dcerpc: do not assume an upper bound on data

TCP data can be presented to the protocol parser in any way e.g. one
byte at a time, single complete PDU, fragmented PDU, multiple PDUs at
once. A limit of 1MB can be easily reached in some of such scenarios.
Remove the check that rejects data that is more than 1MB.

diff --git a/rust/src/dcerpc/dcerpc.rs b/rust/src/dcerpc/dcerpc.rs
index c8c377a3724e5acfb6f74bcc8828511413801e41..f12021da261c0c5f47bb8653f19fa162202013d6 100644 (file)
--- a/rust/src/dcerpc/dcerpc.rs
+++ b/rust/src/dcerpc/dcerpc.rs
@@ -959,19 +959,11 @@ impl DCERPCState {
 
         let buffer = match direction {
             Direction::ToServer => {
-                if self.buffer_ts.len() + input_len > 1024 * 1024 {
-                    SCLogDebug!("DCERPC TOSERVER stream: Buffer Overflow");
-                    return AppLayerResult::err();
-                }
                 v = self.buffer_ts.split_off(0);
                 v.extend_from_slice(cur_i);
                 v.as_slice()
             }
             Direction::ToClient => {
-                if self.buffer_tc.len() + input_len > 1024 * 1024 {
-                    SCLogDebug!("DCERPC TOCLIENT stream: Buffer Overflow");
-                    return AppLayerResult::err();
-                }
                 v = self.buffer_tc.split_off(0);
                 v.extend_from_slice(cur_i);
                 v.as_slice()