251979 - mysql passphrase revealed on server error

Status: RESOLVED DUPLICATE of bug 227191

(Bugzilla :: Bugzilla-General, defect)

Description

[Paul]

User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.1) Gecko/20040715 Galeon/1.3.16 (Debian package 1.3.16-1)
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.1) Gecko/20040715 Galeon/1.3.16 (Debian package 1.3.16-1)

Version bugzilla-2.17.6
The error message with sensitive data removed, [PASSPHRASE] contains the actual
passphrase:

DBI connect('host=[HOST];database=[DB];port=3306','[USERNAME]',...) failed: Too
many connections at /usr/local/lib/perl5/site_perl/5.6.1/i686-linux/DBI.pm line 586
	DBI::__ANON__(undef, undef) called at
/usr/local/lib/perl5/site_perl/5.6.1/i686-linux/DBI.pm line 637
	DBI::connect('DBI', 'DBI:mysql:host=[HOST];database=[DB];port=3306',
'[USERNAME]', '[PASSPHRASE]', 'HASH(0x85e0c60)') called at Bugzilla/DB.pm line 150
	Bugzilla::DB::_connect('DBI:mysql:host=[HOST];database=[DB];port=3306') called
at Bugzilla/DB.pm line 142
	Bugzilla::DB::connect_main() called at Bugzilla.pm line 111
	Bugzilla::dbh('Bugzilla') called at Bugzilla/Auth/Cookie.pm line 66
	Bugzilla::Auth::Cookie::authenticate('Bugzilla::Auth::Cookie', 3, 1677) called
at Bugzilla/Auth/CGI.pm line 88
	Bugzilla::Auth::CGI::login('Bugzilla::Auth::CGI', 1) called at Bugzilla.pm line 74
	Bugzilla::login('Bugzilla', 1) called at CGI.pl line 202
	main::quietly_check_login() called at buglist.cgi line 80
 at Bugzilla/DB.pm line 150

My workaround was this:

--- DB.pm.old   2003-03-22 04:47:15.000000000 +0000
+++ DB.pm       2004-07-18 11:06:00.000000000 +0100
@@ -165,7 +165,7 @@
     require Carp;

     $_[0] = Carp::longmess($_[0]);
-    return 0; # Now let DBI handle raising the error
+    return 1; # Now let DBI handle raising the error
 }

 1;


Reproducible: Always
Steps to Reproduce:
1.
2.
3.

Comment 1

[Paul]

Ooops, actually it was version 2.17.4

Comment 2

[Joel Peshkin]

*** This bug has been marked as a duplicate of 227191 ***