app-layer: do not try to parse gaps during protocol change

As this will leak the flow alstate because AppLayerParserParse
relies on FlowChangeProto to know if it should allocate a new
alstate

diff --git a/src/app-layer.c b/src/app-layer.c
index c5940e098ff42dc9e2d2450e649bb95afd691867..4c4a65cc22cad128734d13cb002f62d29062de76 100644 (file)
--- a/src/app-layer.c
+++ b/src/app-layer.c
@@ -618,6 +618,11 @@ int AppLayerHandleTCPData(ThreadVars *tv, TcpReassemblyThreadCtx *ra_ctx,
                 goto failure;
             }
         }
+        if (FlowChangeProto(f)) {
+            FlowUnsetChangeProtoFlag(f);
+            SCLogDebug("Cannot handle gap while changing protocol");
+            goto failure;
+        }
         PACKET_PROFILING_APP_START(app_tctx, f->alproto);
         r = AppLayerParserParse(tv, app_tctx->alp_tctx, f, f->alproto,
                 flags, data, data_len);