ftp: fix reply without request

Permit picking up any reply w/o a request. Observed unsolicited server
messages before connection termination.

Previously the code assumed that this could only happen on connection
start when there was no previously recorded command.

diff --git a/src/app-layer-ftp.c b/src/app-layer-ftp.c
index 26c0f99300a5080f6c98b232010dd623af42bc78..b8c62b866b6d319f6646b77443e3b53879fde791 100644 (file)
--- a/src/app-layer-ftp.c
+++ b/src/app-layer-ftp.c
@@ -752,24 +752,21 @@ static int FTPParseResponse(Flow *f, void *ftp_state, AppLayerParserState *pstat
 {
     FtpState *state = (FtpState *)ftp_state;
     int retcode = 1;
-    FTPTransaction *tx;
 
-    if (state->command == FTP_COMMAND_UNKNOWN) {
-        if (unlikely(input_len == 0)) {
-            return 1;
-        }
+    if (unlikely(input_len == 0)) {
+        return 1;
+    }
 
-        tx = FTPGetOldestTx(state);
-        if (tx == NULL) {
-            tx = FTPTransactionCreate(state);
-        }
-        if (unlikely(tx == NULL)) {
-            return -1;
-        }
+    FTPTransaction *tx = FTPGetOldestTx(state);
+    if (tx == NULL) {
+        tx = FTPTransactionCreate(state);
+    }
+    if (unlikely(tx == NULL)) {
+        return -1;
+    }
+    if (state->command == FTP_COMMAND_UNKNOWN || tx->command_descriptor == NULL) {
         /* unknown */
         tx->command_descriptor = &FtpCommands[FTP_COMMAND_MAX -1];
-    } else {
-        tx = FTPGetOldestTx(state);
     }
 
     state->curr_tx = tx;