From 38edea0c912f19b5c6a689465be71b29d9da101d Mon Sep 17 00:00:00 2001
From: Aaron Patterson <aaron.patterson@gmail.com>
Date: Sun, 10 Jun 2012 22:44:54 -0500
Subject: Array parameters should not contain nil values.

---
 actionpack/lib/action_dispatch/http/request.rb                | 6 ++++--
 actionpack/test/dispatch/request/query_string_parsing_test.rb | 4 ++++
 2 files changed, 8 insertions(+), 2 deletions(-)

(limited to 'actionpack')

diff --git a/actionpack/lib/action_dispatch/http/request.rb b/actionpack/lib/action_dispatch/http/request.rb
index adbb5d1346..afc0496ef9 100644
--- a/actionpack/lib/action_dispatch/http/request.rb
+++ b/actionpack/lib/action_dispatch/http/request.rb
@@ -251,17 +251,19 @@ module ActionDispatch
 
     # Remove nils from the params hash
     def deep_munge(hash)
+      keys = hash.keys.find_all { |k| hash[k] == [nil] }
+      keys.each { |k| hash[k] = nil }
+
       hash.each_value do |v|
         case v
         when Array
           v.grep(Hash) { |x| deep_munge(x) }
+          v.compact!
         when Hash
           deep_munge(v)
         end
       end
 
-      keys = hash.keys.find_all { |k| hash[k] == [nil] }
-      keys.each { |k| hash[k] = nil }
       hash
     end
 
diff --git a/actionpack/test/dispatch/request/query_string_parsing_test.rb b/actionpack/test/dispatch/request/query_string_parsing_test.rb
index 181f51add5..bc0641e3a0 100644
--- a/actionpack/test/dispatch/request/query_string_parsing_test.rb
+++ b/actionpack/test/dispatch/request/query_string_parsing_test.rb
@@ -89,6 +89,10 @@ class QueryStringParsingTest < ActionDispatch::IntegrationTest
     assert_parses({"action"=>{"foo"=>[{"bar"=>nil}]}}, "action[foo][][bar]")
   end
 
+  def test_array_parses_without_nil
+    assert_parses({"action" => ['1']}, "action[]=1&action[]")
+  end
+
   test "query string with empty key" do
     assert_parses(
       { "action" => "create_customer", "full_name" => "David Heinemeier Hansson" },
-- 
cgit v1.2.3


From ceb8ec3eff84b430d3c5630bd1ff38d10c8aa209 Mon Sep 17 00:00:00 2001
From: Aaron Patterson <aaron.patterson@gmail.com>
Date: Mon, 11 Jun 2012 15:39:59 -0700
Subject: updating changelogs with security fixes

---
 actionpack/CHANGELOG.md | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'actionpack')

diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md
index 75fb902196..81ad747684 100644
--- a/actionpack/CHANGELOG.md
+++ b/actionpack/CHANGELOG.md
@@ -1,5 +1,7 @@
 ## Rails 3.2.6 (unreleased) ##
 
+*   nil is removed from array parameter values
+
 *   Deprecate `:confirm` in favor of `':data => { :confirm => "Text" }'` option for `button_to`, `button_tag`, `image_submit_tag`, `link_to` and `submit_tag` helpers.
 
     *Carlos Galdino*
-- 
cgit v1.2.3


From ee4209a31eff868aff8d2c2f836e703256c4038e Mon Sep 17 00:00:00 2001
From: Aaron Patterson <aaron.patterson@gmail.com>
Date: Mon, 11 Jun 2012 15:40:36 -0700
Subject: bumping version numbers

---
 actionpack/lib/action_pack/version.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'actionpack')

diff --git a/actionpack/lib/action_pack/version.rb b/actionpack/lib/action_pack/version.rb
index 8df68441c3..58ccf8ebc2 100644
--- a/actionpack/lib/action_pack/version.rb
+++ b/actionpack/lib/action_pack/version.rb
@@ -2,7 +2,7 @@ module ActionPack
   module VERSION #:nodoc:
     MAJOR = 3
     MINOR = 2
-    TINY  = 5
+    TINY  = 6
     PRE   = nil
 
     STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
-- 
cgit v1.2.3


From 8381d398cedf3e95fb073b8110d80f636cff449c Mon Sep 17 00:00:00 2001
From: Aaron Patterson <aaron.patterson@gmail.com>
Date: Tue, 12 Jun 2012 14:02:40 -0700
Subject: updating changelogs

---
 actionpack/CHANGELOG.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'actionpack')

diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md
index 81ad747684..4b483b200f 100644
--- a/actionpack/CHANGELOG.md
+++ b/actionpack/CHANGELOG.md
@@ -1,7 +1,9 @@
-## Rails 3.2.6 (unreleased) ##
+## Rails 3.2.6 (Jun 12, 2012) ##
 
 *   nil is removed from array parameter values
 
+    CVE-2012-2694
+
 *   Deprecate `:confirm` in favor of `':data => { :confirm => "Text" }'` option for `button_to`, `button_tag`, `image_submit_tag`, `link_to` and `submit_tag` helpers.
 
     *Carlos Galdino*
-- 
cgit v1.2.3