diff options
author | Ryuta Kamizono <kamipo@gmail.com> | 2019-02-18 15:27:23 +0900 |
---|---|---|
committer | Ryuta Kamizono <kamipo@gmail.com> | 2019-02-18 16:57:10 +0900 |
commit | b09d8f6bb3a23cd907d084103fb5b4c02479a39b (patch) | |
tree | 150e5356911c2cb1e4576a9190d1269e268f7145 /activerecord/lib/active_record | |
parent | 4ea067017ae52d4a74335ed85df085a86663d213 (diff) | |
download | rails-b09d8f6bb3a23cd907d084103fb5b4c02479a39b.tar.gz rails-b09d8f6bb3a23cd907d084103fb5b4c02479a39b.tar.bz2 rails-b09d8f6bb3a23cd907d084103fb5b4c02479a39b.zip |
Don't allow `where` with invalid value matches to nil values
That is considered as silently leaking information.
If type casting doesn't return any actual value, it should not be
matched to any record.
Fixes #33624.
Closes #33946.
Diffstat (limited to 'activerecord/lib/active_record')
-rw-r--r-- | activerecord/lib/active_record/relation/query_attribute.rb | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/activerecord/lib/active_record/relation/query_attribute.rb b/activerecord/lib/active_record/relation/query_attribute.rb index 1dd6462d8d..cd18f27330 100644 --- a/activerecord/lib/active_record/relation/query_attribute.rb +++ b/activerecord/lib/active_record/relation/query_attribute.rb @@ -18,8 +18,10 @@ module ActiveRecord end def nil? - !value_before_type_cast.is_a?(StatementCache::Substitute) && - (value_before_type_cast.nil? || value_for_database.nil?) + unless value_before_type_cast.is_a?(StatementCache::Substitute) + value_before_type_cast.nil? || + type.respond_to?(:subtype, true) && value_for_database.nil? + end rescue ::RangeError end |