Opened 11 months ago
#59239 new defect (bug)
wp_generate_uuid4 collisions
| Reported by: |
joppuyo
|
Owned by: | |
|---|---|---|---|
| Milestone: | Awaiting Review | Priority: | normal |
| Severity: | normal | Version: | |
| Component: | General | Keywords: | |
| Focuses: | Cc: |
Description
It seems like wp_generate_uuid4() is prone to creating UUID collisions, since it internally uses mt_rand, which uses a 32-bit seed. When this seed repeats, it will generate the same UUID twice. Maybe it should be updated to use wp_rand instead which uses random_int so it's backed by a real CSPRNG?
Note: See
TracTickets for help on using
tickets.