Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Comparing changes

Choose two branches to see what's changed or to start a new pull request. If you need to, you can also compare across forks.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also compare across forks.
base fork: rails/rails
...
head fork: rails/rails
Checking mergeability… Don't worry, you can still create the pull request.
  • 10 commits
  • 22 files changed
  • 1 commit comment
  • 3 contributors
Commits on May 31, 2012
@tenderlove tenderlove Merge branch '3-0-stable-sec' into 3-0-stable
* 3-0-stable-sec:
  Strip [nil] from parameters hash. Thanks to Ben Murphy for reporting this!
  predicate builder should not recurse for determining where columns. Thanks to Ben Murphy for reporting this
33f8e4b
@tenderlove tenderlove Merge branch '3-0-rel' into 3-0-stable
* 3-0-rel:
  bumping to 3.0.13
  updating CHANGELOGs
  bumping to 3.0.13.rc1
b2feff2
Commits on Jun 08, 2012
@ernie ernie Additional fix for CVE-2012-2661
While the patched PredicateBuilder in 3.0.13 prevents a user
from specifying a table name using the `table.column` format,
it doesn't protect against the nesting of hashes changing the
table context in the next call to build_from_hash. This fix
covers this case as well.
176af7e
Commits on Jun 11, 2012
@tenderlove tenderlove Array parameters should not contain nil values. 2f3bc04
@kennyj kennyj Fix GH #3163. Should quote database on mysql/mysql2.
Conflicts:

	activerecord/test/cases/adapters/mysql/mysql_adapter_test.rb

Conflicts:

	activerecord/lib/active_record/connection_adapters/abstract_mysql_adapter.rb
	activerecord/test/cases/adapters/mysql/mysql_adapter_test.rb

Conflicts:

