Topic: Various FA Vulnerabilities that need to be addressed
Line 973 in reporting/includes/pdf_report.inc:
$fname = $dir.'/'.uniqid('').'.pdf';
can be changed to
$fname = $dir.'/'.md5(uniqid(mt_rand(), true)).'.pdf';
This improves the entropy from 10 to 29 bits but is still not good enough and is used in line 69 of includes/ui/ui_controls.inc.
Other places like this are in some repXXX.php files:
$filename = company_path(). "/pdf_files/". uniqid("").".png";
that need similar changes. Several others files in FA use uniqid too and will need some changes like this.
With or without the more_entropy option, uniqid(), as represented in the PHP sample code and documentation, results in poor entropy and should not be used.
@joe: can we include this in both repos?