diff options
author | Aaron Patterson <aaron.patterson@gmail.com> | 2012-05-30 15:09:13 -0700 |
---|---|---|
committer | Aaron Patterson <aaron.patterson@gmail.com> | 2012-05-30 15:09:13 -0700 |
commit | 9340f89849606dba02f44038171f3837f883fd4e (patch) | |
tree | 1c60619cf2a565ce998beb81c91457999b69dd45 /activerecord/lib/active_record/relation | |
parent | 344ea048659f2ba47012f0330183ea4a96752732 (diff) | |
download | rails-9340f89849606dba02f44038171f3837f883fd4e.tar.gz rails-9340f89849606dba02f44038171f3837f883fd4e.tar.bz2 rails-9340f89849606dba02f44038171f3837f883fd4e.zip |
predicate builder should not recurse for determining where columns.
Thanks to Ben Murphy for reporting this
CVE-2012-2661
Diffstat (limited to 'activerecord/lib/active_record/relation')
-rw-r--r-- | activerecord/lib/active_record/relation/predicate_builder.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/activerecord/lib/active_record/relation/predicate_builder.rb b/activerecord/lib/active_record/relation/predicate_builder.rb index 6a0cdd5917..cb8f903474 100644 --- a/activerecord/lib/active_record/relation/predicate_builder.rb +++ b/activerecord/lib/active_record/relation/predicate_builder.rb @@ -6,7 +6,7 @@ module ActiveRecord if value.is_a?(Hash) table = Arel::Table.new(column, engine) - build_from_hash(engine, value, table) + value.map { |k,v| build(table[k.to_sym], v) } else column = column.to_s |