[csswg-drafts] [css-counter-styles] Additive algorithm shouldn't divide by 0 (#5784) from Oriol Brufau via GitHub on 2020-12-11 (public-css-archive@w3.org from December 2020)

From: Oriol Brufau via GitHub <sysbot+gh@w3.org>
Date: Fri, 11 Dec 2020 18:33:43 +0000
To: public-css-archive@w3.org
Message-ID: <issues.opened-762735870-1607711622-sysbot+gh@w3.org>

Loirooriol has just created a new issue for https://github.com/w3c/csswg-drafts:

== [css-counter-styles] Additive algorithm shouldn't divide by 0 ==
Not sure if I'm missing something, but consider

```html
<style>
@counter-style foo {
  system: additive;
  additive-symbols: 0 ⚀;
}
</style>
<li value="1" style="list-style: foo inside"></li>
```

From https://drafts.csswg.org/css-counter-styles/#additive-system

> 1. If *value* is initially 0

It's 1, so no-op.

> 2. While *value* is greater than 0 and there are elements left in the *symbol list*:

Fine, *value* = 1 > 0 and the *symbol list* contains one additive tuple.

> 2.1. Pop the first additive tuple from the *symbol list*. This is the *current tuple*. 

The current tuple is `0 ⚀`.

> 2.2. Append the current tuple’s counter symbol to *S* `floor( value / current tuple’s weight )` times (this may be 0). 

`floor(1 / 0) = floor(∞) = ∞`. So the algorithm is asking to append `⚀` infinite times??

> 2.3 Decrement *value* by the *current tuple*’s *weight* multiplied by the number of times the current tuple was appended to S in the previous step.

`value = 1 - 0*∞ = 1 - NaN = NaN`, I guess?

> 2. While value is greater than 0

NaN is not greater than 0, presumably.

> 3. If the loop ended because value is 0, return S. Otherwise, the given counter value cannot be represented by this counter style, and must instead be represented by the fallback counter style.

So I guess it may end up being fine with the fallback counter style. But it just seems pretty wrong for the algorithm to have divisions by 0, infinite insertions, etc.

Both [Firefox](https://searchfox.org/mozilla-central/rev/4415bec7a49c50a338167d9c8934527b9cae59d0/layout/style/CounterStyleManager.cpp#164-166) and [Chromium](https://source.chromium.org/chromium/chromium/src/+/master:third_party/blink/renderer/core/css/counter_style.cc;drc=cac8eca73fba35669e706b5c0425f4a2667fb5c8;l=169) stop iterating if the weight is 0 . I think the algorithm should have that check too.

Please view or discuss this issue at https://github.com/w3c/csswg-drafts/issues/5784 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Friday, 11 December 2020 18:33:44 UTC