diff options
| author | Brian Neel <brian@gitlab.com> | 2017-08-03 22:20:34 -0400 |
|---|---|---|
| committer | Brian Neel <brian@gitlab.com> | 2017-08-08 10:50:54 -0400 |
| commit | 9770c57fab0315865a33c8b6df269eded0d57b5c (patch) | |
| tree | 5a7c7a9fccbce5ef3ccf6b02b1297aace41101fd /config | |
| parent | b612a47da0e0225332a59ab961206f84602ad629 (diff) | |
| download | gitlab-ce-9770c57fab0315865a33c8b6df269eded0d57b5c.tar.gz | |
Re-enable SqlInjection and CommandInjection
Diffstat (limited to 'config')
| -rw-r--r-- | config/application.rb | 2 | ||||
| -rw-r--r-- | config/initializers/active_record_locking.rb | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/config/application.rb b/config/application.rb index 47887bf8596..f69dab4de39 100644 --- a/config/application.rb +++ b/config/application.rb @@ -176,7 +176,7 @@ module Gitlab next unless name.include?('namespace_project') define_method(name.sub('namespace_project', 'project')) do |project, *args| - send(name, project&.namespace, project, *args) + send(name, project&.namespace, project, *args) # rubocop:disable GitlabSecurity/PublicSend end end end diff --git a/config/initializers/active_record_locking.rb b/config/initializers/active_record_locking.rb index 9266ff0f615..150aaa2a8c2 100644 --- a/config/initializers/active_record_locking.rb +++ b/config/initializers/active_record_locking.rb @@ -18,7 +18,7 @@ module ActiveRecord lock_col = self.class.locking_column - previous_lock_value = send(lock_col).to_i + previous_lock_value = send(lock_col).to_i # rubocop:disable GitlabSecurity/PublicSend # This line is added as a patch previous_lock_value = nil if previous_lock_value == '0' || previous_lock_value == 0 @@ -48,7 +48,7 @@ module ActiveRecord # If something went wrong, revert the version. rescue Exception - send(lock_col + '=', previous_lock_value) + send(lock_col + '=', previous_lock_value) # rubocop:disable GitlabSecurity/PublicSend raise end end |