smb2: skip rest of READ response if status is not success

author Victor Julien <victor@inliniac.net>

Mon, 13 Aug 2018 14:53:43 +0000 (16:53 +0200)

committer Victor Julien <victor@inliniac.net>

Sat, 6 Oct 2018 13:10:20 +0000 (15:10 +0200)
author Victor Julien <victor@inliniac.net>
Mon, 13 Aug 2018 14:53:43 +0000 (16:53 +0200)
committer Victor Julien <victor@inliniac.net>
Sat, 6 Oct 2018 13:10:20 +0000 (15:10 +0200)
diff --git a/rust/src/smb/smb2.rs b/rust/src/smb/smb2.rs

index fd843c88cfd4ed6adea39a82564b8c88a406826f..67d0d970daf28d8e63724d9a71ae0ca209c323a5 100644 (file)
--- a/rust/src/smb/smb2.rs
+++ b/rust/src/smb/smb2.rs
@@ -116,12 +116,14 @@ pub fn smb2_read_response_record<'b>(state: &mut SMBState, r: &Smb2Record<'b>)
  {
      smb2_read_response_record_generic(state, r);
  
-    if r.nt_status != SMB_NTSTATUS_SUCCESS {
-        return;
-    }
-
      match parse_smb2_response_read(r.data) {
          IResult::Done(_, rd) => {
+            if r.nt_status != SMB_NTSTATUS_SUCCESS {
+                SCLogDebug!("SMBv2: read response error code received: skip record");
+                state.set_skip(STREAM_TOCLIENT, rd.len, rd.data.len() as u32);
+                return;
+            }
+
              SCLogDebug!("SMBv2: read response => {:?}", rd);
  
              // get the request info. If we don't have it, there is nothing
author	Victor Julien <victor@inliniac.net>
	Mon, 13 Aug 2018 14:53:43 +0000 (16:53 +0200)
committer	Victor Julien <victor@inliniac.net>
	Sat, 6 Oct 2018 13:10:20 +0000 (15:10 +0200)