stop calling to_sym when building arel nodes [CVE-2013-1854]

author: Aaron Patterson <aaron.patterson@gmail.com> 2013-03-05 14:52:08 -0800
committer: Aaron Patterson <aaron.patterson@gmail.com> 2013-03-15 17:45:10 -0700
commit: 5dc2e3531babcbdc165884d1a47cbcd13455522d (patch)
tree: d58cdd1c576a1c8a170beaa5439c17165ca784bb /activerecord/lib
parent: 6ea48ebfa68947ad66a516bdb7452e0faf3f70a7 (diff)
download: rails-5dc2e3531babcbdc165884d1a47cbcd13455522d.tar.gz
rails-5dc2e3531babcbdc165884d1a47cbcd13455522d.tar.bz2
rails-5dc2e3531babcbdc165884d1a47cbcd13455522d.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/activerecord/lib/active_record/relation/predicate_builder.rb b/activerecord/lib/active_record/relation/predicate_builder.rb
index bd783a94cf..f44d46d15b 100644
--- a/activerecord/lib/active_record/relation/predicate_builder.rb
+++ b/activerecord/lib/active_record/relation/predicate_builder.rb
@@ -48,7 +48,7 @@ module ActiveRecord
         column = reflection.foreign_key
       end
 
-      queries << build(table[column.to_sym], value)
+      queries << build(table[column], value)
       queries
     end
author	Aaron Patterson <aaron.patterson@gmail.com>	2013-03-05 14:52:08 -0800
committer	Aaron Patterson <aaron.patterson@gmail.com>	2013-03-15 17:45:10 -0700
commit	5dc2e3531babcbdc165884d1a47cbcd13455522d (patch)
tree	d58cdd1c576a1c8a170beaa5439c17165ca784bb /activerecord/lib
parent	6ea48ebfa68947ad66a516bdb7452e0faf3f70a7 (diff)
download	rails-5dc2e3531babcbdc165884d1a47cbcd13455522d.tar.gz rails-5dc2e3531babcbdc165884d1a47cbcd13455522d.tar.bz2 rails-5dc2e3531babcbdc165884d1a47cbcd13455522d.zip