detect/urilen: fix applying urilen as depth

If urilen induced depth was set, later DetectContentPropagateLimits()
would apply a wrong depth setting, leading to a false negative in
some cases.

Bug: #5929.
(cherry picked from commit ba7db2583b0d96627d3088dd3d89b69ad21ff757)

diff --git a/src/detect-urilen.c b/src/detect-urilen.c
index 0a507840ec865be17367637cbc32344b88108c4c..efe0afe26d63a0bc9d13c3fe4f0810e60cd0e40d 100644 (file)
--- a/src/detect-urilen.c
+++ b/src/detect-urilen.c
@@ -336,6 +336,7 @@ void DetectUrilenApplyToContent(Signature *s, int list)
 
         if (cd->depth == 0 || cd->depth > high) {
             cd->depth = (uint16_t)high;
+            cd->flags |= DETECT_CONTENT_DEPTH;
             SCLogDebug("updated %u, content %u to have depth %u "
                     "because of urilen.", s->id, cd->id, cd->depth);
         }