From 600ae332620015e750aed76fc825a4b48f03be52 Mon Sep 17 00:00:00 2001 From: Nicolas Grekas Date: Thu, 14 Nov 2019 19:27:47 +0100 Subject: [PATCH] [DI] Use reproducible entropy to generate env placeholders --- .../ParameterBag/EnvPlaceholderParameterBag.php | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/src/Symfony/Component/DependencyInjection/ParameterBag/EnvPlaceholderParameterBag.php b/src/Symfony/Component/DependencyInjection/ParameterBag/EnvPlaceholderParameterBag.php index fe27324e54..872408690b 100644 --- a/src/Symfony/Component/DependencyInjection/ParameterBag/EnvPlaceholderParameterBag.php +++ b/src/Symfony/Component/DependencyInjection/ParameterBag/EnvPlaceholderParameterBag.php @@ -24,6 +24,8 @@ class EnvPlaceholderParameterBag extends ParameterBag private $unusedEnvPlaceholders = []; private $providedTypes = []; + private static $counter = 0; + /** * {@inheritdoc} */ @@ -57,7 +59,7 @@ class EnvPlaceholderParameterBag extends ParameterBag } } - $uniqueName = md5($name.uniqid(mt_rand(), true)); + $uniqueName = md5($name.'_'.self::$counter++); $placeholder = sprintf('%s_%s_%s', $this->getEnvPlaceholderUniquePrefix(), str_replace(':', '_', $env), $uniqueName); $this->envPlaceholders[$env][$placeholder] = $placeholder; @@ -72,7 +74,13 @@ class EnvPlaceholderParameterBag extends ParameterBag */ public function getEnvPlaceholderUniquePrefix(): string { - return $this->envPlaceholderUniquePrefix ?? $this->envPlaceholderUniquePrefix = 'env_'.bin2hex(random_bytes(8)); + if (null === $this->envPlaceholderUniquePrefix) { + $reproducibleEntropy = unserialize(serialize($this->parameters)); + array_walk_recursive($reproducibleEntropy, function (&$v) { $v = null; }); + $this->envPlaceholderUniquePrefix = 'env_'.substr(md5(serialize($reproducibleEntropy)), -16); + } + + return $this->envPlaceholderUniquePrefix; } /**