From 9cdbf17640cd7f46081cc8e12dec3c82d21d670e Mon Sep 17 00:00:00 2001
From: Russ Combs <rucombs@cisco.com>
Date: Tue, 6 Dec 2016 13:57:53 -0500
Subject: [PATCH] clear inspectors after logging

---
 src/detection/detection_engine.cc | 19 ++++++++++---------
 src/detection/detection_engine.h  |  2 +-
 2 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/src/detection/detection_engine.cc b/src/detection/detection_engine.cc
index 611e99b41..f30a6832b 100644
--- a/src/detection/detection_engine.cc
+++ b/src/detection/detection_engine.cc
@@ -65,7 +65,7 @@ DetectionEngine::DetectionEngine()
 
 DetectionEngine::~DetectionEngine()
 {
-    clear_packet(context->packet);
+    finish_packet(context->packet);
     ContextSwitcher* sw = Snort::get_switcher();
 
     if ( context == sw->get_context() )
@@ -108,7 +108,7 @@ Packet* DetectionEngine::set_packet()
     return p;
 }
 
-void DetectionEngine::clear_packet(Packet* p)
+void DetectionEngine::finish_packet(Packet* p)
 {
     log_events(p);
     reset(p);
@@ -234,9 +234,9 @@ void DetectionEngine::onload()
     sw->resume(id);
 
     fp_onload(p);
-    InspectorManager::clear(p);
-    clear_packet(p);
+    finish_packet(p);
 
+    InspectorManager::clear(p);
     sw->complete();
 }
 
@@ -306,9 +306,9 @@ bool DetectionEngine::detect(Packet* p)
 
 void DetectionEngine::inspect(Packet* p)
 {
+    bool inspected = false;
     {
         PacketLatency::Context pkt_latency_ctx { p };
-        bool inspected = false;
 
         if ( p->ptrs.decode_flags & DECODE_ERR_FLAGS )
         {
@@ -352,17 +352,18 @@ void DetectionEngine::inspect(Packet* p)
         // performance hit on short-lived flows
 
         Stream::check_flow_closed(p);
-
-        if ( inspected )
-            InspectorManager::clear(p);
     }
 
     Profile profile(eventqPerfStats);
 
     log_events(p);
-    reset(p);
 
     Stream::check_flow_block_pending(p);
+
+    if ( inspected )
+        InspectorManager::clear(p);
+
+    reset(p);
 }
 
 //--------------------------------------------------------------------------
diff --git a/src/detection/detection_engine.h b/src/detection/detection_engine.h
index cba6de9a6..4ea0d48e8 100644
--- a/src/detection/detection_engine.h
+++ b/src/detection/detection_engine.h
@@ -98,7 +98,7 @@ private:
     static struct SF_EVENTQ* get_event_queue();
     static void offload_thread(IpsContext*);
     static void onload();
-    static void clear_packet(Packet*);
+    static void finish_packet(Packet*);
 
 private:
     IpsContext* context;
-- 
2.47.3