Bug 262057
| Summary: | Properly clamp INT_MIN for legacy CJK counter style algorithms | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Ahmad Saleem <ahmad.saleem792> |
| Component: | CSS | Assignee: | Nobody <webkit-unassigned> |
| Status: | NEW | ||
| Severity: | Normal | CC: | karlcow, ntim, vitor.roriz, webkit-bug-importer |
| Priority: | P2 | Keywords: | BrowserCompat, InRadar |
| Version: | WebKit Nightly Build | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
Ahmad Saleem
Hi Team,
While going through Blink's commit, came across another failing test case:
Test Case: https://jsfiddle.net/mgLf0z3e/
^ Safari Technology Preview 179 shows '-2147483648' rather than word. Both Chrome Canary 119 and Firefox Nightly 119 match each other. Hence, added 'BrowserCompat' tag.
Blink Commit: https://chromium.googlesource.com/chromium/src/+/fb1994451ba223e35d00a30ffa170120978b19df
Just wanted to raise so we can fix it.
@CCing - Vitor and Tim for their work on counter-style work.
Thanks!
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Radar WebKit Bug Importer
<rdar://problem/116355180>
Ahmad Saleem
Tried following:
static int absoluteValueForLegacyCJKAlogrithms(int value)
{
// @counter-style algorithm works on absolute value, but the legacy
// implementation works on the original value (and handles negative sign on
// its own). Clamp to the signed int range before proceeding.
if (UNLIKELY(value == std::numeric_limits<int>::min()))
return std::numeric_limits<int>::max();
else
return std::abs(value);
}
and then 'return' modified like this:
return counterForSystemCJK(absoluteValueForLegacyCJKAlogrithms(value), simplifiedChineseInformalTable, Formality::Informal);
and then 'CSSCounterStyle::initialRepresentation' updated to have following as 'absoluteValue':
unsigned absoluteValue = value == std::numeric_limits<int>::min() ? static_cast<unsigned>(std::numeric_limits<int>::max()) + 1u : std::abs(value);
___
Following does not fix the test case (at least running via JSFiddle).