From: Jean-Philippe Lang <jp_lang@yahoo.fr>
Date: Sun, 15 Mar 2015 14:38:46 +0000 (+0000)
Subject: Make sure that settings are unserialized as UTF-8 encoded strings (#19305).
X-Git-Tag: 3.1.0~192
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=ed2a3a2244980bc39fba05a0d0e4de2e0b628211;p=redmine.git

Make sure that settings are unserialized as UTF-8 encoded strings (#19305).

git-svn-id: http://svn.redmine.org/redmine/trunk@14112 e93f8b46-1217-0410-a6f0-8f06a7374b81
---

diff --git a/app/models/setting.rb b/app/models/setting.rb
index ca280ebcd..2574649f3 100644
--- a/app/models/setting.rb
+++ b/app/models/setting.rb
@@ -91,7 +91,10 @@ class Setting < ActiveRecord::Base
   def value
     v = read_attribute(:value)
     # Unserialize serialized settings
-    v = YAML::load(v) if available_settings[name]['serialized'] && v.is_a?(String)
+    if available_settings[name]['serialized'] && v.is_a?(String)
+      v = YAML::load(v)
+      v = force_utf8_strings(v)
+    end
     v = v.to_sym if available_settings[name]['format'] == 'symbol' && !v.blank?
     v
   end
@@ -238,6 +241,25 @@ END_SRC
   load_plugin_settings
 
 private
+
+  def force_utf8_strings(arg)
+    if arg.is_a?(String)
+      arg.dup.force_encoding('UTF-8')
+    elsif arg.is_a?(Array)
+      arg.map do |a|
+        force_utf8_strings(a)
+      end
+    elsif arg.is_a?(Hash)
+      arg = arg.dup
+      arg.each do |k,v|
+        arg[k] = force_utf8_strings(v)
+      end
+      arg
+    else
+      arg
+    end
+  end
+
   # Returns the Setting instance for the setting named name
   # (record found in database or new record with default value)
   def self.find_or_default(name)
diff --git a/test/unit/setting_test.rb b/test/unit/setting_test.rb
index 46383e867..6c3c27df9 100644
--- a/test/unit/setting_test.rb
+++ b/test/unit/setting_test.rb
@@ -1,3 +1,5 @@
+# encoding: utf-8
+#
 # Redmine - project management software
 # Copyright (C) 2006-2015  Jean-Philippe Lang
 #
@@ -101,4 +103,25 @@ class SettingTest < ActiveSupport::TestCase
       assert_equal [10, 25, 50], Setting.per_page_options_array
     end
   end
+
+  def test_setting_serialied_as_binary_should_be_loaded_as_utf8_encoded_strings
+    yaml = <<-YAML
+--- 
+- keywords: !binary |
+    Zml4ZXMsY2xvc2VzLNC40YHQv9GA0LDQstC70LXQvdC+LNCz0L7RgtC+0LLQ
+    vizRgdC00LXQu9Cw0L3QvixmaXhlZA==
+
+  done_ratio: "100"
+  status_id: "5"
+YAML
+
+    Setting.commit_update_keywords = {}
+    assert_equal 1, Setting.where(:name => 'commit_update_keywords').update_all(:value => yaml)
+    Setting.clear_cache
+
+    assert_equal 'UTF-8', Setting.commit_update_keywords.first['keywords'].encoding.name
+  ensure
+    Setting.where(:name => 'commit_update_keywords').delete_all
+    Setting.clear_cache
+  end
 end