Pull request #3983: stream_tcp: ensure all data segments after a zero window are...

Merge in SNORT/snort3 from ~JALIIMRA/snort3:sfcn_zw_block to master

Squashed commit of the following:

commit f9831f17611dfbed4c4ff20717272e7ab26c66f9
Author: Juweria Ali Imran <jaliimra@cisco.com>
Date:   Mon Sep 4 14:30:19 2023 -0400

    stream_tcp: ensure all data segments after a zero window are blocked when NAP is inline

diff --git a/src/stream/tcp/tcp_session.cc b/src/stream/tcp/tcp_session.cc
index 75e4a3f1e220e79c90f1b8b335cc778bc807bc4a..43b4f238c5f56a44eda9de3a1ee838d9b7d59d7c 100644 (file)
--- a/src/stream/tcp/tcp_session.cc
+++ b/src/stream/tcp/tcp_session.cc
@@ -475,7 +475,8 @@ int TcpSession::process_tcp_data(TcpSegmentDescriptor& tsd)
             }
             else
             {
-                listener->normalizer.trim_win_payload(tsd);
+                bool force = (tsd.is_nap_policy_inline() && listener->get_iss());
+                listener->normalizer.trim_win_payload(tsd, 0, force);
                 return STREAM_UNALIGNED;
             }
         }
@@ -506,7 +507,8 @@ int TcpSession::process_tcp_data(TcpSegmentDescriptor& tsd)
             if (tsd.get_len() == ZERO_WIN_PROBE_LEN)
                 tcpStats.zero_win_probes++;
 
-            listener->normalizer.trim_win_payload(tsd);
+            bool force = (tsd.is_nap_policy_inline() && listener->get_iss());
+            listener->normalizer.trim_win_payload(tsd, 0, force);
             return STREAM_UNALIGNED;
         }
         if ( tsd.is_data_segment() )