From 6b61852b4f000431eb83ce26584da806f64d4643 Mon Sep 17 00:00:00 2001 From: K Rin Date: Sat, 12 Apr 2025 10:28:52 +0800 Subject: [PATCH] mac_portacl: do not reject unspecific family directly Reviewed by: imp,emaste Pull Request: https://github.com/freebsd/freebsd-src/pull/1659 --- sys/security/mac_portacl/mac_portacl.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sys/security/mac_portacl/mac_portacl.c b/sys/security/mac_portacl/mac_portacl.c index b3a5e06c0e2..1cbfcad83ac 100644 --- a/sys/security/mac_portacl/mac_portacl.c +++ b/sys/security/mac_portacl/mac_portacl.c @@ -452,7 +452,8 @@ socket_check_bind(struct ucred *cred, struct socket *so, return (0); /* Reject addresses we don't understand; fail closed. */ - if (sa->sa_family != AF_INET && sa->sa_family != AF_INET6) + if (sa->sa_family != AF_UNSPEC && sa->sa_family != AF_INET && + sa->sa_family != AF_INET6) return (EINVAL); family = so->so_proto->pr_domain->dom_family;