spm/hs: don't exit on bad patterns

A bad pattern in a rule that hyperscan would fail to compile would
exit Suricata. This could happen during a rule reload as well.

In case of a untrusted ruleset, this could potentially be used to
shut down the sensor.

Commit 7d0851b0c2 already blocks the only know case, but this patch
is more defensive.

Ticket: #6195.
(cherry picked from commit 00e00254eae205bad5d4cfbf6c9e69f944faaf69)

diff --git a/src/util-spm-hs.c b/src/util-spm-hs.c
index 747a5d423e1409dcaba34118a4a08db459cece67..bdb01e0cecf917adfd61d74af3593420864e42b4 100644 (file)
--- a/src/util-spm-hs.c
+++ b/src/util-spm-hs.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2016 Open Information Security Foundation
+/* Copyright (C) 2016-2023 Open Information Security Foundation
  *
  * You can copy, redistribute or modify this Program under the terms of
  * the GNU General Public License version 2 as published by the Free
@@ -83,7 +83,7 @@ static int HSBuildDatabase(const uint8_t *needle, uint16_t needle_len,
     if (err != HS_SUCCESS) {
         SCLogError(SC_ERR_FATAL, "Unable to compile '%s' with Hyperscan, "
                                  "returned %d.", expr, err);
-        exit(EXIT_FAILURE);
+        return -1;
     }
 
     SCFree(expr);
@@ -96,7 +96,7 @@ static int HSBuildDatabase(const uint8_t *needle, uint16_t needle_len,
          * contexts may need this scratch space. */
         SCLogError(SC_ERR_FATAL,
                    "Unable to alloc scratch for Hyperscan, returned %d.", err);
-        exit(EXIT_FAILURE);
+        return -1;
     }
     global_thread_ctx->ctx = scratch;
     sctx->db = db;