Bug 262057

Summary: Properly clamp INT_MIN for legacy CJK counter style algorithms
Product: WebKit Reporter: Ahmad Saleem <ahmad.saleem792>
Component: CSSAssignee: Nobody <webkit-unassigned>
Status: NEW ---    
Severity: Normal CC: karlcow, ntim, vitor.roriz, webkit-bug-importer
Priority: P2 Keywords: BrowserCompat, InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   

Description Ahmad Saleem 2023-09-25 11:04:06 PDT 
Hi Team,

While going through Blink's commit, came across another failing test case:

Test Case: https://jsfiddle.net/mgLf0z3e/

^ Safari Technology Preview 179 shows '-2147483648' rather than word. Both Chrome Canary 119 and Firefox Nightly 119 match each other. Hence, added 'BrowserCompat' tag.

Blink Commit: https://chromium.googlesource.com/chromium/src/+/fb1994451ba223e35d00a30ffa170120978b19df

Just wanted to raise so we can fix it.

@CCing - Vitor and Tim for their work on counter-style work.

Thanks!
Comment 1 Radar WebKit Bug Importer 2023-10-02 11:05:17 PDT 
<rdar://problem/116355180>
Comment 2 Ahmad Saleem 2023-12-19 14:58:50 PST 
Tried following:

static int absoluteValueForLegacyCJKAlogrithms(int value)
{
    // @counter-style algorithm works on absolute value, but the legacy
    // implementation works on the original value (and handles negative sign on
    // its own). Clamp to the signed int range before proceeding.
    if (UNLIKELY(value == std::numeric_limits<int>::min()))
        return std::numeric_limits<int>::max();
    else
        return std::abs(value);
}

and then 'return' modified like this:

return counterForSystemCJK(absoluteValueForLegacyCJKAlogrithms(value), simplifiedChineseInformalTable, Formality::Informal);

and then 'CSSCounterStyle::initialRepresentation' updated to have following as 'absoluteValue':

unsigned absoluteValue = value == std::numeric_limits<int>::min() ? static_cast<unsigned>(std::numeric_limits<int>::max()) + 1u : std::abs(value);

___

Following does not fix the test case (at least running via JSFiddle).