activerecord/lib/active_record.rb · v7.0.5.1 · Rails relative code / rails-deleted-2

Nov 21, 2022

Added integer width check to PostgreSQL::Quoting · 2a5f4686

Zack Deveau authored Nov 21, 2022

Given a value outside the range for a 64bit signed integer type
PostgreSQL will treat the column type as numeric.
Comparing integer values against numeric values can result
in a slow sequential scan.

This behavior is configurable via
ActiveRecord.raise_int_wider_than_64bit which defaults to true.

[CVE-2022-44566]

2a5f4686

Added integer width check to PostgreSQL::Quoting

Zack Deveau authored Nov 21, 2022

Given a value outside the range for a 64bit signed integer type
PostgreSQL will treat the column type as numeric.
Comparing integer values against numeric values can result
in a slow sequential scan.

This behavior is configurable via
ActiveRecord.raise_int_wider_than_64bit which defaults to true.

[CVE-2022-44566]