	activerecord/lib/active_record/connection_adapters/mysql2_adapter.rb
	activerecord/lib/active_record/connection_adapters/mysql_adapter.rb
	activerecord/test/cases/adapters/mysql/mysql_adapter_test.rb
	activerecord/test/cases/adapters/mysql2/schema_test.rb
6c0c40b
@tenderlove tenderlove Merge branch '3-0-stable-sec' into 3-0-stable-rel
* 3-0-stable-sec:
  Array parameters should not contain nil values.
  Additional fix for CVE-2012-2661
b9e048c
@tenderlove tenderlove bumping versions in the CHANGELOG 2c95963
@tenderlove tenderlove updating changelogs with security fixes 8cecac7
@tenderlove tenderlove bumping to 3.0.14 3fb762a
Commits on Jun 12, 2012
@tenderlove tenderlove updating changelogs 4be9dbf
View
2  RAILS_VERSION
@@ -1 +1 @@
-3.0.13
+3.0.14
View
4 actionmailer/CHANGELOG
@@ -1,3 +1,7 @@
+## Rails 3.0.14 (Jun 12, 2012)
+
+* No changes.
+
* Rails 3.0.13 (May 31, 2012)
* No changes.
View
2  actionmailer/lib/action_mailer/version.rb
@@ -2,7 +2,7 @@ module ActionMailer
module VERSION #:nodoc:
MAJOR = 3
MINOR = 0
- TINY = 13
+ TINY = 14
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
View
6 actionpack/CHANGELOG
@@ -1,3 +1,9 @@
+## Rails 3.0.14 (Jun 12, 2012)
+
+* nil is removed from array parameter values
+
+ CVE-2012-2694
+
* Rails 3.0.13 (May 31, 2012)
* Strip null bytes from Location header
View
6 actionpack/lib/action_dispatch/http/request.rb
@@ -262,17 +262,19 @@ def local?
# Remove nils from the params hash
def deep_munge(hash)
+ keys = hash.keys.find_all { |k| hash[k] == [nil] }
+ keys.each { |k| hash[k] = nil }
+
hash.each_value do |v|
case v
when Array
v.grep(Hash) { |x| deep_munge(x) }
+ v.compact!
when Hash
deep_munge(v)
end
end
- keys = hash.keys.find_all { |k| hash[k] == [nil] }
- keys.each { |k| hash[k] = nil }
hash
end
View
2  actionpack/lib/action_pack/version.rb
@@ -2,7 +2,7 @@ module ActionPack
module VERSION #:nodoc:
MAJOR = 3
MINOR = 0
- TINY = 13
+ TINY = 14
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
View
4 actionpack/test/dispatch/request/query_string_parsing_test.rb
@@ -89,6 +89,10 @@ def teardown
assert_parses({"action"=>{"foo"=>[{"bar"=>nil}]}}, "action[foo][][bar]")
end
+ def test_array_parses_without_nil
+ assert_parses({"action" => ['1']}, "action[]=1&action[]")
+ end
+
test "query string with empty key" do
assert_parses(
{ "action" => "create_customer", "full_name" => "David Heinemeier Hansson" },
View
4 activemodel/CHANGELOG
@@ -1,3 +1,7 @@
+## Rails 3.0.14 (Jun 12, 2012)
+
+* No changes.
+
* Rails 3.0.13 (May 31, 2012)
* No changes.
View
2  activemodel/lib/active_model/version.rb
@@ -2,7 +2,7 @@ module ActiveModel
module VERSION #:nodoc:
MAJOR = 3
MINOR = 0
- TINY = 13
+ TINY = 14
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
View
8 activerecord/CHANGELOG
@@ -1,3 +1,11 @@
+## Rails 3.0.14 (Jun 12, 2012)
+
+* protect against the nesting of hashes changing the
+ table context in the next call to build_from_hash. This fix
+ covers this case as well.
+
+ CVE-2012-2695
+
* Rails 3.0.13 (May 31, 2012)
* Bugfix circular reference while saving has_one relationship
View
8 activerecord/lib/active_record/connection_adapters/mysql_adapter.rb
@@ -403,9 +403,11 @@ def collation
end
def tables(name = nil, database = nil) #:nodoc:
- tables = []
- result = execute(["SHOW TABLES", database].compact.join(' IN '), name)
- result.each { |field| tables << field[0] }
+ sql = "SHOW TABLES "
+ sql << "IN #{quote_table_name(database)} " if database
+
+ result = execute(sql, 'SCHEMA')
+ tables = result.collect { |field| field[0] }
result.free
tables
end
View
6 activerecord/lib/active_record/relation/predicate_builder.rb
@@ -5,17 +5,17 @@ def initialize(engine)
@engine = engine
end
- def build_from_hash(attributes, default_table, check_column = true)
+ def build_from_hash(attributes, default_table, allow_table_name = true)
predicates = attributes.map do |column, value|
table = default_table
- if value.is_a?(Hash)
+ if allow_table_name && value.is_a?(Hash)
table = Arel::Table.new(column, :engine => @engine)
build_from_hash(value, table, false)
else
column = column.to_s
- if check_column && column.include?('.')
+ if allow_table_name && column.include?('.')
table_name, column = column.split('.', 2)
table = Arel::Table.new(table_name, :engine => @engine)
end
View
2  activerecord/lib/active_record/version.rb
@@ -2,7 +2,7 @@ module ActiveRecord
module VERSION #:nodoc:
MAJOR = 3
MINOR = 0
- TINY = 13
+ TINY = 14
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
View
10 activerecord/test/cases/adapters/mysql/schema_test.rb
@@ -19,6 +19,16 @@ def self.name; 'Post'; end
end
end
+ def test_tables_quoting
+ begin
+ @connection.tables(nil, "foo-bar")
+ flunk
+ rescue => e
+ # assertion for *quoted* database properly
+ assert_match(/database 'foo-bar'/, e.inspect)
+ end
+ end
+
def test_schema
assert @omgpost.find(:first)
end
View
6 activerecord/test/cases/relation/where_test.rb
@@ -11,6 +11,12 @@ def test_where_error
end
end
+ def test_where_error_with_hash
+ assert_raises(ActiveRecord::StatementInvalid) do
+ Post.where(:id => { :posts => {:author_id => 10} }).first
+ end
+ end
+
def test_where_with_table_name
post = Post.first
assert_equal post, Post.where(:posts => { 'id' => post.id }).first
View
4 activeresource/CHANGELOG
@@ -1,3 +1,7 @@
+## Rails 3.0.14 (Jun 12, 2012)
+
+* No changes.
+
* Rails 3.0.13 (May 31, 2012)
* No changes.
View
2  activeresource/lib/active_resource/version.rb
@@ -2,7 +2,7 @@ module ActiveResource
module VERSION #:nodoc:
MAJOR = 3
MINOR = 0
- TINY = 13
+ TINY = 14
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
View
4 activesupport/CHANGELOG
@@ -1,3 +1,7 @@
+## Rails 3.0.14 (Jun 12, 2012)
+
+* No changes.
+
* Rails 3.0.13 (May 31, 2012)
* Stop SafeBuffer#clone_empty from issuing warnings
View
2  activesupport/lib/active_support/version.rb
@@ -2,7 +2,7 @@ module ActiveSupport
module VERSION #:nodoc:
MAJOR = 3
MINOR = 0
- TINY = 13
+ TINY = 14
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
View
4 railties/CHANGELOG
@@ -1,3 +1,7 @@
+## Rails 3.0.14 (Jun 12, 2012)
+
+* No changes.
+
* Rails 3.0.13 (May 31, 2012)
* No changes.
View
2  railties/lib/rails/version.rb
@@ -2,7 +2,7 @@ module Rails
module VERSION #:nodoc:
MAJOR = 3
MINOR = 0
- TINY = 13
+ TINY = 14
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')
View
2  version.rb
@@ -2,7 +2,7 @@ module Rails
module VERSION #:nodoc:
MAJOR = 3
MINOR = 0
- TINY = 13
+ TINY = 14
PRE = nil
STRING = [MAJOR, MINOR, TINY, PRE].compact.join('.')

Showing you all comments on commits in this comparison.

@arunagw
Collaborator

This commit broke the build here http://travis-ci.org/#!/rails/rails/builds/1596517

Something went wrong with that request. Please try again.