aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBenoît Ganne <bganne@cisco.com>2021-08-25 19:01:59 +0200
committerDamjan Marion <dmarion@me.com>2021-08-26 14:47:24 +0000
commit844e94f81556a3a45df2e1699c46316959692d31 (patch)
tree4cbb4509eaeb1ca5a79b09f256016d17233f52b6
parent4fe2f4c29e3672f38038d34f177a9ccbff18d9ad (diff)
ikev2: fix DNS resolution overflow
VPP DNS resolver expects NULL-terminated C string, whereas the ikev2 plugin only uses non-NULL terminated vectors. Type: fix Change-Id: I4a2afffb9e1b6b5dd11842621d5f13bc5a145862 Signed-off-by: Benoît Ganne <bganne@cisco.com>
-rw-r--r--src/plugins/ikev2/ikev2.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/src/plugins/ikev2/ikev2.c b/src/plugins/ikev2/ikev2.c
index cfcbcd4bc5f..f4bba156455 100644
--- a/src/plugins/ikev2/ikev2.c
+++ b/src/plugins/ikev2/ikev2.c
@@ -4264,13 +4264,19 @@ ikev2_resolve_responder_hostname (vlib_main_t *vm, ikev2_responder_t *r)
dns_cache_entry_t *ep = 0;
dns_pending_request_t _t0, *t0 = &_t0;
dns_resolve_name_t _rn, *rn = &_rn;
+ u8 *name;
int rv;
if (!km->dns_resolve_name)
return clib_error_return (0, "cannot load symbols from dns plugin");
t0->request_type = DNS_API_PENDING_NAME_TO_IP;
- rv = km->dns_resolve_name (r->hostname, &ep, t0, rn);
+ /* VPP main curse: IKEv2 uses only non-NULL terminated vectors internally
+ * whereas DNS resolver expects a NULL-terminated C-string */
+ name = vec_dup (r->hostname);
+ vec_terminate_c_string (name);
+ rv = km->dns_resolve_name (name, &ep, t0, rn);
+ vec_free (name);
if (rv < 0)
return clib_error_return (0, "dns lookup failure");