From: Philippe Antoine <contact@catenacyber.fr>
Date: Thu, 17 Dec 2020 20:48:54 +0000 (+0100)
Subject: modbus: stop allocating transactions when flooded
X-Git-Tag: suricata-5.0.6~6
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=013117bc6319c427b31624c9d9c1e7f3dc45fa3b;p=thirdparty%2Fsuricata.git

modbus: stop allocating transactions when flooded

cf #4224

(cherry picked from commit 89030d3e59e23d4850ac9a7db5763c3d4d4fd537)
---

diff --git a/src/app-layer-modbus.c b/src/app-layer-modbus.c
index e026e333fc..42c5c08ddf 100644
--- a/src/app-layer-modbus.c
+++ b/src/app-layer-modbus.c
@@ -342,6 +342,13 @@ static ModbusTransaction *ModbusTxFindByTransaction(const ModbusState   *modbus,
 static ModbusTransaction *ModbusTxAlloc(ModbusState *modbus) {
     ModbusTransaction *tx;
 
+    /* Check flood limit */
+    if ((request_flood != 0) && (modbus->unreplied_cnt >= request_flood)) {
+        ModbusSetEvent(modbus, MODBUS_DECODER_EVENT_FLOODED);
+        modbus->givenup = 1;
+        return NULL;
+    }
+
     tx = (ModbusTransaction *) SCCalloc(1, sizeof(ModbusTransaction));
     if (unlikely(tx == NULL))
         return NULL;
@@ -349,12 +356,6 @@ static ModbusTransaction *ModbusTxAlloc(ModbusState *modbus) {
     modbus->transaction_max++;
     modbus->unreplied_cnt++;
 
-    /* Check flood limit */
-    if ((request_flood != 0) && (modbus->unreplied_cnt > request_flood)) {
-        ModbusSetEvent(modbus, MODBUS_DECODER_EVENT_FLOODED);
-        modbus->givenup = 1;
-    }
-
     modbus->curr = tx;
 
     SCLogDebug("modbus->transaction_max updated to %"PRIu64, modbus->transaction_max);