IETF Logo Mail Archive

Re: [Json] Bug in RFC7493 (I-JSON)?

Anders Rundgren <anders.rundgren.net@gmail.com> Sun, 06 May 2018 06:52 UTC

Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: json@ietfa.amsl.com
Delivered-To: json@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8BD36124BAC for <json@ietfa.amsl.com>; Sat, 5 May 2018 23:52:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wJLeqGgGMzIr for <json@ietfa.amsl.com>; Sat, 5 May 2018 23:52:12 -0700 (PDT)
Received: from mail-wr0-x22e.google.com (mail-wr0-x22e.google.com [IPv6:2a00:1450:400c:c0c::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 516201200C1 for <json@ietf.org>; Sat, 5 May 2018 23:52:12 -0700 (PDT)
Received: by mail-wr0-x22e.google.com with SMTP id f2-v6so12980728wrm.3 for <json@ietf.org>; Sat, 05 May 2018 23:52:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=GiHp1jbyQwa4ZxYWcZ9ZRjW9dv9zjZszu8YnV6kL3w0=; b=JHthtNg6jIFm4qeWrUR4gcL6WiQCHujHtstgvWCuaz9LWfGA3F4R980v8Xex7NRYhL CfjfgNf9a7sy4x3aer4cMfs/XyE6bvv0HDGaqtsvGIgAT3hEM3q6D4UBgyP9EcRhB1Ae jRwqGhTTeUqurPyFcYZi/VXiJwXnTa+w9GopXn31Fnt+urvueETHWSKn5RQ9MzvscqtM yta43U7v1piF5SguaId/vFLFmHQcNXEB9WnLO9h6YwUqIRwT2UQyiEUH3Mh0MaWjHTWu nEoU2ADjkEHEytRRyjJIJwZ9Ynqer25yny15JEPkDz/fCBOp6NOgKccWHKuPFVrqgM4Z FqFg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=GiHp1jbyQwa4ZxYWcZ9ZRjW9dv9zjZszu8YnV6kL3w0=; b=iE3IJQ2lGlfQhC/l4QbGZOwV4HchUh7MpkDVEOik7invhNkkzacRaj1hLgXr2mM6ur TGXFgUxvpUvKskgLeBAyo7l5c1kvDwSMouwrFFyiBpnAkpCvXbcQs7HEmHXRl3se14nI FbnBH6SrjM/xojtUFSXmzNNK9Zvaw0ohqPEt9bYk0cLR+K6uMYNw37jQ21O+gkPm7bnX eaRWSShjTsQk0qo0hqMW9SiyBIn1eKUhD96+gt/WngGOXbwvomlkNhdrfBZfPDrQaK+w H8FMTsL7+xaO8Zfafrcl/q+OdTVvy+XGVj88+rLsaK3Rog+h4iMSaMi4mF9xPvFjnm+h Y+Fw==
X-Gm-Message-State: ALQs6tDLotunVG0zFqjDZANEaQEzdZv0EM8qjGPaQyr2nebq19YywcEF tTOeKv4Q0BBFDAbLLRZvlPridg==
X-Google-Smtp-Source: AB8JxZo5AP8oRcGqb3Diq0uOY3/Zq4YFH1qTyI6djdul+eaoNdwBzY3oYyvVbOrAZ6hdWlgnAW91Qg==
X-Received: by 2002:adf:8212:: with SMTP id 18-v6mr25257364wrb.144.1525589530163; Sat, 05 May 2018 23:52:10 -0700 (PDT)
Received: from [192.168.1.79] (25.131.146.77.rev.sfr.net. [77.146.131.25]) by smtp.googlemail.com with ESMTPSA id q34-v6sm28663325wrb.27.2018.05.05.23.52.08 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 05 May 2018 23:52:09 -0700 (PDT)
To: Tim Bray <tbray@textuality.com>
Cc: "json@ietf.org" <json@ietf.org>
References: <d9235420-09e2-4d25-1e4d-19848e2c48d8@gmail.com> <CAHBU6iv_FGXgXkQ9CExKXnsgfcEct095s=2ef6wLvt9yXAhR6Q@mail.gmail.com>
From: Anders Rundgren <anders.rundgren.net@gmail.com>
Message-ID: <543556f0-660b-7396-2528-2f0b382f3c05@gmail.com>
Date: Sun, 06 May 2018 08:52:05 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0
MIME-Version: 1.0
In-Reply-To: <CAHBU6iv_FGXgXkQ9CExKXnsgfcEct095s=2ef6wLvt9yXAhR6Q@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/json/G2TES1-ZrtGiYPSe292waJwi2aQ>
Subject: Re: [Json] Bug in RFC7493 (I-JSON)?
X-BeenThere: json@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "JavaScript Object Notation \(JSON\) WG mailing list" <json.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/json>, <mailto:json-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/json/>
List-Post: <mailto:json@ietf.org>
List-Help: <mailto:json-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/json>, <mailto:json-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 06 May 2018 06:52:14 -0000

On 2018-05-06 08:34, Tim Bray wrote:
> So… the spec underpromises and overdelivers :)

Indeed :-)

> 
> Seriously, I wonder if this behavior is portable across IEEE 754 implementations.

It seems so.  At least Browsers, Node.js, .NET, and Java are identical on this particular point.

Anyway, it is prerequisite for the JSON canonicalization scheme that JSON Numbers are treated identical.
I just ported 2000 lines of Java code to C# to achieve this.
It passed 100 million random and special numbers including de-normalized edge-cases like
Hex: 0000000000000001	ES6: 5e-324

Anders

> 
> On Sat, May 5, 2018 at 11:21 PM, Anders Rundgren <anders.rundgren.net@gmail.com <mailto:anders.rundgren.net@gmail.com>> wrote:
> 
>     During testing of the JSON canonicalizer [1,2] I tried with an integer just above the specified limit (2**53) + 1 and to my surprise it didn't fail.
>     A short run with an IEEE-754/ES6 debugger seemed to confirm that +-2**53 is the actual limit for integers.
> 
>     Input floating point: 9007199254740991
>     Output floating point: 9007199254740991
>     Hex value: 433fffffffffffff
>     Binary value: 0 10000110011 1111111111111111111111111111111111111111111111111111
> 
>     Input floating point: 9007199254740992
>     Output floating point: 9007199254740992
>     Hex value: 4340000000000000
>     Binary value: 0 10000110100 0000000000000000000000000000000000000000000000000000
> 
>     Anders
> 
>     1] https://github.com/cyberphone/json-canonicalization#json-canonicalization <https://github.com/cyberphone/json-canonicalization#json-canonicalization>
>     2] https://cyberphone.github.io/doc/security/draft-rundgren-json-canonicalization-scheme.html <https://cyberphone.github.io/doc/security/draft-rundgren-json-canonicalization-scheme.html>
> 
> 
>     _______________________________________________
>     json mailing list
>     json@ietf.org <mailto:json@ietf.org>
>     https://www.ietf.org/mailman/listinfo/json <https://www.ietf.org/mailman/listinfo/json>
> 
> 
> 
> 
> -- 
> - Tim Bray (If you’d like to send me a private message, see https://keybase.io/timbray)

v2.23.0 | Report a Bug | By Email