BIND(2) |
System Calls Manual |
BIND(2) |
NAME
bind — bind a name to a socket
LIBRARY
Standard C Library (libc, -lc)
SYNOPSIS
#include <sys/socket.h>
int
bind(int s, const struct sockaddr *name, socklen_t namelen);
DESCRIPTION
bind() assigns a name to an unnamed socket. When a socket is created with
socket(2) it exists in a name space (address family) but has no name assigned.
bind() requests that
name be assigned to the socket.
namelen indicates the amount of space pointed to by
name, in bytes.
NOTES
Binding a name in the
UNIX domain creates a socket in the file system that must be deleted by the caller when it is no longer needed (using
unlink(2)).
The rules used in name binding vary between communication domains. Consult the manual entries in section 4 for detailed information.
RETURN VALUES
If the bind is successful, a 0 value is returned. A return value of -1 indicates an error, which is further specified in the global errno.
ERRORS
The
bind() call will fail if:
-
[EBADF]
-
s is not a valid descriptor.
-
[ENOTSOCK]
-
s is not a socket.
-
[EADDRNOTAVAIL]
-
The specified address is not available from the local machine.
-
[EADDRINUSE]
-
The specified address is already in use.
-
[EINVAL]
-
The socket is already bound to an address.
-
[EINVAL]
-
The family of the socket and that requested in name->sa_family are not equivalent.
-
[EACCES]
-
The requested address is protected, and the current user has inadequate permission to access it.
-
[EFAULT]
-
The name parameter is not in a valid part of the user address space.
The following errors are specific to binding names in the UNIX domain.
-
[ENOTDIR]
-
A component of the path prefix is not a directory.
-
[ENAMETOOLONG]
-
A component of a pathname exceeded {NAME_MAX} characters, or an entire path name exceeded {PATH_MAX} characters.
-
[ENOENT]
-
A prefix component of the path name does not exist.
-
[ELOOP]
-
Too many symbolic links were encountered in translating the pathname.
-
[EIO]
-
An I/O error occurred while making the directory entry or allocating the inode.
-
[EROFS]
-
The name would reside on a read-only file system.
-
[EISDIR]
-
An empty pathname was specified.
HISTORY
The bind() function call appeared in 4.2BSD.
SECURITY CONSIDERATIONS
bind() was changed in
NetBSD 1.4 to prevent the binding of a socket to the same port as an existing socket when all of the following is true:
-
either of the existing or new addresses is
INADDR_ANY
,
-
the uid of the new socket is not root, and the uids of the creators of the sockets are different,
-
the address is not a multicast address, and
-
both sockets are not bound to
INADDR_ANY
with SO_REUSEPORT
set.
This prevents an attack where a user could bind to a port with the host's IP address (after setting SO_REUSEADDR
) and ‘steal' packets destined for a server that bound to the same port with INADDR_ANY
.
bind() was changed in NetBSD 4.0 to honor the user's umask when binding sockets in the local domain. This was done to match the behavior of other operating systems, including FreeBSD, OpenBSD, and Linux, and to improve compatibility with some third-party software. Please note that this behavior is not portable. If you must bind a local socket in a portable and secure way, you need to make a directory with tight permissions and then create the socket inside it.