detect/alert: directly increment alerts.discarded

In the unlikely case of AlertQueueExpand failure, we were incrementing
the discarded alerts stats in AlertQueueAppend via the Packet member in the
DetectEngineThreadCtx, which may not be initialized yet.

Bug #5353

(cherry picked from commit 28ac75b50594f464949c036bbb34ceff759bdc9c)

diff --git a/src/detect-engine-alert.c b/src/detect-engine-alert.c
index 9cc7006f31480b0147aa245736a571882b564108..5cc98b0ec1d281e72dd7784ad1007e6fbf92f920 100644 (file)
--- a/src/detect-engine-alert.c
+++ b/src/detect-engine-alert.c
@@ -266,7 +266,7 @@ void AlertQueueAppend(DetectEngineThreadCtx *det_ctx, const Signature *s, Packet
         /* we must grow the alert queue */
         if (pos == AlertQueueExpand(det_ctx)) {
             /* this means we failed to expand the queue */
-            det_ctx->p->alerts.discarded++;
+            p->alerts.discarded++;
             return;
         }
     }