ikev2: fix DNS resolution overflow

VPP DNS resolver expects NULL-terminated C string, whereas the ikev2
plugin only uses non-NULL terminated vectors.

Type: fix

Change-Id: I4a2afffb9e1b6b5dd11842621d5f13bc5a145862
Signed-off-by: Benoît Ganne <bganne@cisco.com>

diff --git a/src/plugins/ikev2/ikev2.c b/src/plugins/ikev2/ikev2.c
index cfcbcd4..f4bba15 100644 (file)
--- a/src/plugins/ikev2/ikev2.c
+++ b/src/plugins/ikev2/ikev2.c
@@ -4264,13 +4264,19 @@ ikev2_resolve_responder_hostname (vlib_main_t *vm, ikev2_responder_t *r)
   dns_cache_entry_t *ep = 0;
   dns_pending_request_t _t0, *t0 = &_t0;
   dns_resolve_name_t _rn, *rn = &_rn;
+  u8 *name;
   int rv;
 
   if (!km->dns_resolve_name)
     return clib_error_return (0, "cannot load symbols from dns plugin");
 
   t0->request_type = DNS_API_PENDING_NAME_TO_IP;
-  rv = km->dns_resolve_name (r->hostname, &ep, t0, rn);
+  /* VPP main curse: IKEv2 uses only non-NULL terminated vectors internally
+   * whereas DNS resolver expects a NULL-terminated C-string */
+  name = vec_dup (r->hostname);
+  vec_terminate_c_string (name);
+  rv = km->dns_resolve_name (name, &ep, t0, rn);
+  vec_free (name);
   if (rv < 0)
     return clib_error_return (0, "dns lookup failure");