detect/engine: fix whitelisting check

In the commit 4a00ae607, the whitelisting check was updated in a quest
to make use of the conditional better but it made things worse as every
range would be whitelisted as long as it had any of the default
whitelisted port which is very common.

(cherry picked from commit fb9680bb7b17f6744c9f6f26abf4c902c83de8f3)

diff --git a/src/detect-engine-build.c b/src/detect-engine-build.c
index 8b76212719831638199dba2575c60a9fbc9f4e0e..710d45c987279cfd7a241031bd84dbac8eae32ee 100644 (file)
--- a/src/detect-engine-build.c
+++ b/src/detect-engine-build.c
@@ -1101,8 +1101,9 @@ static int PortIsWhitelisted(const DetectEngineCtx *de_ctx,
         w = de_ctx->udp_whitelist;
 
     while (w) {
-        if (a->port >= w->port && a->port2 <= w->port) {
-            SCLogDebug("port group %u:%u whitelisted -> %d", a->port, a->port2, w->port);
+        /* Make sure the whitelist port falls in the port range of a */
+        DEBUG_VALIDATE_BUG_ON(a->port > a->port2);
+        if (a->port == w->port && w->port2 == a->port2) {
             return 1;
         }
         w = w->next;