Reject signed hexadecimal numbers while validating numericality

activemodel/lib/active_model/validations/numericality.rb

@@ -13,6 +13,8 @@ module ActiveModel
 
       INTEGER_REGEX = /\A[+-]?\d+\z/
 
+      HEXADECIMAL_REGEX = /\A[+-]?0[xX]/
+
       def check_validity!
         keys = CHECKS.keys - [:odd, :even]
         options.slice(*keys).each do |option, value|
@@ -106,7 +108,7 @@ module ActiveModel
       end
 
       def is_hexadecimal_literal?(raw_value)
-        /\A0[xX]/.match?(raw_value.to_s)
+        HEXADECIMAL_REGEX.match?(raw_value.to_s)
       end
 
       def filtered_options(value)

activemodel/test/cases/validations/numericality_validation_test.rb

@@ -21,7 +21,7 @@ class NumericalityValidationTest < ActiveModel::TestCase
   FLOATS = [0.0, 10.0, 10.5, -10.5, -0.0001] + FLOAT_STRINGS
   INTEGERS = [0, 10, -10] + INTEGER_STRINGS
   BIGDECIMAL = BIGDECIMAL_STRINGS.collect! { |bd| BigDecimal(bd) }
-  JUNK = ["not a number", "42 not a number", "0xdeadbeef", "0xinvalidhex", "0Xdeadbeef", "00-1", "--3", "+-3", "+3-1", "-+019.0", "12.12.13.12", "123\nnot a number"]
+  JUNK = ["not a number", "42 not a number", "0xdeadbeef", "-0xdeadbeef", "+0xdeadbeef", "0xinvalidhex", "0Xdeadbeef", "00-1", "--3", "+-3", "+3-1", "-+019.0", "12.12.13.12", "123\nnot a number"]
   INFINITY = [1.0 / 0.0]
 
   def test_default_validates_numericality_of