From 0d326eb5a9a01b55ad1dc710231c2c1650d00859 Mon Sep 17 00:00:00 2001
From: Jason Davis <happydude@jasondavis.net>
Date: Fri, 6 Apr 2018 11:56:16 -0700
Subject: [PATCH] Avoid db credentials in stack trace

---
 lib/SimpleSAML/Store/SQL.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/lib/SimpleSAML/Store/SQL.php b/lib/SimpleSAML/Store/SQL.php
index ec46c24ce..adfa6b56e 100755
--- a/lib/SimpleSAML/Store/SQL.php
+++ b/lib/SimpleSAML/Store/SQL.php
@@ -57,8 +57,11 @@ class SQL extends Store
         $password = $config->getString('store.sql.password', null);
         $options = $config->getArray('store.sql.options', null);
         $this->prefix = $config->getString('store.sql.prefix', 'simpleSAMLphp');
-
-        $this->pdo = new \PDO($dsn, $username, $password, $options);
+        try {
+            $this->pdo = new \PDO($dsn, $username, $password, $options);
+        } catch (\PDOException $e) {
+            throw new \Exception("Database error: " . $e->getMessage());
+        }
         $this->pdo->setAttribute(\PDO::ATTR_ERRMODE, \PDO::ERRMODE_EXCEPTION);
 
         $this->driver = $this->pdo->getAttribute(\PDO::ATTR_DRIVER_NAME);
-- 
GitLab