Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

CVE-2012-5664 options hashes should only be extracted if there are ex…

…tra parameters
  • Loading branch information...
commit 325669f0795a9148fd31f7f496a40dc8e114ef52 1 parent 7d592ba
@tenderlove tenderlove authored
View
7 activerecord/lib/active_record/dynamic_matchers.rb
@@ -40,7 +40,12 @@ def self.#{method_id}(*args) # def self.scope
METHOD
send(method_id, *arguments)
elsif match.finder?
- options = arguments.extract_options!
+ options = if arguments.length > attribute_names.size
+ arguments.extract_options!
+ else
+ {}
+ end
+
relation = options.any? ? scoped(options) : scoped
relation.send :find_by_attributes, match, attribute_names, *arguments, &block
elsif match.instantiator?
View
12 activerecord/test/cases/finder_test.rb
@@ -15,6 +15,18 @@
class FinderTest < ActiveRecord::TestCase
fixtures :companies, :topics, :entrants, :developers, :developers_projects, :posts, :comments, :accounts, :authors, :customers, :categories, :categorizations
+ def test_find_by_id_with_hash
+ assert_raises(ActiveRecord::StatementInvalid) do
+ Post.find_by_id(:limit => 1)
+ end
+ end
+
+ def test_find_by_title_and_id_with_hash
+ assert_raises(ActiveRecord::StatementInvalid) do
+ Post.find_by_title_and_id('foo', :limit => 1)
+ end
+ end
+
def test_find
assert_equal(topics(:first).title, Topic.find(1).title)
end
Please sign in to comment.
Something went wrong with that request. Please try again.