https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17494 --- Comment #2 from Kyle M Hall <kyle@bywatersolutions.com> --- (In reply to Jonathan Druart from comment #1)
Have you seen that with your own eyes? :) It seems very unlikely to get twice the same memory address to calculate the md5.
Yes, and I agree it does seem unlikely, but I've actually seen it multiple times! I think maybe memory re-use is possibly higher under plack? Perhaps instead of using the patron hash to generate an md5 we should just use a random alphanumeric string generator, check the db to make sure that number doesn't already exist, and enforce uniqueness on the token column to ensure this situation cannot possibly happen. -- You are receiving this mail because: You are watching all bug changes.