From 4e7cefb0068bd1f27cdb6ac5d58bd9c7f8408ef1 Mon Sep 17 00:00:00 2001
From: Devin Barillari <devin.barillari@gmail.com>
Date: Wed, 31 Jul 2019 05:08:14 +0100
Subject: [PATCH] ws: server: limit string check length for tokenizer on
 upgrade

---
 lib/roles/ws/server-ws.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/roles/ws/server-ws.c b/lib/roles/ws/server-ws.c
index d987779d9..680c2e680 100644
--- a/lib/roles/ws/server-ws.c
+++ b/lib/roles/ws/server-ws.c
@@ -422,7 +422,7 @@ lws_process_ws_upgrade(struct lws *wsi)
 			e = lws_tokenize(&ts);
 			switch (e) {
 			case LWS_TOKZE_TOKEN:
-				if (!strcasecmp(ts.token, "upgrade"))
+				if (!strncasecmp(ts.token, "upgrade", ts.token_len))
 					e = LWS_TOKZE_ENDED;
 				break;