36 lines
1.3 KiB
Diff
36 lines
1.3 KiB
Diff
From 63e8026805ae9e78ef44efd72e07aeca5c2244fe Mon Sep 17 00:00:00 2001
|
|
From: wang_yue111 <648774160@qq.com>
|
|
Date: Mon, 15 Mar 2021 11:14:45 +0800
|
|
Subject: [PATCH] Fix possible DoS vector in PostgreSQL money type
|
|
|
|
Carefully crafted input can cause a DoS via the regular expressions used
|
|
for validating the money format in the PostgreSQL adapter. This patch
|
|
fixes the regexp.
|
|
|
|
Thanks to @dee-see from Hackerone for this patch!
|
|
|
|
[CVE-2021-22880]
|
|
---
|
|
lib/active_record/connection_adapters/postgresql/oid/money.rb | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/lib/active_record/connection_adapters/postgresql/oid/money.rb b/lib/active_record/connection_adapters/postgresql/oid/money.rb
|
|
index 6434377..3703e9a 100644
|
|
--- a/lib/active_record/connection_adapters/postgresql/oid/money.rb
|
|
+++ b/lib/active_record/connection_adapters/postgresql/oid/money.rb
|
|
@@ -26,9 +26,9 @@ module ActiveRecord
|
|
|
|
value = value.sub(/^\((.+)\)$/, '-\1') # (4)
|
|
case value
|
|
- when /^-?\D+[\d,]+\.\d{2}$/ # (1)
|
|
+ when /^-?\D*+[\d,]+\.\d{2}$/ # (1)
|
|
value.gsub!(/[^-\d.]/, "")
|
|
- when /^-?\D+[\d.]+,\d{2}$/ # (2)
|
|
+ when /^-?\D*+[\d.]+,\d{2}$/ # (2)
|
|
value.gsub!(/[^-\d,]/, "").sub!(/,/, ".")
|
|
end
|
|
|
|
--
|
|
2.23.0
|
|
|