diff options
| author | Olek Janiszewski <olek@hoteltonight.com> | 2016-03-11 10:20:41 +0100 |
|---|---|---|
| committer | Olek Janiszewski <olek@hoteltonight.com> | 2016-03-11 10:35:01 +0100 |
| commit | aa0fad51482c24ece58ec7186c45fd340b35ecb1 (patch) | |
| tree | dd67264a9b79a9eff6d648a9bdc113885535cd49 /activesupport/lib | |
| parent | a101115d5b8011278891f30f69901f9583ea7685 (diff) | |
| download | rails-aa0fad51482c24ece58ec7186c45fd340b35ecb1.tar.gz rails-aa0fad51482c24ece58ec7186c45fd340b35ecb1.tar.bz2 rails-aa0fad51482c24ece58ec7186c45fd340b35ecb1.zip | |
Prevent `Marshal.load` from looping infinitely
Fix a bug in `Marshal.load` that caused it to loop indefinitely when
trying to autoload a constant that resolved to a different name.
This could occur when marshalling an ActiveRecord 4.0 object (e.g. into
memcached) and then trying to unmarshal it with Rails 4.2. The
marshalled payload contains a reference to
`ActiveRecord::ConnectionAdapters::Mysql2Adapter::Column`, which in
Rails 4.2 resolves to
`ActiveRecord::ConnectionAdapters::AbstractMysqlAdapter::Column`.
Diffstat (limited to 'activesupport/lib')
| -rw-r--r-- | activesupport/lib/active_support/core_ext/marshal.rb | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/activesupport/lib/active_support/core_ext/marshal.rb b/activesupport/lib/active_support/core_ext/marshal.rb index e333b26133..ca278cb2fa 100644 --- a/activesupport/lib/active_support/core_ext/marshal.rb +++ b/activesupport/lib/active_support/core_ext/marshal.rb @@ -5,7 +5,10 @@ module ActiveSupport rescue ArgumentError, NameError => exc if exc.message.match(%r|undefined class/module (.+)|) # try loading the class/module - $1.constantize + loaded = $1.constantize + + raise unless $1 == loaded.name + # if it is an IO we need to go back to read the object source.rewind if source.respond_to?(:rewind) retry |