.

[1] I can't recall what it was but f = load"return 1.3*math.cos(...)"
displays the same behaviour.