[Webkit-unassigned] [Bug 261081] INPUT element: Fix integer overflow in input.stepDown()

[bugzilla-daemon at webkit.org]

https://bugs.webkit.org/show_bug.cgi?id=261081

--- Comment #4 from Ahmad Saleem <ahmad.saleem792 at gmail.com> ---
So I am ranting and trying to understand it better, so ignore me, if I am totally wrong.

First - read HTMLInputElement interface and see 'stepUp' and 'stepDown':

--> https://html.spec.whatwg.org/multipage/input.html#htmlinputelement

undefined stepUp(optional long n = 1);
undefined stepDown(optional long n = 1);

Which if I read WebIDL specification:

--> https://webidl.spec.whatwg.org/#idl-long

Where it should be (long type integer):

>> The long type is a signed integer type that has values in the range [−2147483648, 2147483647].

and then in our WebKit implementation:

https://searchfox.org/wubkat/rev/581e116dc6ce254811dbe2da9d1c1168762fc30c/Source/WebCore/html/HTMLInputElement.cpp#390

We have:

ExceptionOr<void> HTMLInputElement::stepDown(int n)
{
    return m_inputType->stepUp(-n);
}

Which as per Blink should be changed to:

ExceptionOr<void> HTMLInputElement::stepDown(int n)
{
    return m_inputType->stepUp(-1.0);
}

I am not sure then why we need 'int n' argument.

As Anne mentioned, even I am not clear on why they change `int` to `double`, while the `step` should be integers as per web-spec.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20240118/89f9b000/attachment-0001.htm>