Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 7d717f937dacbd898dc653acdc01c6aa9905a2af
https://github.com/WebKit/WebKit/commit/7d717f937dacbd898dc653acdc01c6aa9905a2af
Author: Keita Nonaka <[email protected]>
Date: 2025-06-25 (Wed, 25 Jun 2025)
Changed paths:
M JSTests/stress/date-timeClip-large-values.js
M LayoutTests/js/date-timeClip-large-values-expected.txt
M Source/JavaScriptCore/runtime/DatePrototype.cpp
Log Message:
-----------
[JSC] Ensure `Date.prototype.setMonth` and `Date.prototype.setUTCMonth`
Respects TimeClip Range by Guarding months of GregorianDateTime Overflow
https://bugs.webkit.org/show_bug.cgi?id=294815
Reviewed by Sosuke Suzuki.
TimeClip[1] function, as referenced in Date.prototype.setMonth[2] and
Date.prototype.setUTCMonth[3], mentions that absolute value of time must not
exceed 8.64E15 in milliseconds, otherwise returns NaN.
However, the current GregorianDateTime class represents months member variable
as int.
Therefore, if the months exceeds the maximum representable int,
date calculations may produce incorrect results.
This patch adds a safeguard to ensure that such overflows are prevented
to align the behavior with the TC39 spec.
[1]: https://tc39.es/ecma262/#sec-timeclip
[2]: https://tc39.es/ecma262/#sec-date.prototype.setmonth
[3]: https://tc39.es/ecma262/#sec-date.prototype.setutcmonth
* JSTests/stress/date-timeClip-large-values.js:
* LayoutTests/js/date-timeClip-large-values-expected.txt:
* Source/JavaScriptCore/runtime/DatePrototype.cpp:
(JSC::fillStructuresUsingDateArgs):
Canonical link: https://commits.webkit.org/296644@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
