From f08bf726d3038f062dd7485614d1ea85d952f121 Mon Sep 17 00:00:00 2001
From: Edouard CHIN <edouard.chin@shopify.com>
Date: Thu, 11 Jul 2019 16:25:40 +0200
Subject: Return a copy of the cache entry when local_cache exists:

- When the local cache exists (during the request lifecycle), the
  entry returned from the LocalStore is passed as a reference which
  means mutable object can accidentaly get modified.

  This behaviour seems unnecessarily unsafe and is prone to
  issues like it happened in our application.

  This patch dup the `Entry` returned from the cache and dup it's
  internal value.
---
 activesupport/lib/active_support/cache/strategy/local_cache.rb | 5 ++++-
 activesupport/test/cache/behaviors/local_cache_behavior.rb     | 9 +++++++++
 2 files changed, 13 insertions(+), 1 deletion(-)

(limited to 'activesupport')

diff --git a/activesupport/lib/active_support/cache/strategy/local_cache.rb b/activesupport/lib/active_support/cache/strategy/local_cache.rb
index 39b32fc7f6..4ca084163b 100644
--- a/activesupport/lib/active_support/cache/strategy/local_cache.rb
+++ b/activesupport/lib/active_support/cache/strategy/local_cache.rb
@@ -75,7 +75,10 @@ module ActiveSupport
           end
 
           def fetch_entry(key, options = nil) # :nodoc:
-            @data.fetch(key) { @data[key] = yield }
+            entry = @data.fetch(key) { @data[key] = yield }
+            dup_entry = entry.dup
+            dup_entry&.dup_value!
+            dup_entry
           end
         end
 
diff --git a/activesupport/test/cache/behaviors/local_cache_behavior.rb b/activesupport/test/cache/behaviors/local_cache_behavior.rb
index baa38ba6ac..6f5d53c190 100644
--- a/activesupport/test/cache/behaviors/local_cache_behavior.rb
+++ b/activesupport/test/cache/behaviors/local_cache_behavior.rb
@@ -46,6 +46,15 @@ module LocalCacheBehavior
     end
   end
 
+  def test_local_cache_of_read_returns_a_copy_of_the_entry
+    @cache.with_local_cache do
+      @cache.write(:foo, type: "bar")
+      value = @cache.read(:foo)
+      assert_equal("bar", value.delete(:type))
+      assert_equal({ type: "bar" }, @cache.read(:foo))
+    end
+  end
+
   def test_local_cache_of_read
     @cache.write("foo", "bar")
     @cache.with_local_cache do
-- 
cgit v1.2.3