722c45f641
Exclude missing marshal_dump and _dump methods from being delegated to an object's delegation target via the delegate_missing_to extension. This avoids unintentionally adding instance variables to an object during marshallization, should the delegation target be a method which would otherwise add them. In current versions of Ruby, a bug exists in the way objects are marshalled, allowing for instance variables to be added or removed during marshallization (see https://bugs.ruby-lang.org/issues/15968). This results in a corrupted serialized byte stream, causing an object's instance variables to "leak" into subsequent serialized objects during demarshallization. In Rails, this behavior may be triggered when marshalling an object that uses the delegate_missing_to extension, if the delegation target is a method which adds or removes instance variables to an object being marshalled - when calling Marshal.dump(object), Ruby's built in behavior will check whether the object responds to :marshal_dump or :_dump, which in turn triggers the delegation target method in the responds_to_missing? function defined in activesupport/lib/active_support/core_ext/module/delegation.rb While future versions of Ruby will resolve this bug by raising a RuntimeError, the underlying cause of this error may not be readily apparent when encountered by Rails developers. By excluding marshal_dump and _dump from being delegated to an object's target, this commit eliminates a potential cause of unexpected behavior and/or RuntimeErrors. Fixes #36522 |
||
|---|---|---|
| .. | ||
| bin | ||
| lib | ||
| test | ||
| .gitignore | ||
| activesupport.gemspec | ||
| CHANGELOG.md | ||
| MIT-LICENSE | ||
| Rakefile | ||
| README.rdoc | ||
= Active Support -- Utility classes and Ruby extensions from Rails
Active Support is a collection of utility classes and standard library
extensions that were found useful for the Rails framework. These additions
reside in this package so they can be loaded as needed in Ruby projects
outside of Rails.
You can read more about the extensions in the {Active Support Core Extensions}[https://edgeguides.rubyonrails.org/active_support_core_extensions.html] guide.
== Download and installation
The latest version of Active Support can be installed with RubyGems:
$ gem install activesupport
Source code can be downloaded as part of the Rails project on GitHub:
* https://github.com/rails/rails/tree/master/activesupport
== License
Active Support is released under the MIT license:
* https://opensource.org/licenses/MIT
== Support
API documentation is at:
* https://api.rubyonrails.org
Bug reports for the Ruby on Rails project can be filed here:
* https://github.com/rails/rails/issues
Feature requests should be discussed on the rails-core mailing list here:
* https://groups.google.com/forum/?fromgroups#!forum/rubyonrails-core