Red Hat Bugzilla – Bug 64802
lib-src/pop.c may attempt to connect to the wrong host
Last modified: 2007-04-18 12:42:32 EDT
Date: Sun, 12 May 2002 20:38:25 -0400
From: Jonathan Kamens <firstname.lastname@example.org>
Subject: lib-src/pop.c may attempt to connect to the wrong host
This bug report will be sent to the Free Software Foundation,
not to your local site managers!
Please write in English, because the Emacs maintainers do not have
translators to read other languages for them.
Your bug report will be posted to the email@example.com mailing list,
and to the gnu.emacs.bug news group.
In GNU Emacs 21.2.1 (i386-redhat-linux-gnu, X toolkit, Xaw3d scroll bars)
of 2002-04-08 on porky.devel.redhat.com
configured using `configure i386-redhat-linux --prefix=/usr --exec-prefix=/usr
--bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share
--includedir=/usr/include --libdir=/usr/lib --libexecdir=/usr/libexec
--localstatedir=/var --sharedstatedir=/usr/com --mandir=/usr/share/man
--infodir=/usr/share/info --with-gcc --with-pop --with-sound'
value of $LC_ALL: nil
value of $LC_COLLATE: C
value of $LC_CTYPE: nil
value of $LC_MESSAGES: nil
value of $LC_MONETARY: nil
value of $LC_NUMERIC: nil
value of $LC_TIME: nil
value of $LANG: en_US
Please describe exactly what actions triggered the bug
and the precise symptoms of the bug:
TAhe patch appended below was made against 20.7, but I believe that it
will apply cleanly, or almost cleanly, against the current source tree
The code in socket_connection in lib-src/pop.c results the host name
of the POP host, then uses getservbyname() to look up the port number,
then iterates through the addresses of the POP host and attempts to
connect to each of them in turn.
The problem with this approach is that getservbyname() may call
gethostbyname() or gethostbyaddr(), e.g., if nsswitch.com says to use
LDAP for service lookups, and thus replace the address information
about the POP host with the address information for some other host,
thus causing the POP connection to go to the wrong host. I have
seen this failure mode.
The fix for this is to wait to resolve the POP host name until
immediately before trying to connect to it. I've attached a patch.
--- lib-src/pop.c.orig Sun May 12 20:23:32 2002
+++ lib-src/pop.c Sun May 12 20:27:21 2002
@@ -1067,17 +1067,6 @@
- hostent = gethostbyname (host);
- if ((! hostent) && ((h_errno != TRY_AGAIN) || (try_count == 5)))
- strcpy (pop_error, "Could not determine POP server's address");
- return (-1);
- } while (! hostent);
bzero ((char *) &addr, sizeof (addr));
addr.sin_family = AF_INET;
@@ -1127,6 +1116,17 @@
+ hostent = gethostbyname (host);
+ if ((! hostent) && ((h_errno != TRY_AGAIN) || (try_count == 5)))
+ strcpy (pop_error, "Could not determine POP server's address");
+ return (-1);
+ } while (! hostent);
Could you attach it to preserve whitespace? TIA.
I don't have the diff around anymore, and I'm not sure its whitespace is
preserved in my E-mail archive, but you should be able to apply it by hand --
note that I am simply moving a block of code from one place to another without
making any changes to it.
Should be added to 21.2-18