decode: prevent segfault on bypass without flow

When using a rule like:
pass ip any any -> any any (msg:"Bypass"; sid:1; rev:1;)

We could get a match even in case of flow exhaustion where the
Packet has no Flow attached.

diff --git a/src/decode.c b/src/decode.c
index 6094c7292468316845401db1f74ba65d95c2ff39..e3773b530cf6b7845ec2f9ac1161d36230ff5791 100644 (file)
--- a/src/decode.c
+++ b/src/decode.c
@@ -399,6 +399,9 @@ void PacketDefragPktSetupParent(Packet *parent)
 
 void PacketBypassCallback(Packet *p)
 {
+    if (p->flow == NULL) {
+        return;
+    }
     /* Don't try to bypass if flow is already out or
      * if we have failed to do it once */
     int state = SC_ATOMIC_GET(p->flow->flow_state);