From dd4b2609be44585d005c37c3dd2ef695483baa99 Mon Sep 17 00:00:00 2001 From: "commit-queue@webkit.org" Date: Sun, 19 Jul 2015 23:10:07 +0000 Subject: [PATCH] new Date(NaN).toJSON() must return null instead of throwing a TypeError https://bugs.webkit.org/show_bug.cgi?id=141115 Patch by Jordan Harband on 2015-07-19 Reviewed by Yusuke Suzuki. Source/JavaScriptCore: * runtime/DatePrototype.cpp: (JSC::dateProtoFuncToJSON): LayoutTests: * js/dom/JSON-stringify-expected.txt: * js/resources/JSON-stringify.js: git-svn-id: https://svn.webkit.org/repository/webkit/trunk@187016 268f45cc-cd09-0410-ab3c-d52691b4dbfc --- LayoutTests/ChangeLog | 10 ++++++++++ LayoutTests/js/dom/JSON-stringify-expected.txt | 4 ++++ LayoutTests/js/resources/JSON-stringify.js | 4 ++++ Source/JavaScriptCore/ChangeLog | 10 ++++++++++ Source/JavaScriptCore/runtime/DatePrototype.cpp | 8 +++++++- 5 files changed, 35 insertions(+), 1 deletion(-) diff --git a/LayoutTests/ChangeLog b/LayoutTests/ChangeLog index 640f41c..e814d11 100644 --- a/LayoutTests/ChangeLog +++ b/LayoutTests/ChangeLog @@ -1,3 +1,13 @@ +2015-07-19 Jordan Harband + + new Date(NaN).toJSON() must return null instead of throwing a TypeError + https://bugs.webkit.org/show_bug.cgi?id=141115 + + Reviewed by Yusuke Suzuki. + + * js/dom/JSON-stringify-expected.txt: + * js/resources/JSON-stringify.js: + 2015-07-19 Saam barati Parser::parseFunctionInfo hits RELEASE_ASSERT for Arrow Functions diff --git a/LayoutTests/js/dom/JSON-stringify-expected.txt b/LayoutTests/js/dom/JSON-stringify-expected.txt index bfd8247..8e732ec 100644 --- a/LayoutTests/js/dom/JSON-stringify-expected.txt +++ b/LayoutTests/js/dom/JSON-stringify-expected.txt @@ -97,6 +97,10 @@ function (jsonObject){ } PASS tests[i](nativeJSON) threw exception An exception. function (jsonObject){ + return jsonObject.stringify(new Date(NaN)); + } +PASS tests[i](nativeJSON) is tests[i].expected +function (jsonObject){ var d = new Date(0); d.toISOString = null; return jsonObject.stringify(d); diff --git a/LayoutTests/js/resources/JSON-stringify.js b/LayoutTests/js/resources/JSON-stringify.js index bec1885..e1e3e60 100644 --- a/LayoutTests/js/resources/JSON-stringify.js +++ b/LayoutTests/js/resources/JSON-stringify.js @@ -101,6 +101,10 @@ function createTests() { }); result[result.length - 1].throws = true; result.push(function(jsonObject){ + return jsonObject.stringify(new Date(NaN)); + }); + result[result.length - 1].expected = 'null';; + result.push(function(jsonObject){ var d = new Date(0); d.toISOString = null; return jsonObject.stringify(d); diff --git a/Source/JavaScriptCore/ChangeLog b/Source/JavaScriptCore/ChangeLog index 9b59b2c..dede225 100644 --- a/Source/JavaScriptCore/ChangeLog +++ b/Source/JavaScriptCore/ChangeLog @@ -1,3 +1,13 @@ +2015-07-19 Jordan Harband + + new Date(NaN).toJSON() must return null instead of throwing a TypeError + https://bugs.webkit.org/show_bug.cgi?id=141115 + + Reviewed by Yusuke Suzuki. + + * runtime/DatePrototype.cpp: + (JSC::dateProtoFuncToJSON): + 2015-07-19 Saam barati Parser::parseFunctionInfo hits RELEASE_ASSERT for Arrow Functions diff --git a/Source/JavaScriptCore/runtime/DatePrototype.cpp b/Source/JavaScriptCore/runtime/DatePrototype.cpp index 77db102..fe87479 100644 --- a/Source/JavaScriptCore/runtime/DatePrototype.cpp +++ b/Source/JavaScriptCore/runtime/DatePrototype.cpp @@ -1072,7 +1072,13 @@ EncodedJSValue JSC_HOST_CALL dateProtoFuncToJSON(ExecState* exec) JSObject* object = jsCast(thisValue.toThis(exec, NotStrictMode)); if (exec->hadException()) return JSValue::encode(jsNull()); - + + JSValue timeValue = object->toPrimitive(exec, PreferNumber); + if (exec->hadException()) + return JSValue::encode(jsNull()); + if (timeValue.isNumber() && !(timeValue.isInt32() || std::isfinite(timeValue.asDouble()))) + return JSValue::encode(jsNull()); + JSValue toISOValue = object->get(exec, exec->vm().propertyNames->toISOString); if (exec->hadException()) return JSValue::encode(jsNull()); -- 1.8.3.1