diff options
| author | Aaron Patterson <aaron.patterson@gmail.com> | 2013-04-02 09:38:36 -0700 |
|---|---|---|
| committer | Aaron Patterson <aaron.patterson@gmail.com> | 2013-04-02 09:38:36 -0700 |
| commit | 22fee7cbe368c64afa5292bd04ccbe96325c2a83 (patch) | |
| tree | 429e8f3b4eed077fded24c6897b934b913a74965 /activerecord | |
| parent | f95111e1d2f14860b445e01a4fd32e3184c07d4b (diff) | |
| parent | 1bf6b53aa4de9267dcca42382d841cf96e98b55f (diff) | |
| download | rails-22fee7cbe368c64afa5292bd04ccbe96325c2a83.tar.gz rails-22fee7cbe368c64afa5292bd04ccbe96325c2a83.tar.bz2 rails-22fee7cbe368c64afa5292bd04ccbe96325c2a83.zip | |
Merge pull request #9975 from mmangino/raise_when_attributes_cant_be_unserialized
Unserializing YAML attributes can silently fail in development mode
Diffstat (limited to 'activerecord')
| -rw-r--r-- | activerecord/lib/active_record/coders/yaml_column.rb | 20 | ||||
| -rw-r--r-- | activerecord/test/cases/coders/yaml_column_test.rb | 14 |
2 files changed, 20 insertions, 14 deletions
diff --git a/activerecord/lib/active_record/coders/yaml_column.rb b/activerecord/lib/active_record/coders/yaml_column.rb index 8d22942a06..d3d7396c91 100644 --- a/activerecord/lib/active_record/coders/yaml_column.rb +++ b/activerecord/lib/active_record/coders/yaml_column.rb @@ -23,19 +23,15 @@ module ActiveRecord def load(yaml) return object_class.new if object_class != Object && yaml.nil? return yaml unless yaml.is_a?(String) && yaml =~ /^---/ - begin - obj = YAML.load(yaml) - - unless obj.is_a?(object_class) || obj.nil? - raise SerializationTypeMismatch, - "Attribute was supposed to be a #{object_class}, but was a #{obj.class}" - end - obj ||= object_class.new if object_class != Object - - obj - rescue ArgumentError, Psych::SyntaxError - yaml + obj = YAML.load(yaml) + + unless obj.is_a?(object_class) || obj.nil? + raise SerializationTypeMismatch, + "Attribute was supposed to be a #{object_class}, but was a #{obj.class}" end + obj ||= object_class.new if object_class != Object + + obj end end end diff --git a/activerecord/test/cases/coders/yaml_column_test.rb b/activerecord/test/cases/coders/yaml_column_test.rb index b874adc081..b72c54f97b 100644 --- a/activerecord/test/cases/coders/yaml_column_test.rb +++ b/activerecord/test/cases/coders/yaml_column_test.rb @@ -43,10 +43,20 @@ module ActiveRecord assert_equal [], coder.load([]) end - def test_load_swallows_yaml_exceptions + def test_load_doesnt_swallow_yaml_exceptions coder = YAMLColumn.new bad_yaml = '--- {' - assert_equal bad_yaml, coder.load(bad_yaml) + assert_raises(Psych::SyntaxError) do + coder.load(bad_yaml) + end + end + + def test_load_doesnt_handle_undefined_class_or_module + coder = YAMLColumn.new + missing_class_yaml = '--- !ruby/object:DoesNotExistAndShouldntEver {}\n' + assert_raises(ArgumentError) do + coder.load(missing_class_yaml) + end end end end |