bypass: af-packet: fix memory leak - reassign of EBPFBypassData

AF-Packet bypass function in some situations allocates EBPF bypass data
for an already bypassed flow and assigns it to the flow without any checks

Issue: #5368

diff --git a/src/source-af-packet.c b/src/source-af-packet.c
index bda8b2acc0b29395f1963d66ddbed24d18a32b2d..dfa9f8e5422f8f10bb5fd7db7ddae4913553343f 100644 (file)
--- a/src/source-af-packet.c
+++ b/src/source-af-packet.c
@@ -2133,6 +2133,12 @@ static int AFPSetFlowStorage(Packet *p, int map_fd, void *key0, void* key1,
 {
     FlowBypassInfo *fc = FlowGetStorageById(p->flow, GetFlowBypassInfoID());
     if (fc) {
+        if (fc->bypass_data != NULL) {
+            // bypass already activated
+            SCFree(key0);
+            SCFree(key1);
+            return 1;
+        }
         EBPFBypassData *eb = SCCalloc(1, sizeof(EBPFBypassData));
         if (eb == NULL) {
             EBPFDeleteKey(map_fd, key0);