File CVE-2022-44566.patch of Package rubygem-activerecord-5_1
--- activerecord.orig/lib/active_record/connection_adapters/postgresql/quoting.rb 2023-01-26 19:45:42.324107900 +0100
+++ activerecord/lib/active_record/connection_adapters/postgresql/quoting.rb 2023-01-26 19:47:50.118624174 +0100
@@ -2,6 +2,12 @@ module ActiveRecord
module ConnectionAdapters
module PostgreSQL
module Quoting
+ class IntegerOutOf64BitRange < StandardError
+ def initialize(msg)
+ super(msg)
+ end
+ end
+
# Escapes binary strings for bytea input to the database.
def escape_bytea(value)
@connection.escape_bytea(value) if value
@@ -81,7 +87,27 @@ module ActiveRecord
super(query_value("SELECT #{quote(sql_type)}::regtype::oid", "SCHEMA").to_i)
end
+ def check_int_in_range(value)
+ if value.to_int > 9223372036854775807 || value.to_int < -9223372036854775808
+ exception = <<~ERROR
+ Provided value outside of the range of a signed 64bit integer.
+
+ PostgreSQL will treat the column type in question as a numeric.
+ This may result in a slow sequential scan due to a comparison
+ being performed between an integer or bigint value and a numeric value.
+
+ To allow for this potentially unwanted behavior, set
+ ActiveRecord::Base.raise_int_wider_than_64bit to false.
+ ERROR
+ raise IntegerOutOf64BitRange.new exception
+ end
+ end
+
def _quote(value)
+ if ActiveRecord::Base.raise_int_wider_than_64bit && value.is_a?(Integer)
+ check_int_in_range(value)
+ end
+
case value
when OID::Xml::Data
"xml '#{quote_string(value.to_s)}'"
--- activerecord.orig/lib/active_record/core.rb 2023-01-26 19:45:42.324107900 +0100
+++ activerecord/lib/active_record/core.rb 2023-01-26 19:49:57.193114286 +0100
@@ -132,6 +132,14 @@ module ActiveRecord
mattr_accessor :warn_on_records_fetched_greater_than, instance_writer: false
self.warn_on_records_fetched_greater_than = nil
+ ##
+ # :singleton-method:
+ # Application configurable boolean that denotes whether or not to raise
+ # an exception when the PostgreSQLAdapter is provided with an integer that is
+ # wider than signed 64bit representation
+ mattr_accessor :raise_int_wider_than_64bit, instance_writer: false
+ self.raise_int_wider_than_64bit = true
+
mattr_accessor :maintain_test_schema, instance_accessor: false
mattr_accessor :belongs_to_required_by_default, instance_accessor: false