detect/port: handle range and upper boundary ports

So far, if a port was found to be single which was earlier a part of the
range, port + 1 was added to the list to honor the range that it was a
part of. But, this is incorrect in case the port is 65535 or if the port
was found to be of range when it was earlier a single port.

Bug 6896

diff --git a/src/detect-engine-build.c b/src/detect-engine-build.c
index 715c537b373fa37f681780c6e783a4d824f5d1f3..3f3f96a32c7c9f401a9282394b48f2833862d20d 100644 (file)
--- a/src/detect-engine-build.c
+++ b/src/detect-engine-build.c
@@ -1343,11 +1343,12 @@ static inline uint32_t SetUniquePortPoints(
             unique_list[p->port] = RANGE_PORT;
         }
         size_list++;
-    } else if ((unique_list[p->port] == SINGLE_PORT) && (p->port != p->port2)) {
-        if (unique_list[p->port + 1] == UNDEFINED_PORT) {
+    } else if (((unique_list[p->port] == SINGLE_PORT) && (p->port != p->port2)) ||
+               ((unique_list[p->port] == RANGE_PORT) && (p->port == p->port2))) {
+        if ((p->port != UINT16_MAX) && (unique_list[p->port + 1] == UNDEFINED_PORT)) {
+            unique_list[p->port + 1] = RANGE_PORT;
             size_list++;
         }
-        unique_list[p->port + 1] = RANGE_PORT;
     }
 
     /* Treat right boundary as single point to avoid creating unneeded