mysql passphrase revealed on server error

RESOLVED DUPLICATE of bug 227191

Status

()

RESOLVED DUPLICATE of bug 227191
14 years ago
6 years ago

People

(Reporter: paul, Assigned: justdave)

Tracking

Details

(Reporter)

Description

14 years ago
User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.1) Gecko/20040715 Galeon/1.3.16 (Debian package 1.3.16-1)
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.1) Gecko/20040715 Galeon/1.3.16 (Debian package 1.3.16-1)

Version bugzilla-2.17.6
The error message with sensitive data removed, [PASSPHRASE] contains the actual
passphrase:

DBI connect('host=[HOST];database=[DB];port=3306','[USERNAME]',...) failed: Too
many connections at /usr/local/lib/perl5/site_perl/5.6.1/i686-linux/DBI.pm line 586
	DBI::__ANON__(undef, undef) called at
/usr/local/lib/perl5/site_perl/5.6.1/i686-linux/DBI.pm line 637
	DBI::connect('DBI', 'DBI:mysql:host=[HOST];database=[DB];port=3306',
'[USERNAME]', '[PASSPHRASE]', 'HASH(0x85e0c60)') called at Bugzilla/DB.pm line 150
	Bugzilla::DB::_connect('DBI:mysql:host=[HOST];database=[DB];port=3306') called
at Bugzilla/DB.pm line 142
	Bugzilla::DB::connect_main() called at Bugzilla.pm line 111
	Bugzilla::dbh('Bugzilla') called at Bugzilla/Auth/Cookie.pm line 66
	Bugzilla::Auth::Cookie::authenticate('Bugzilla::Auth::Cookie', 3, 1677) called
at Bugzilla/Auth/CGI.pm line 88
	Bugzilla::Auth::CGI::login('Bugzilla::Auth::CGI', 1) called at Bugzilla.pm line 74
	Bugzilla::login('Bugzilla', 1) called at CGI.pl line 202
	main::quietly_check_login() called at buglist.cgi line 80
 at Bugzilla/DB.pm line 150

My workaround was this:

--- DB.pm.old   2003-03-22 04:47:15.000000000 +0000
+++ DB.pm       2004-07-18 11:06:00.000000000 +0100
@@ -165,7 +165,7 @@
     require Carp;

     $_[0] = Carp::longmess($_[0]);
-    return 0; # Now let DBI handle raising the error
+    return 1; # Now let DBI handle raising the error
 }

 1;


Reproducible: Always
Steps to Reproduce:
1.
2.
3.
(Reporter)

Comment 1

14 years ago
Ooops, actually it was version 2.17.4

Comment 2

14 years ago

*** This bug has been marked as a duplicate of 227191 ***
Status: UNCONFIRMED → RESOLVED
Last Resolved: 14 years ago
Resolution: --- → DUPLICATE
QA Contact: matty_is_a_geek → default-qa
You need to log in before you can comment on or make changes to this bug.