modbus: stop allocating transactions when flooded

cf #4224

(cherry picked from commit 89030d3e59e23d4850ac9a7db5763c3d4d4fd537)

diff --git a/src/app-layer-modbus.c b/src/app-layer-modbus.c
index e026e333fcf04801d87bffd8373bfaef21c2aa4d..42c5c08ddfad8c76d218902be3732870b0c88fb4 100644 (file)
--- a/src/app-layer-modbus.c
+++ b/src/app-layer-modbus.c
@@ -342,6 +342,13 @@ static ModbusTransaction *ModbusTxFindByTransaction(const ModbusState   *modbus,
 static ModbusTransaction *ModbusTxAlloc(ModbusState *modbus) {
     ModbusTransaction *tx;
 
+    /* Check flood limit */
+    if ((request_flood != 0) && (modbus->unreplied_cnt >= request_flood)) {
+        ModbusSetEvent(modbus, MODBUS_DECODER_EVENT_FLOODED);
+        modbus->givenup = 1;
+        return NULL;
+    }
+
     tx = (ModbusTransaction *) SCCalloc(1, sizeof(ModbusTransaction));
     if (unlikely(tx == NULL))
         return NULL;
@@ -349,12 +356,6 @@ static ModbusTransaction *ModbusTxAlloc(ModbusState *modbus) {
     modbus->transaction_max++;
     modbus->unreplied_cnt++;
 
-    /* Check flood limit */
-    if ((request_flood != 0) && (modbus->unreplied_cnt > request_flood)) {
-        ModbusSetEvent(modbus, MODBUS_DECODER_EVENT_FLOODED);
-        modbus->givenup = 1;
-    }
-
     modbus->curr = tx;
 
     SCLogDebug("modbus->transaction_max updated to %"PRIu64, modbus->transaction_max);