Skip Menu |

This queue is for tickets about the DBD-mysql CPAN distribution.

Report information
The Basics
Id: 108650
Status: resolved
Priority: 0/
Queue: DBD-mysql

Owner: Nobody in particular
Requestors: NStevens [...]

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

Subject: Password parameter to login
Date: Tue, 10 Nov 2015 12:11:02 +0000
To: "bug-DBD-mysql [...]" <bug-DBD-mysql [...]>
From: "Stevens, Norman" <NStevens [...]>
Download (untitled) / with headers
text/plain 1.5k
The mysql C function mysql_real_connect distinguishes between null and the empty string for the password parameter. The perl connect however converts the empty string to NULL so does not maintain the functionality of the underlying mysql library. To use a value specified in a defaults file most of the parameters to mysql_real_connect can be passed as the empty string or null, however for the password parameter only the null value results in use of the value from the defaults file. To quote the documentation at "For passwd, specify a value of NULL. (For the password, a value of the empty string in the mysql_real_connect() call cannot be overridden in an option file, because the empty string indicates explicitly that the MySQL account must have an empty password.)" However the perl implementation does not maintain the difference. The function save_hv_fetch replaces the empty string with NULL. (dbdimp.c line 2014). This results in incorrect behaviour. Given the definition of the C function I would expect the perl connect to use the value from the defaults file only if the password parameter is undef. A value of the empty string should not use the value from the defaults file. There is a workaround, the string "\0" for the password is not converted to NULL and is interpreted as the empty string by the mysql C library. NORMAN STEVENS Sr. Software Development Engineer RAYTHEON|WEBSENSE ph: +44.118.938.8661 fax: +44.118.909.7161<> ENTER A NEW ERA OF CYBERSECURITY

This service is sponsored and maintained by Best Practical Solutions and runs on infrastructure.

Please report any issues with to