File Coverage

blib/lib/HTTP/Session/ID/MD5.pm
Criterion Covered Total %
statement 18 19 94.7
branch 1 2 50.0
condition 1 3 33.3
subroutine 6 6 100.0
pod 0 1 0.0
total 26 31 83.8


line stmt bran cond sub pod time code
1             package HTTP::Session::ID::MD5;
2 2     2   230892 use strict;
  2         2  
  2         64  
3 2     2   8 use warnings;
  2         2  
  2         115  
4 2     2   21 use Carp ();
  2         2  
  2         36  
5 2     2   10 use Digest::MD5 ();
  2         3  
  2         23  
6 2     2   818 use Crypt::URandom ();
  2         6694  
  2         212  
7              
8             # Digest::MD5 was first released with perl 5.007003
9              
10             sub generate_id {
11 5     5 0 1374 my ($class, $sid_length) = @_;
12 5 50 33     53 if ( !defined($sid_length) || $sid_length !~ /\A[1-9][0-9]*\z/ ) {
13 0         0 Carp::croak "sid_length must be a positive integer";
14             }
15             # Hash cryptographically secure random bytes (CVE-2026-3256). md5 output is
16             # 128 bits, so 16 random bytes fully seed it; preserves the legacy hex format.
17 5         11 return substr(Digest::MD5::md5_hex(Crypt::URandom::urandom(16)), 0, $sid_length);
18             }
19              
20             1;