8000 bug #34383 [DI] Use reproducible entropy to generate env placeholders… · symfony/symfony@8522a88 · GitHub
[go: up one dir, main page]
Skip to content

Commit 8522a88

Browse files
fabpotfabpot
committed
bug #34383 [DI] Use reproducible entropy to generate env placeholders (nicolas-grekas)
This PR was merged into the 4.3 branch. Discussion ---------- [DI] Use reproducible entropy to generate env placeholders | Q | A | ------------- | --- | Branch? | 4.3 | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | - | License | MIT | Doc PR | - Bound arguments typically reference env vars, which are turned into random placeholders right now. When this randomness is used in a hash to generate the internal name of a service locator, the hash is totally random. This breaks reproducible builds. This PR replaces true randomness with reproducible entropy. Commits ------- 600ae33 [DI] Use reproducible entropy to generate env placeholders
2 parents d863fc2 + 600ae33 commit 8522a88

File tree

1 file changed

+10
-2
lines changed

1 file changed

+10
-2
lines changed

src/Symfony/Component/DependencyInjection/ParameterBag/EnvPlaceholderParameterBag.php

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,8 @@ class EnvPlaceholderParameterBag extends ParameterBag
2424
private $unusedEnvPlaceholders = [];
2525
private $providedTypes = [];
2626

27+
private static $counter = 0;
28+
2729
/**
2830
* {@inheritdoc}
2931
*/
@@ -57,7 +59,7 @@ public function get($name)
5759
}
5860
}
5961

60-
$uniqueName = md5($name.uniqid(mt_rand(), true));
62+
$uniqueName = md5($name.'_'.self::$counter++);
6163
$placeholder = sprintf('%s_%s_%s', $this->getEnvPlaceholderUniquePrefix(), str_replace(':', '_', $env), $uniqueName);
6264
$this->envPlaceholders[$env][$placeholder] = $placeholder;
6365

@@ -72,7 +74,13 @@ public function get($name)
7274
*/
7375
public function getEnvPlaceholderUniquePrefix(): string
7476
{
75-
return $this->envPlaceholderUniquePrefix ?? $this->envPlaceholderUniquePrefix = 'env_'.bin2hex(random_bytes(8));
77+
if (null === $this->envPlaceholderUniquePrefix) {
78+
$reproducibleEntropy = unserialize(serialize($this->parameters));
79+
array_walk_recursive($reproducibleEntropy, function (&$v) { $v = null; });
80+
$this->envPlaceholderUniquePrefix = 'env_'.substr(md5(serialize($reproducibleEntropy)), -16);
81+
}
82+
83+
return $this->envPlaceholderUniquePrefix;
7684
}
7785

7886
/**

0 commit comments

Comments
 (0)
0