detect: makes config keyword really require a flow

Ticket: 4972

Completes commit c3a220647

DETECT_CONFIG is added as DETECT_SM_LIST_POSTMATCH and not
as DETECT_SM_LIST_MATCH as other keywords handled in SignatureCreateMask

diff --git a/src/detect-engine-build.c b/src/detect-engine-build.c
index 1be519296295596aec7c6da6a72720a66f9a6f60..594e996087edbefa5d7ddbea4c0034983b7930e4 100644 (file)
--- a/src/detect-engine-build.c
+++ b/src/detect-engine-build.c
@@ -561,6 +561,11 @@ static int SignatureCreateMask(Signature *s)
             case DETECT_ENGINE_EVENT:
                 s->mask |= SIG_MASK_REQUIRE_ENGINE_EVENT;
                 break;
+        }
+    }
+
+    for (sm = s->init_data->smlists[DETECT_SM_LIST_POSTMATCH]; sm != NULL; sm = sm->next) {
+        switch (sm->type) {
             case DETECT_CONFIG: {
                 DetectConfigData *fd = (DetectConfigData *)sm->ctx;
                 if (fd->scope == CONFIG_SCOPE_FLOW) {