diff options
author | Aaron Patterson <aaron.patterson@gmail.com> | 2010-12-07 09:49:37 -0800 |
---|---|---|
committer | Aaron Patterson <aaron.patterson@gmail.com> | 2011-02-08 14:21:12 -0800 |
commit | 0b58a7ff420d7ef4b643c521a62be7259dd2f5cb (patch) | |
tree | d5314aa04b853619912bec01f47526cddb1ef2f8 /activerecord/lib/active_record/relation/query_methods.rb | |
parent | 6b1018526fb304727ee4191afc2d8a5e29e49eea (diff) | |
download | rails-0b58a7ff420d7ef4b643c521a62be7259dd2f5cb.tar.gz rails-0b58a7ff420d7ef4b643c521a62be7259dd2f5cb.tar.bz2 rails-0b58a7ff420d7ef4b643c521a62be7259dd2f5cb.zip |
limit() should sanitize limit values
This fixes CVE-2011-0448
Diffstat (limited to 'activerecord/lib/active_record/relation/query_methods.rb')
-rw-r--r-- | activerecord/lib/active_record/relation/query_methods.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/activerecord/lib/active_record/relation/query_methods.rb b/activerecord/lib/active_record/relation/query_methods.rb index 2cbb103eb9..6a905b8588 100644 --- a/activerecord/lib/active_record/relation/query_methods.rb +++ b/activerecord/lib/active_record/relation/query_methods.rb @@ -171,7 +171,7 @@ module ActiveRecord arel.having(*@having_values.uniq.reject{|h| h.blank?}) unless @having_values.empty? - arel.take(@limit_value) if @limit_value + arel.take(connection.sanitize_limit(@limit_value)) if @limit_value arel.skip(@offset_value) if @offset_value arel.group(*@group_values.uniq.reject{|g| g.blank?}) unless @group_values.empty? |