Don't allow `where` with invalid value matches to nil values

That is considered as silently leaking information. If type casting doesn't return any actual value, it should not be matched to any record. Fixes #33624. Closes #33946.
author: Ryuta Kamizono <kamipo@gmail.com> 2019-02-18 15:27:23 +0900
committer: Ryuta Kamizono <kamipo@gmail.com> 2019-02-18 16:57:10 +0900
commit: b09d8f6bb3a23cd907d084103fb5b4c02479a39b (patch)
tree: 150e5356911c2cb1e4576a9190d1269e268f7145 /activerecord/test/cases/adapters
parent: 4ea067017ae52d4a74335ed85df085a86663d213 (diff)
download: rails-b09d8f6bb3a23cd907d084103fb5b4c02479a39b.tar.gz
rails-b09d8f6bb3a23cd907d084103fb5b4c02479a39b.tar.bz2
rails-b09d8f6bb3a23cd907d084103fb5b4c02479a39b.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/activerecord/test/cases/adapters/postgresql/uuid_test.rb b/activerecord/test/cases/adapters/postgresql/uuid_test.rb
index 9912763c1b..6591d50d06 100644
--- a/activerecord/test/cases/adapters/postgresql/uuid_test.rb
+++ b/activerecord/test/cases/adapters/postgresql/uuid_test.rb
@@ -114,6 +114,12 @@ class PostgresqlUUIDTest < ActiveRecord::PostgreSQLTestCase
     assert_equal "foobar", uuid.guid_before_type_cast
   end
 
+  def test_invalid_uuid_dont_match_to_nil
+    UUIDType.create!
+    assert_empty UUIDType.where(guid: "")
+    assert_empty UUIDType.where(guid: "foobar")
+  end
+
   def test_acceptable_uuid_regex
     # Valid uuids
     ["A0EEBC99-9C0B-4EF8-BB6D-6BB9BD380A11",
author	Ryuta Kamizono <kamipo@gmail.com>	2019-02-18 15:27:23 +0900
committer	Ryuta Kamizono <kamipo@gmail.com>	2019-02-18 16:57:10 +0900
commit	b09d8f6bb3a23cd907d084103fb5b4c02479a39b (patch)
tree	150e5356911c2cb1e4576a9190d1269e268f7145 /activerecord/test/cases/adapters
parent	4ea067017ae52d4a74335ed85df085a86663d213 (diff)
download	rails-b09d8f6bb3a23cd907d084103fb5b4c02479a39b.tar.gz rails-b09d8f6bb3a23cd907d084103fb5b4c02479a39b.tar.bz2 rails-b09d8f6bb3a23cd907d084103fb5b4c02479a39b.zip