rentzsch · December 10, 2015 22:48
diff --git a/gistfile1.diff b/gistfile1.diff
 From 14eb6d9e9120f973fc78ae495bd73f7824afa6ff Mon Sep 17 00:00:00 2001
 From: rentzsch <[email protected]>
 Date: Thu, 10 Jan 2013 12:24:52 -0600
 Subject: [PATCH] [FIX] Backport Rails 2.3.15 security fix for CVE-2013-0156
 to Rails 2.2.2 since we're using
 https://github.com/michaeltyson/potionstore for its PayPal
 Website Payments Standard support and it's behind the
 times.

 ---
 .../lib/active_support/core_ext/hash/conversions.rb           | 11 +++++++++++
 1 file changed, 11 insertions(+)

 diff --git a/store/vendor/rails/activesupport/lib/active_support/core_ext/hash/conversions.rb b/store/vendor/rails/activesupport/lib/active_support/core_ext/hash/conversions.rb
 index 50dc7c6..fe49d3c 100644
 --- a/store/vendor/rails/activesupport/lib/active_support/core_ext/hash/conversions.rb
 +++ b/store/vendor/rails/activesupport/lib/active_support/core_ext/hash/conversions.rb
 @@ -43,6 +43,13 @@ module ActiveSupport #:nodoc:
     module Hash #:nodoc:
       module Conversions
 
 +        DISALLOWED_XML_TYPES = %w(symbol yaml)
 +        class DisallowedType < StandardError #:nodoc:
 +          def initialize(type)
 +            super "Disallowed type attribute: #{type.inspect}"
 +          end
 +        end
 +
         XML_TYPE_NAMES = {
           "Symbol"     => "symbol",
           "Fixnum"     => "integer",
 @@ -180,6 +187,10 @@ module ActiveSupport #:nodoc:
             def typecast_xml_value(value)
               case value.class.to_s
                 when 'Hash'
 +                  if value.include?('type') && !value['type'].is_a?(Hash) && DISALLOWED_XML_TYPES.include?(value['type'])
 +                    raise DisallowedType, value['type']
 +                  end
 +
                   if value['type'] == 'array'
                     child_key, entries = value.detect { |k,v| k != 'type' }   # child_key is throwaway
                     if entries.nil? || (c = value['__content__'] && c.blank?)
 -- 
 1.7.11.2
	From 14eb6d9e9120f973fc78ae495bd73f7824afa6ff Mon Sep 17 00:00:00 2001
	From: rentzsch <[email protected]>
	Date: Thu, 10 Jan 2013 12:24:52 -0600
	Subject: [PATCH] [FIX] Backport Rails 2.3.15 security fix for CVE-2013-0156
	to Rails 2.2.2 since we're using
	https://github.com/michaeltyson/potionstore for its PayPal
	Website Payments Standard support and it's behind the
	times.

	---
	.../lib/active_support/core_ext/hash/conversions.rb \| 11 +++++++++++
	1 file changed, 11 insertions(+)

	diff --git a/store/vendor/rails/activesupport/lib/active_support/core_ext/hash/conversions.rb b/store/vendor/rails/activesupport/lib/active_support/core_ext/hash/conversions.rb
	index 50dc7c6..fe49d3c 100644
	--- a/store/vendor/rails/activesupport/lib/active_support/core_ext/hash/conversions.rb
	+++ b/store/vendor/rails/activesupport/lib/active_support/core_ext/hash/conversions.rb
	@@ -43,6 +43,13 @@ module ActiveSupport #:nodoc:
	module Hash #:nodoc:
	module Conversions

	+ DISALLOWED_XML_TYPES = %w(symbol yaml)
	+ class DisallowedType < StandardError #:nodoc:
	+ def initialize(type)
	+ super "Disallowed type attribute: #{type.inspect}"
	+ end
	+ end
	+
	XML_TYPE_NAMES = {
	"Symbol" => "symbol",
	"Fixnum" => "integer",
	@@ -180,6 +187,10 @@ module ActiveSupport #:nodoc:
	def typecast_xml_value(value)
	case value.class.to_s
	when 'Hash'
	+ if value.include?('type') && !value['type'].is_a?(Hash) && DISALLOWED_XML_TYPES.include?(value['type'])
	+ raise DisallowedType, value['type']
	+ end
	+
	if value['type'] == 'array'
	child_key, entries = value.detect { \|k,v\| k != 'type' } # child_key is throwaway
	if entries.nil? \|\| (c = value['__content__'] && c.blank?)
	--
	1.7.11.2