Symfony version(s) affected

7.1.0

Description

https://github.com/symfony/lock/blob/7.1/Store/DoctrineDbalPostgreSqlStore.php#L233

Here we take CRC32 from key's name to make a call to Postgres'spg_advisory_lock. Butpg_advisory_lock takesint64 as a parameter and we can make it part ofshaxxx()'s result, for instance. CRC32 is not very collision-resistant and in case application has many locks active, it may degrade.

How to reproduce

https://github.com/symfony/lock/blob/7.1/Store/DoctrineDbalPostgreSqlStore.php#L233

Possible Solution

Move to more collision resistant hash generation function.

Additional Context

No response