From 78a465dd70ee8968ca4538820f45c049b3ea009f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rafael=20Mendon=C3=A7a=20Fran=C3=A7a?= Date: Tue, 11 Feb 2014 23:12:15 -0200 Subject: [PATCH] Use the reference for the mime type to get the format Before we were calling to_sym in the mime type, even when it is unknown what can cause denial of service since symbols are not removed by the garbage collector. Fixes: CVE-2014-0082 --- actionpack/lib/action_view/template/text.rb | 2 +- actionpack/test/template/text_test.rb | 17 +++++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 actionpack/test/template/text_test.rb diff --git a/actionpack/lib/action_view/template/text.rb b/actionpack/lib/action_view/template/text.rb index 51be831..12c9ed9 100644 --- a/actionpack/lib/action_view/template/text.rb +++ b/actionpack/lib/action_view/template/text.rb @@ -23,7 +23,7 @@ module ActionView #:nodoc: end def formats - [@mime_type.to_sym] + [@mime_type.respond_to?(:ref) ? @mime_type.ref : @mime_type.to_s] end def partial? diff --git a/actionpack/test/template/text_test.rb b/actionpack/test/template/text_test.rb new file mode 100644 index 0000000..d899d54 --- /dev/null +++ b/actionpack/test/template/text_test.rb @@ -0,0 +1,17 @@ +require 'abstract_unit' + +class TextTest < ActiveSupport::TestCase + test 'formats returns symbol for recognized MIME type' do + assert_equal [:text], ActionView::Template::Text.new('', :text).formats + end + + test 'formats returns string for recognized MIME type when MIME does not have symbol' do + foo = Mime::Type.lookup("foo") + assert_nil foo.to_sym + assert_equal ['foo'], ActionView::Template::Text.new('', foo).formats + end + + test 'formats returns string for unknown MIME type' do + assert_equal ['foo'], ActionView::Template::Text.new('', 'foo').formats + end +end -- 1.8.4.3