Pull request #3656: stream: avoid double deletion of StreamSplitter in tcp_session

Merge in SNORT/snort3 from ~VHORBATO/snort3:stream_bug to master

Squashed commit of the following:

commit 9d52b64858fff1873db2710897e0a8e5032956d1
Author: Vitalii <vhorbato@cisco.com>
Date:   Fri Nov 11 11:02:09 2022 +0200

    wizard: remove inspector's ref counter increments from MagicSplitter

commit c3ca8620aefd3a2800102d37241c88309f192924
Author: Vitalii <vhorbato@cisco.com>
Date:   Fri Nov 11 11:01:07 2022 +0200

    stream: remove splitter from session before inspectors

commit 44301b945ec9c77e11121e022b6cab941f7cbbd5
Author: Vitalii <vhorbato@cisco.com>
Date:   Fri Nov 4 11:59:06 2022 +0200

    stream: set splitter only on initialized tcp sessions or if midstream sessions are allowed

diff --git a/src/service_inspectors/wizard/wizard.cc b/src/service_inspectors/wizard/wizard.cc
index 4407d2afe0d3779264b973bcd4552a33d6756999..81d32945da37aca8ff67653e214467c434be4beb 100644 (file)
--- a/src/service_inspectors/wizard/wizard.cc
+++ b/src/service_inspectors/wizard/wizard.cc
@@ -169,15 +169,12 @@ MagicSplitter::MagicSplitter(bool c2s, class Wizard* w) :
     StreamSplitter(c2s), wizard_processed_bytes(0)
 {
     wizard = w;
-    w->add_ref();
     // Used only in case of TCP traffic
     w->reset(wand, c2s, MagicBook::ArcaneType::TCP);
 }
 
 MagicSplitter::~MagicSplitter()
 {
-    wizard->rem_ref();
-
     // release trackers
     for ( unsigned i = 0; i < wand.curse_tracker.size(); i++ )
         delete wand.curse_tracker[i].tracker;

diff --git a/src/stream/tcp/tcp_session.cc b/src/stream/tcp/tcp_session.cc
index e52073768f99b654190f3eaf57d0822dacd7c3c2..7e42d7effeb6d98239c081bee94cfc4eac5827db 100644 (file)
--- a/src/stream/tcp/tcp_session.cc
+++ b/src/stream/tcp/tcp_session.cc
@@ -191,6 +191,9 @@ void TcpSession::clear_session(bool free_flow_data, bool flush_segments, bool re
 
     update_perf_base_state(TcpStreamTracker::TCP_CLOSED);
 
+    set_splitter(true, nullptr);
+    set_splitter(false, nullptr);
+
     if ( restart )
     {
         flow->restart(free_flow_data);
@@ -204,9 +207,6 @@ void TcpSession::clear_session(bool free_flow_data, bool flush_segments, bool re
         server.reassembler.clear_paf();
     }
 
-    set_splitter(true, nullptr);
-    set_splitter(false, nullptr);
-
     tel.log_internal_event(SESSION_EVENT_CLEAR);
 }
 
@@ -1041,7 +1041,8 @@ void TcpSession::precheck(Packet* p)
 
 void TcpSession::init_tcp_packet_analysis(TcpSegmentDescriptor& tsd)
 {
-    if ( !splitter_init and tsd.is_data_segment() )
+    if ( !splitter_init and tsd.is_data_segment() and
+        (tcp_init or is_midstream_allowed(tsd)) )
     {
         if ( !(tcp_config->flags & STREAM_CONFIG_NO_REASSEMBLY) )
         {