Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Convert IEEE 754 double precision numbers into C99-style hex floats.
Hexadecimal floats are the base 16 version of a regular floating point number. They are useful when debugging routines which manipulate floating point numbers since it is easier to inspect their contents than it is with decimal floats (which are often rounded when displayed to make things look nicer). Hex floats may not be as pretty as decimal floats to an average user, but they present the information stored in a float value more honestly.
Here is an example of a hexadecimal float string:
0x10a.fbcp-20
Breaking it down, the parts of the float are as follows:
0x 10a . fbc p -20
\__/ \___/ | \___/ | \___/
| | | | | |
+-Prefix +-Decimal +-Delimiter
| | |
+-Whole number +-Exponent
|
+-Fraction
The whole number and fractional part of the float is interpreted as a fixed point decimal fraction,
0x10a.fbc = 0x10afbc * 16⁻³ = 266.9833984375
While the exponent is a power of two which is multiplied by the number,
p-20 = 2⁻²⁰
Putting it all together,
0x10a.fbcp-20 = 0x10afbc * 16⁻³ * 2⁻²⁰ = 0.0002546152099967003
var doubleToHex = require('double-hex')
var numbers = [1, -1, 0, 0.5, 0.1, 1e20, Math.pow(2, -1024) ]
numbers.forEach(function(n) {
console.log('dec:', n, 'hex:', doubleToHex(n))
})
Output:
dec: 1 hex: 0x1p0
dec: -1 hex: -0x1p0
dec: 0 hex: 0x0p0
dec: 0.5 hex: 0x0.8p0
dec: 0.1 hex: 0x0.1999999999999ap0
dec: 100000000000000000000 hex: 0x56bc75e2d6310000p0
dec: 5.562684646268003e-309 hex: 0x1p-1024
npm i double-hex
var hexf = require('double-hex')(num)
Converts num
into a hexadecimal string
num
is a NumberReturns A C99 style hex string encoding number.
(c) 2015 Mikola Lysenko. MIT License
FAQs
Convert IEEE754 floats to C99 style hexadecimal strings
We found that double-hex demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.