Bug 711714: (CVE-2011-3667) [SECURITY] The User.offer_account_by_email WebService method lets you create new user accounts independently of the value of Bugzilla::Auth::Verify::*::user_can_create_account

r=dkl a=LpSolit
author: Frédéric Buclin <LpSolit@gmail.com> 2011-12-28 23:15:49 +0100
committer: Frédéric Buclin <LpSolit@gmail.com> 2011-12-28 23:15:49 +0100
commit: d95d2ff05f816c4023fdaa6db14819f86d3044bf (patch)
tree: 3bea800fbb0c26515eb576778d2f2875e61b8d77 /token.cgi
parent: 6f323ff54643622bcd31f6b7577ab1a23d16f590 (diff)
download: bugzilla-d95d2ff05f816c4023fdaa6db14819f86d3044bf.tar.gz
bugzilla-d95d2ff05f816c4023fdaa6db14819f86d3044bf.tar.xz
1 files changed, 2 insertions, 0 deletions
diff --git a/token.cgi b/token.cgi
index 3522834aa..fa262e76a 100755
--- a/token.cgi
+++ b/token.cgi
@@ -352,6 +352,7 @@ sub cancelChangeEmail {
 sub request_create_account {
     my $token = shift;
 
+    Bugzilla->user->check_account_creation_enabled;
     my (undef, $date, $login_name) = Bugzilla::Token::GetTokenData($token);
     $vars->{'token'} = $token;
     $vars->{'email'} = $login_name . Bugzilla->params->{'emailsuffix'};
@@ -365,6 +366,7 @@ sub request_create_account {
 sub confirm_create_account {
     my $token = shift;
 
+    Bugzilla->user->check_account_creation_enabled;
     my (undef, undef, $login_name) = Bugzilla::Token::GetTokenData($token);
 
     my $password = $cgi->param('passwd1') || '';
author	Frédéric Buclin <LpSolit@gmail.com>	2011-12-28 23:15:49 +0100
committer	Frédéric Buclin <LpSolit@gmail.com>	2011-12-28 23:15:49 +0100
commit	d95d2ff05f816c4023fdaa6db14819f86d3044bf (patch)
tree	3bea800fbb0c26515eb576778d2f2875e61b8d77 /token.cgi
parent	6f323ff54643622bcd31f6b7577ab1a23d16f590 (diff)
download	bugzilla-d95d2ff05f816c4023fdaa6db14819f86d3044bf.tar.gz bugzilla-d95d2ff05f816c4023fdaa6db14819f86d3044bf.tar.xz