From 8bdee98187bc3e4c404387b65981a1ee6be14885 Mon Sep 17 00:00:00 2001 From: Harry Sintonen Date: Tue, 3 Nov 2020 16:55:58 +0200 Subject: [PATCH] rtsp: error out on empty Session ID, unified the code --- lib/rtsp.c | 36 ++++++++++++++++++------------------ 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/lib/rtsp.c b/lib/rtsp.c index 93aac0f20..cc73ee934 100644 --- a/lib/rtsp.c +++ b/lib/rtsp.c @@ -776,6 +776,8 @@ CURLcode Curl_rtsp_parseheader(struct connectdata *conn, } else if(checkprefix("Session:", header)) { char *start; + char *end; + size_t idlen; /* Find the first non-space letter */ start = header + 8; @@ -784,16 +786,21 @@ CURLcode Curl_rtsp_parseheader(struct connectdata *conn, if(!*start) { failf(data, "Got a blank Session ID"); + return CURLE_RTSP_SESSION_ERROR; } - else if(data->set.str[STRING_RTSP_SESSION_ID]) { - char *end; - size_t idlen; - /* Find the end of Session ID */ - end = start + 1; - while(*end && !ISSPACE(*end)) - end++; - idlen = end - start; + /* Find the end of Session ID + * + * Allow any non whitespace content, up to the field separator or end of + * line. RFC 2326 isn't 100% clear on the session ID and for example + * gstreamer does url-encoded session ID's not covered by the standard. + */ + end = start; + while(*end && *end != ';' && !ISSPACE(*end)) + end++; + idlen = end - start; + + if(data->set.str[STRING_RTSP_SESSION_ID]) { /* If the Session ID is set, then compare */ if(strlen(data->set.str[STRING_RTSP_SESSION_ID]) != idlen || @@ -806,21 +813,14 @@ CURLcode Curl_rtsp_parseheader(struct connectdata *conn, else { /* If the Session ID is not set, and we find it in a response, then set * it. - * - * Allow any non whitespace content, up to the field separator or end of - * line. RFC 2326 isn't 100% clear on the session ID and for example - * gstreamer does url-encoded session ID's not covered by the standard. */ - char *end = start; - while(*end && *end != ';' && !ISSPACE(*end)) - end++; /* Copy the id substring into a new buffer */ - data->set.str[STRING_RTSP_SESSION_ID] = malloc(end - start + 1); + data->set.str[STRING_RTSP_SESSION_ID] = malloc(idlen + 1); if(data->set.str[STRING_RTSP_SESSION_ID] == NULL) return CURLE_OUT_OF_MEMORY; - memcpy(data->set.str[STRING_RTSP_SESSION_ID], start, end - start); - (data->set.str[STRING_RTSP_SESSION_ID])[end - start] = '\0'; + memcpy(data->set.str[STRING_RTSP_SESSION_ID], start, idlen); + (data->set.str[STRING_RTSP_SESSION_ID])[idlen] = '\0'; } } return CURLE_OK;