33 lines
1.2 KiB
Diff
33 lines
1.2 KiB
Diff
From 07d9600172a18b45791c89e95a642e13fc367545 Mon Sep 17 00:00:00 2001
|
|
From: Jean Boussier <jean.boussier@gmail.com>
|
|
Date: Fri, 11 Feb 2022 13:09:30 +0100
|
|
Subject: [PATCH] ActionDispatch::Executor don't fully trust `body#close`
|
|
|
|
Under certain circumstances, the middleware isn't informed that the
|
|
response body has been fully closed which result in request state not
|
|
being fully reset before the next request.
|
|
|
|
[CVE-2022-23633]
|
|
---
|
|
.../action_dispatch/middleware/executor.rb | 2 +-
|
|
actionpack/test/dispatch/executor_test.rb | 21 ++++++++++++++
|
|
2 files changed, 15 insertions(+), 1 deletions(-)
|
|
|
|
diff --git a/actionpack/lib/action_dispatch/middleware/executor.rb b/actionpack/lib/action_dispatch/middleware/executor.rb
|
|
index 129b18d3d9..a32f916260 100644
|
|
--- a/actionpack/lib/action_dispatch/middleware/executor.rb
|
|
+++ b/actionpack/lib/action_dispatch/middleware/executor.rb
|
|
@@ -9,7 +9,7 @@ def initialize(app, executor)
|
|
end
|
|
|
|
def call(env)
|
|
- state = @executor.run!
|
|
+ state = @executor.run!(reset: true)
|
|
begin
|
|
response = @app.call(env)
|
|
returned = response << ::Rack::BodyProxy.new(response.pop) { state.complete! }
|
|
|
|
--
|
|
2.25.1
|
|
|