[wp-trac] [WordPress Trac] #59239: wp_generate_uuid4 collisions

Tue Aug 29 12:19:00 UTC 2023

#59239: wp_generate_uuid4 collisions
--------------------------+-----------------------------
 Reporter:  joppuyo       |      Owner:  (none)
     Type:  defect (bug)  |     Status:  new
 Priority:  normal        |  Milestone:  Awaiting Review
Component:  General       |    Version:
 Severity:  normal        |   Keywords:
  Focuses:                |
--------------------------+-----------------------------
 It seems like `wp_generate_uuid4()` is prone to creating UUID collisions,
 since it internally uses `mt_rand`, which uses a 32-bit seed. When this
 seed repeats, it will generate the same UUID twice. Maybe it should be
 updated to use `wp_rand` instead which uses `random_int` so it's backed by
 a real CSPRNG?

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/59239>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform