parser/sdp: check if value is exceeded when looking for o= version field

(cherry picked from commit c532a67db654efb21f81e058b7e3a86229766a40)
(cherry picked from commit d3d62bde97a86faa7dd1189bf10b697f28d84a63)
(cherry picked from commit 44cb112ea155eccf2788400b65f85e8b1c77f589)

src/core/parser/sdp/sdp_helpr_funcs.c

@@ -731,7 +731,12 @@ int extract_sess_version(str *oline, str *sess_version)
 		}
 
 		i++;
-	} while(len < oline->len && i < 3);
+	} while((cp < oline->s + oline->len) && i < 3);
+
+	if(cp >= oline->s + oline->len) {
+		LM_ERR("broken o= line - version field not found\n");
+		return -1;
+	}
 
 	len = cp - cp0 - 1;
 	LM_DBG("end %d: >%.*s<\n", len, len, cp0);