From: Harry Sintonen <sintonen@iki.fi>
Date: Tue, 3 Nov 2020 01:36:56 +0000 (+0200)
Subject: rtsp: fixed Session ID comparison to refuse prefix
X-Git-Tag: curl-7_74_0~102
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=adb0fcfab238ac6858ade3b9b5cc332fa0f60dfd;p=thirdparty%2Fcurl.git

rtsp: fixed Session ID comparison to refuse prefix

Closes #6161
---

diff --git a/lib/rtsp.c b/lib/rtsp.c
index 46c3c4f8f4..93aac0f20b 100644
--- a/lib/rtsp.c
+++ b/lib/rtsp.c
@@ -786,9 +786,18 @@ CURLcode Curl_rtsp_parseheader(struct connectdata *conn,
       failf(data, "Got a blank Session ID");
     }
     else if(data->set.str[STRING_RTSP_SESSION_ID]) {
+      char *end;
+      size_t idlen;
+
+      /* Find the end of Session ID */
+      end = start + 1;
+      while(*end && !ISSPACE(*end))
+        end++;
+      idlen = end - start;
+
       /* If the Session ID is set, then compare */
-      if(strncmp(start, data->set.str[STRING_RTSP_SESSION_ID],
-                 strlen(data->set.str[STRING_RTSP_SESSION_ID]))  != 0) {
+      if(strlen(data->set.str[STRING_RTSP_SESSION_ID]) != idlen ||
+         strncmp(start, data->set.str[STRING_RTSP_SESSION_ID], idlen) != 0) {
         failf(data, "Got RTSP Session ID Line [%s], but wanted ID [%s]",
               start, data->set.str[STRING_RTSP_SESSION_ID]);
         return CURLE_RTSP_SESSION_ERROR;