From c51817d3b8cb05ff54dca9373c0667e29b8498d4 Mon Sep 17 00:00:00 2001
From: Marc Delisle <marc@infomarc.info>
Date: Wed, 28 Mar 2012 12:39:39 -0400
Subject: [security] Fixed local path disclosure vulnerability, see
 PMASA-2012-2

---
 show_config_errors.php | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'show_config_errors.php')

diff --git a/show_config_errors.php b/show_config_errors.php
index 9024fec22d..7299a44249 100644
--- a/show_config_errors.php
+++ b/show_config_errors.php
@@ -14,6 +14,8 @@ error_reporting(E_ALL);
 /**
  * Read config file.
  */
-require CONFIG_FILE;
+if (is_readable(CONFIG_FILE)) {
+    require CONFIG_FILE;
+}
 
 ?>
-- 
cgit v1.2.3