Fix the bind security fix introduced in rev 1.38 to work with multicast:

- Don't bother checking for conflicting sockets if we're binding to a multicast address. - Don't return an error if we're binding to INADDR_ANY, the conflicting socket is bound to INADDR_ANY, and the conflicting socket has SO_REUSEPORT set. PR: kern/7713
svn path=/head/; revision=39426
2025-01-09 16:01:19 +01:00 · 1998-09-17 18:42:16 +00:00 · 1998-09-17 18:42:16 +00:00 · 52b65dbe85 · 2020-12-20 02:59:44 +00:00
commit 52b65dbe85
parent 0aba3bf3d2
1 changed files with 9 additions and 3 deletions
--- a/sys/netinet/in_pcb.c
+++ b/sys/netinet/in_pcb.c
@ -31,7 +31,7 @@
 * SUCH DAMAGE.
 *
 *	@(#)in_pcb.c	8.4 (Berkeley) 5/24/95
- *	$Id: in_pcb.c,v 1.43 1998/04/19 17:22:30 phk Exp $
+ *	$Id: in_pcb.c,v 1.44 1998/05/15 20:11:32 wollman Exp $
 */

 #include <sys/param.h>
@ -197,10 +197,16 @@ in_pcbbind(inp, nam, p)
 			if (ntohs(lport) < IPPORT_RESERVED && p &&
 			    suser(p->p_ucred, &p->p_acflag))
 				return (EACCES);
-			if (so->so_uid) {
+			if (so->so_uid &&
+			    !IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) {
 				t = in_pcblookup_local(inp->inp_pcbinfo,
 				    sin->sin_addr, lport, INPLOOKUP_WILDCARD);
-				if (t && (so->so_uid != t->inp_socket->so_uid))
+				if (t &&
+				    (ntohl(sin->sin_addr.s_addr) != INADDR_ANY ||
+				     ntohl(t->inp_laddr.s_addr) != INADDR_ANY ||
+				     (t->inp_socket->so_options &
+					 SO_REUSEPORT) == 0) &&
+				    (so->so_uid != t->inp_socket->so_uid))
 					return (EADDRINUSE);
 			}
 			t = in_pcblookup_local(pcbinfo, sin->sin_addr,