Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 8522a88

Browse filesBrowse files
fabpotfabpot
committed
bug #34383 [DI] Use reproducible entropy to generate env placeholders (nicolas-grekas)
This PR was merged into the 4.3 branch. Discussion ---------- [DI] Use reproducible entropy to generate env placeholders | Q | A | ------------- | --- | Branch? | 4.3 | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | - | License | MIT | Doc PR | - Bound arguments typically reference env vars, which are turned into random placeholders right now. When this randomness is used in a hash to generate the internal name of a service locator, the hash is totally random. This breaks reproducible builds. This PR replaces true randomness with reproducible entropy. Commits ------- 600ae33 [DI] Use reproducible entropy to generate env placeholders
2 parents d863fc2 + 600ae33 commit 8522a88
Copy full SHA for 8522a88

File tree

1 file changed

+10
-2
lines changed
Filter options

1 file changed

+10
-2
lines changed

‎src/Symfony/Component/DependencyInjection/ParameterBag/EnvPlaceholderParameterBag.php

Copy file name to clipboardExpand all lines: src/Symfony/Component/DependencyInjection/ParameterBag/EnvPlaceholderParameterBag.php
+10-2Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,8 @@ class EnvPlaceholderParameterBag extends ParameterBag
2424
private $unusedEnvPlaceholders = [];
2525
private $providedTypes = [];
2626

27+
private static $counter = 0;
28+
2729
/**
2830
* {@inheritdoc}
2931
*/
@@ -57,7 +59,7 @@ public function get($name)
5759
}
5860
}
5961

60-
$uniqueName = md5($name.uniqid(mt_rand(), true));
62+
$uniqueName = md5($name.'_'.self::$counter++);
6163
$placeholder = sprintf('%s_%s_%s', $this->getEnvPlaceholderUniquePrefix(), str_replace(':', '_', $env), $uniqueName);
6264
$this->envPlaceholders[$env][$placeholder] = $placeholder;
6365

@@ -72,7 +74,13 @@ public function get($name)
7274
*/
7375
public function getEnvPlaceholderUniquePrefix(): string
7476
{
75-
return $this->envPlaceholderUniquePrefix ?? $this->envPlaceholderUniquePrefix = 'env_'.bin2hex(random_bytes(8));
77+
if (null === $this->envPlaceholderUniquePrefix) {
78+
$reproducibleEntropy = unserialize(serialize($this->parameters));
79+
array_walk_recursive($reproducibleEntropy, function (&$v) { $v = null; });
80+
$this->envPlaceholderUniquePrefix = 'env_'.substr(md5(serialize($reproducibleEntropy)), -16);
81+
}
82+
83+
return $this->envPlaceholderUniquePrefix;
7684
}
7785

7886
/**

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.