From fdd79e91f09bb201e6ce530ef4bf459066685d64 Mon Sep 17 00:00:00 2001
From: odain <olivier.dain@combodo.com>
Date: Tue, 7 Jan 2020 17:44:34 +0100
Subject: [PATCH] =?UTF-8?q?N=C2=B02154:=20Fix=20security=20breach=20(scrat?=
 =?UTF-8?q?ch=20install=20usecase)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 core/config.class.inc.php | 25 ++++++++++++++++---------
 1 file changed, 16 insertions(+), 9 deletions(-)

diff --git a/core/config.class.inc.php b/core/config.class.inc.php
index bebe6c832..757685a7c 100644
--- a/core/config.class.inc.php
+++ b/core/config.class.inc.php
@@ -1893,19 +1893,26 @@ class Config
 		{
 			$sFileName = $this->m_sFile;
 		}
-		$oHandle = fopen($this->m_sFile, 'r');
-		$index = 0;
-		while (!flock($oHandle, LOCK_SH))
+		$oHandle = null;
+		if (is_file($this->m_sFile))
 		{
-			if ($index > 50){
-				throw new ConfigException("Could not read to configuration file", array('file' => $this->m_sFile));
+			$oHandle = fopen($this->m_sFile, 'r');
+			$index = 0;
+			while (!flock($oHandle, LOCK_SH))
+			{
+				if ($index > 50)
+				{
+					throw new ConfigException("Could not read to configuration file", array('file' => $this->m_sFile));
+				}
+				usleep(100000);
+				$index++;
 			}
-			usleep(100000);
-			$index++;
 		}
-
 		$this->oItopConfigParser = new iTopConfigParser(file_get_contents($this->m_sFile));
-		flock($oHandle, LOCK_UN);
+		if ($oHandle !==null)
+		{
+			flock($oHandle, LOCK_UN);
+		}
 
 		$hFile = @fopen($sFileName, 'w');
 		if ($hFile !== false)