stop calling to_sym when building arel nodes [CVE-2013-1854]

activerecord/lib/active_record/base.rb

@@ -2307,7 +2307,7 @@ def aggregate_mapping(reflection)
         def expand_hash_conditions_for_aggregates(attrs)
           expanded_attrs = {}
           attrs.each do |attr, value|
-            unless (aggregation = reflect_on_aggregation(attr.to_sym)).nil?
+            unless (aggregation = reflect_on_aggregation(attr)).nil?
               mapping = aggregate_mapping(aggregation)
               mapping.each do |field_attr, aggregate_attr|
                 if mapping.size == 1 && !value.respond_to?(aggregate_attr)

activerecord/lib/active_record/reflection.rb

@@ -18,7 +18,7 @@ def create_reflection(macro, name, options, active_record)
           when :composed_of
             reflection = AggregateReflection.new(macro, name, options, active_record)
         end
-        write_inheritable_hash :reflections, name => reflection
+        write_inheritable_hiwa :reflections, name => reflection
         reflection
       end
 

activesupport/lib/active_support/core_ext/class/inheritable_attributes.rb

@@ -109,6 +109,11 @@ def write_inheritable_hash(key, hash)
     write_inheritable_attribute(key, read_inheritable_attribute(key).merge(hash))
   end
 
+  def write_inheritable_hiwa(key, hash)
+    write_inheritable_attribute(key, {}.with_indifferent_access) if read_inheritable_attribute(key).nil?
+    write_inheritable_attribute(key, read_inheritable_attribute(key).merge(hash))
+  end
+
   def read_inheritable_attribute(key)
     inheritable_attributes[key]
   end