Pull request #3173: loggers: Fixing truncated alert_syslog messages

Merge in SNORT/snort3 from ~ALLEWI/snort3:truncated_alert_syslog to master

Squashed commit of the following:

commit 92bbe04935c7fafa61d77c7f109d1e0dc0ff16f9
Author: allewi@cisco.com <allewi@cisco.com>
Date:   Tue Nov 16 10:55:58 2021 -0500

    loggers: Fixing truncated alert_syslog messages

diff --git a/src/loggers/alert_syslog.cc b/src/loggers/alert_syslog.cc
index 3dcfbb3013f49e746127a17ae3748c4882cdcd4c..1ca8426220a181694fe01ef9d9ddb46ffd7da77c 100644 (file)
--- a/src/loggers/alert_syslog.cc
+++ b/src/loggers/alert_syslog.cc
@@ -228,10 +228,8 @@ static void AlertSyslog(
             SnortSnprintfAppend(event_string, sizeof(event_string),
                 "<%s> ", SFDAQ::get_input_spec());
         }
-    }
-    if ((p != nullptr) && p->ptrs.ip_api.is_ip())
-    {
-        IpProtocol ip_proto = p->get_ip_proto_next();
+
+       IpProtocol ip_proto = p->get_ip_proto_next();
         if (protocol_names[to_utype(ip_proto)] != nullptr)
         {
             SnortSnprintfAppend(event_string, sizeof(event_string),
@@ -293,7 +291,7 @@ static void AlertSyslog(
 
         syslog(priority, "%s", event_string);
     }
-    else
+    else if (msg != nullptr)
     {
         syslog(priority, "%s", msg == nullptr ? "ALERT" : msg);
     }