diff options
| author | Harry Sintonen <sintonen@iki.fi> | 2020-11-03 16:55:58 +0200 |
|---|---|---|
| committer | Daniel Stenberg <daniel@haxx.se> | 2020-11-04 08:14:36 +0100 |
| commit | 8bdee98187bc3e4c404387b65981a1ee6be14885 (patch) | |
| tree | 100771126ae3b0c00c94443bc579faacb75fe3a1 /lib/rtsp.c | |
| parent | 77a7b93c25041ec27baa7bbe4300cf88cb3c4dbb (diff) | |
| download | curl-8bdee98187bc3e4c404387b65981a1ee6be14885.tar.gz | |
rtsp: error out on empty Session ID, unified the code
Diffstat (limited to 'lib/rtsp.c')
| -rw-r--r-- | lib/rtsp.c | 36 |
1 files changed, 18 insertions, 18 deletions
diff --git a/lib/rtsp.c b/lib/rtsp.c index 93aac0f20..cc73ee934 100644 --- a/lib/rtsp.c +++ b/lib/rtsp.c @@ -776,6 +776,8 @@ CURLcode Curl_rtsp_parseheader(struct connectdata *conn, } else if(checkprefix("Session:", header)) { char *start; + char *end; + size_t idlen; /* Find the first non-space letter */ start = header + 8; @@ -784,16 +786,21 @@ CURLcode Curl_rtsp_parseheader(struct connectdata *conn, if(!*start) { failf(data, "Got a blank Session ID"); + return CURLE_RTSP_SESSION_ERROR; } - else if(data->set.str[STRING_RTSP_SESSION_ID]) { - char *end; - size_t idlen; - /* Find the end of Session ID */ - end = start + 1; - while(*end && !ISSPACE(*end)) - end++; - idlen = end - start; + /* Find the end of Session ID + * + * Allow any non whitespace content, up to the field separator or end of + * line. RFC 2326 isn't 100% clear on the session ID and for example + * gstreamer does url-encoded session ID's not covered by the standard. + */ + end = start; + while(*end && *end != ';' && !ISSPACE(*end)) + end++; + idlen = end - start; + + if(data->set.str[STRING_RTSP_SESSION_ID]) { /* If the Session ID is set, then compare */ if(strlen(data->set.str[STRING_RTSP_SESSION_ID]) != idlen || @@ -806,21 +813,14 @@ CURLcode Curl_rtsp_parseheader(struct connectdata *conn, else { /* If the Session ID is not set, and we find it in a response, then set * it. - * - * Allow any non whitespace content, up to the field separator or end of - * line. RFC 2326 isn't 100% clear on the session ID and for example - * gstreamer does url-encoded session ID's not covered by the standard. */ - char *end = start; - while(*end && *end != ';' && !ISSPACE(*end)) - end++; /* Copy the id substring into a new buffer */ - data->set.str[STRING_RTSP_SESSION_ID] = malloc(end - start + 1); + data->set.str[STRING_RTSP_SESSION_ID] = malloc(idlen + 1); if(data->set.str[STRING_RTSP_SESSION_ID] == NULL) return CURLE_OUT_OF_MEMORY; - memcpy(data->set.str[STRING_RTSP_SESSION_ID], start, end - start); - (data->set.str[STRING_RTSP_SESSION_ID])[end - start] = '\0'; + memcpy(data->set.str[STRING_RTSP_SESSION_ID], start, idlen); + (data->set.str[STRING_RTSP_SESSION_ID])[idlen] = '\0'; } } return CURLE_OK; |