From d95d2ff05f816c4023fdaa6db14819f86d3044bf Mon Sep 17 00:00:00 2001
From: Frédéric Buclin <LpSolit@gmail.com>
Date: Wed, 28 Dec 2011 23:15:49 +0100
Subject: Bug 711714: (CVE-2011-3667) [SECURITY] The
 User.offer_account_by_email WebService method lets you create new user
 accounts independently of the value of
 Bugzilla::Auth::Verify::*::user_can_create_account r=dkl a=LpSolit

---
 token.cgi | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'token.cgi')

diff --git a/token.cgi b/token.cgi
index 3522834aa..fa262e76a 100755
--- a/token.cgi
+++ b/token.cgi
@@ -352,6 +352,7 @@ sub cancelChangeEmail {
 sub request_create_account {
     my $token = shift;
 
+    Bugzilla->user->check_account_creation_enabled;
     my (undef, $date, $login_name) = Bugzilla::Token::GetTokenData($token);
     $vars->{'token'} = $token;
     $vars->{'email'} = $login_name . Bugzilla->params->{'emailsuffix'};
@@ -365,6 +366,7 @@ sub request_create_account {
 sub confirm_create_account {
     my $token = shift;
 
+    Bugzilla->user->check_account_creation_enabled;
     my (undef, undef, $login_name) = Bugzilla::Token::GetTokenData($token);
 
     my $password = $cgi->param('passwd1') || '';
-- 
cgit v1.2.3-24-g4f1b