d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- Use suser_cred(9) instead of directly checking cr_uid.

Browse Source 
- Change the order of conditions to first verify that we actually need
  to check for privileges and then eventually check them.

Reviewed by:	rwatson
This commit is contained in:
Pawel Jakub Dawidek 2006-06-27 11:35:53 +00:00
parent 0bd645ae0c
commit 835d4b8924
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=159976
2 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sys/netinet/in_pcb.c
View File

@ -331,8 +331,8 @@ in_pcbbind_setup(struct inpcb *inp, struct sockaddr *nam, in_addr_t *laddrp,
return (EACCES);
if (jailed(cred))
prison = 1;
if (so->so_cred->cr_uid != 0 &&
!IN_MULTICAST(ntohl(sin->sin_addr.s_addr))) {
if (!IN_MULTICAST(ntohl(sin->sin_addr.s_addr)) &&
suser_cred(so->so_cred, SUSER_ALLOWJAIL) != 0) {
t = in_pcblookup_local(inp->inp_pcbinfo,
sin->sin_addr, lport,
prison ? 0 : INPLOOKUP_WILDCARD);

4
sys/netinet6/in6_pcb.c
View File

@ -192,8 +192,8 @@ in6_pcbbind(inp, nam, cred)
ntohs(lport) >= ipport_reservedlow &&
suser_cred(cred, SUSER_ALLOWJAIL))
return (EACCES);
if (so->so_cred->cr_uid != 0 &&
!IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) {
if (!IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr) &&
suser_cred(so->so_cred, SUSER_ALLOWJAIL) != 0) {
t = in6_pcblookup_local(pcbinfo,
&sin6->sin6_addr, lport,
INPLOOKUP_WILDCARD);