detect: fix continue detection with amatch and tx

When using AMATCH, continue detection would fail if the tx part
had already run. This lead to start detection rerunning, causing
multiple alerts for the same issue.

diff --git a/src/detect-engine-state.c b/src/detect-engine-state.c
index 5b0f3d64bbbba2d5d924934d6d7942df4d03169b..2ca789afa7fd19ccd22afa2e4852d5eb6cbae3b0 100644 (file)
--- a/src/detect-engine-state.c
+++ b/src/detect-engine-state.c
@@ -528,14 +528,11 @@ void DeStateDetectContinueDetection(ThreadVars *tv, DetectEngineCtx *de_ctx,
         inspect_tx_id = AppLayerParserGetTransactionInspectId(f->alparser, flags);
         total_txs = AppLayerParserGetTxCnt(f->proto, alproto, alstate);
         inspect_tx = AppLayerParserGetTx(f->proto, alproto, alstate, inspect_tx_id);
-        if (inspect_tx == NULL) {
-            FLOWLOCK_UNLOCK(f);
-            SCMutexUnlock(&f->de_state_m);
-            return;
-        }
-        if (AppLayerParserGetStateProgress(f->proto, alproto, inspect_tx, flags) >=
-            AppLayerParserGetStateProgressCompletionStatus(f->proto, alproto, flags)) {
-            reset_de_state = 1;
+        if (inspect_tx != NULL) {
+            if (AppLayerParserGetStateProgress(f->proto, alproto, inspect_tx, flags) >=
+                    AppLayerParserGetStateProgressCompletionStatus(f->proto, alproto, flags)) {
+                reset_de_state = 1;
+            }
         }
         FLOWLOCK_UNLOCK(f);
         alproto_supports_txs = 1;