stream: fix TFO overlap detection with ECN/CWR flags

author Victor Julien <vjulien@oisf.net>

Fri, 3 Mar 2023 12:02:48 +0000 (13:02 +0100)

committer Victor Julien <vjulien@oisf.net>

Wed, 29 Mar 2023 05:08:18 +0000 (07:08 +0200)
author Victor Julien <vjulien@oisf.net>
Fri, 3 Mar 2023 12:02:48 +0000 (13:02 +0100)
committer Victor Julien <vjulien@oisf.net>
Wed, 29 Mar 2023 05:08:18 +0000 (07:08 +0200)
diff --git a/src/stream-tcp-reassemble.c b/src/stream-tcp-reassemble.c

index aab148eaf102aec5aa30f5563cdd0253ef5ca336..6d1244307875ac8eec472273c0eaa6e986ee049d 100644 (file)
--- a/src/stream-tcp-reassemble.c
+++ b/src/stream-tcp-reassemble.c
@@ -676,7 +676,7 @@ int StreamTcpReassembleHandleSegmentHandleData(ThreadVars *tv, TcpReassemblyThre
      seg->seq = TCP_GET_SEQ(p);
  
      /* HACK: for TFO SYN packets the seq for data starts at + 1 */
-    if (TCP_HAS_TFO(p) && p->payload_len && p->tcph->th_flags == TH_SYN)
+    if (TCP_HAS_TFO(p) && p->payload_len && (p->tcph->th_flags & TH_SYN))
          seg->seq += 1;
  
      /* proto detection skipped, but now we do get data. Set event. */
author	Victor Julien <vjulien@oisf.net>
	Fri, 3 Mar 2023 12:02:48 +0000 (13:02 +0100)
committer	Victor Julien <vjulien@oisf.net>
	Wed, 29 Mar 2023 05:08:18 +0000 (07:08 +0200)