]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
stream: harden tcp reuse check against RST/FIN
authorVictor Julien <vjulien@oisf.net>
Fri, 3 Mar 2023 12:30:55 +0000 (13:30 +0100)
committerVictor Julien <vjulien@oisf.net>
Wed, 29 Mar 2023 05:08:18 +0000 (07:08 +0200)
(cherry picked from commit 64fb4066cfafbaf7157ad9bfca1e541d1a8ff76c)

src/stream-tcp.c

index e1f9a895d48ae0679d9c15a27b6eb88665d45594..b895bcd4727205cbe6088d5e100a69cd7d587e25 100644 (file)
@@ -5292,6 +5292,10 @@ static inline int StreamTcpValidateChecksum(Packet *p)
  *  \retval bool true/false */
 static int TcpSessionPacketIsStreamStarter(const Packet *p)
 {
+    if (p->tcph->th_flags & (TH_RST | TH_FIN)) {
+        return 0;
+    }
+
     if ((p->tcph->th_flags & (TH_SYN | TH_ACK)) == TH_SYN) {
         SCLogDebug("packet %"PRIu64" is a stream starter: %02x", p->pcap_cnt, p->tcph->th_flags);
         return 1;