Fix crash in AppLayer Proto Detect

The App Proto Detect code would use the wrong pattern count to
index a results array, leading to SEGVs.

Bug #1080.

diff --git a/src/app-layer-detect-proto.c b/src/app-layer-detect-proto.c
index 9e6079d7683b90bfe1904101138ef72ea50cf8fe..d190abfefa0d5efa77c42618d91a8631f9711001 100644 (file)
--- a/src/app-layer-detect-proto.c
+++ b/src/app-layer-detect-proto.c
@@ -244,7 +244,10 @@ static uint16_t AppLayerProtoDetectPMGetProto(AppLayerProtoDetectThreadCtx *tctx
     uint8_t pm_results_bf[(ALPROTO_MAX / 8) + 1];
     memset(pm_results_bf, 0, sizeof(pm_results_bf));
 
-    for (cnt = 0; cnt < search_cnt; cnt++) {
+    /* loop through unique pattern id's. Can't use search_cnt here,
+     * as that contains all matches, tctx->pmq.pattern_id_array_cnt
+     * contains only *unique* matches. */
+    for (cnt = 0; cnt < tctx->pmq.pattern_id_array_cnt; cnt++) {
         AppLayerProtoDetectPMSignature *s = pm_ctx->map[tctx->pmq.pattern_id_array[cnt]];
         while (s != NULL) {
             uint16_t proto = AppLayerProtoDetectPMMatchSignature(s, buf, searchlen, ipproto);