rpms / rh-ror42-rubygem-activerecord

Clone
Source Code
GIT

Blame SOURCES/rubygem-activerecord-4.2.7.1-CVE-2016-6317-unsafe-query.patch

c7
  1.   34ec44a9a1ca76169e6c07351a7bf4280158eedc
  2.   SOURCES
  3.   rubygem-activerecord-4.2.7.1-CVE-2016-6317-unsafe-query.patch
Blob History Raw
34ec44 
diff --git a/activerecord/lib/active_record/relation/predicate_builder/array_handler.rb b/activerecord/lib/active_record/relation/predicate_builder/array_handler.rb
34ec44 
index fb08326..d4e74eb 100644
34ec44 
--- a/activerecord/lib/active_record/relation/predicate_builder/array_handler.rb
34ec44 
+++ b/activerecord/lib/active_record/relation/predicate_builder/array_handler.rb
34ec44 
@@ -14,7 +14,8 @@ def call(attribute, value)
34ec44 
             it for 'IN' conditions.
34ec44 
           MSG
34ec44
34ec44 
-          values = values.flatten
34ec44 
+          flat_values = values.flatten
34ec44 
+          values = flat_values unless flat_values.include?(nil)
34ec44 
         end
34ec44
34ec44 
         return attribute.in([]) if values.empty? && nils.empty?

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation