alert: fixes leak in ThresholdHandlePacketRule

ThresholdHandlePacketRule may take ownership of an allocated
DetectThresholdEntry, and places it in a position of the
array th_entry. But it never got released

(cherry picked from commit 6fadb97d5ded5805745bca02bfb962de975ec122)

diff --git a/src/detect-engine-threshold.c b/src/detect-engine-threshold.c
index 355e1dc35dcb37045ae9b59ec0f7406865ba5f23..1fabcef960d6d561636352b5263e1d27bbb634e7 100644 (file)
--- a/src/detect-engine-threshold.c
+++ b/src/detect-engine-threshold.c
@@ -727,8 +727,14 @@ void ThresholdHashAllocate(DetectEngineCtx *de_ctx)
  */
 void ThresholdContextDestroy(DetectEngineCtx *de_ctx)
 {
-    if (de_ctx->ths_ctx.th_entry != NULL)
+    if (de_ctx->ths_ctx.th_entry != NULL) {
+        for (uint32_t i = 0; i < de_ctx->ths_ctx.th_size; i++) {
+            if (de_ctx->ths_ctx.th_entry[i] != NULL) {
+                SCFree(de_ctx->ths_ctx.th_entry[i]);
+            }
+        }
         SCFree(de_ctx->ths_ctx.th_entry);
+    }
     SCMutexDestroy(&de_ctx->ths_ctx.threshold_table_lock);
 }