Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

detect: fix crash when stream inspect runs on UDP #2811

Merged
merged 1 commit into from Jun 27, 2017
Merged

detect: fix crash when stream inspect runs on UDP #2811

merged 1 commit into from Jun 27, 2017

Conversation

inliniac
Copy link
Contributor

Link to redmine ticket: https://redmine.openinfosecfoundation.org/issues/2158

Describe changes:

  • fix crash when using payload inspection in rules that apply to both TCP and UDP

PRScript output (if applicable):

@victorjulien
detect: fix crash when stream inspect runs on UDP
885b8ce 
Certain rules can apply to both TCP and UDP. For example 'alert dns'
rules are inspected against both TCP and UDP. This lead to the
stream inspect engine being called on a UDP packet.

This patch fixes the issue by exiting early from the stream inspect
engine if a) proto is not TCP or b) ssn is not available

Bug #2158.
@inliniac inliniac merged commit 885b8ce into master Jun 27, 2017
@inliniac inliniac deleted the bugs/2158/segv/v0 branch July 29, 2017 08:59
victorjulien added a commit to victorjulien/suricata that referenced this pull request Feb 16, 2019
@victorjulien
stream: fix 'stream.inline=auto' for L2 IPS
0a106fe 
Make sure the livedev setup is finalized before initializing the
stream engine.

Bug OISF#2811

Reported-by: Ad Schellevis
victorjulien added a commit to victorjulien/suricata that referenced this pull request Feb 16, 2019
@victorjulien
stream: fix 'stream.inline=auto' for L2 IPS
a926368 
Make sure the livedev setup is finalized before initializing the
stream engine.

Bug OISF#2811

Reported-by: Ad Schellevis
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
2 participants
@inliniac @victorjulien