From 844e94f81556a3a45df2e1699c46316959692d31 Mon Sep 17 00:00:00 2001 From: Benoît Ganne Date: Wed, 25 Aug 2021 19:01:59 +0200 Subject: ikev2: fix DNS resolution overflow MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit VPP DNS resolver expects NULL-terminated C string, whereas the ikev2 plugin only uses non-NULL terminated vectors. Type: fix Change-Id: I4a2afffb9e1b6b5dd11842621d5f13bc5a145862 Signed-off-by: Benoît Ganne --- src/plugins/ikev2/ikev2.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'src/plugins') diff --git a/src/plugins/ikev2/ikev2.c b/src/plugins/ikev2/ikev2.c index cfcbcd4bc5f..f4bba156455 100644 --- a/src/plugins/ikev2/ikev2.c +++ b/src/plugins/ikev2/ikev2.c @@ -4264,13 +4264,19 @@ ikev2_resolve_responder_hostname (vlib_main_t *vm, ikev2_responder_t *r) dns_cache_entry_t *ep = 0; dns_pending_request_t _t0, *t0 = &_t0; dns_resolve_name_t _rn, *rn = &_rn; + u8 *name; int rv; if (!km->dns_resolve_name) return clib_error_return (0, "cannot load symbols from dns plugin"); t0->request_type = DNS_API_PENDING_NAME_TO_IP; - rv = km->dns_resolve_name (r->hostname, &ep, t0, rn); + /* VPP main curse: IKEv2 uses only non-NULL terminated vectors internally + * whereas DNS resolver expects a NULL-terminated C-string */ + name = vec_dup (r->hostname); + vec_terminate_c_string (name); + rv = km->dns_resolve_name (name, &ep, t0, rn); + vec_free (name); if (rv < 0) return clib_error_return (0, "dns lookup failure"); -- cgit 1.2.3-korg