Fixes defect in which encrypted_attributes state was shared across al…

…l instances of a given class due to shallow dup. This caused random OpenSSL::Cipher::CipherError errors, particularly in cases in which concurrent encrypts/decrypts were occurring.
wealthsimple · Jul 19, 2018 · d4ca0e2 · d4ca0e2
1 parent 55839af
commit d4ca0e2
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 1 deletion.
diff --git a/lib/attr_encrypted.rb b/lib/attr_encrypted.rb
@@ -354,7 +354,11 @@ def encrypt(attribute, value)
     # and their corresponding options as values to the instance
     #
     def encrypted_attributes
-      @encrypted_attributes ||= self.class.encrypted_attributes.dup
+      @encrypted_attributes ||= begin
+        duplicated= {}
+        self.class.encrypted_attributes.map { |key, value| duplicated[key] = value.dup }
+        duplicated
+      end
     end
 
     protected

diff --git a/test/attr_encrypted_test.rb b/test/attr_encrypted_test.rb
@@ -466,4 +466,14 @@ def test_should_not_by_default_generate_iv_when_attribute_is_empty
     user.with_true_if = nil
     assert_nil user.encrypted_with_true_if_iv
   end
+
+  def test_encrypted_attributes_state_is_not_shared
+    user = User.new
+    user.ssn = '123456789'
+
+    another_user = User.new
+
+    assert_equal :encrypting, user.encrypted_attributes[:ssn][:operation]
+    assert_nil another_user.encrypted_attributes[:ssn][:operation]
+  end
 end