From: Shivani Bhardwaj <shivani@oisf.net>
Date: Fri, 26 Apr 2024 07:29:41 +0000 (+0530)
Subject: tls/random: fix incorrect direction handling
X-Git-Tag: suricata-8.0.0-beta1~1412
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=14e2c579f6a0dd75e9b03b5a319613d3f23d3833;p=thirdparty%2Fsuricata.git

tls/random: fix incorrect direction handling

The connp objects were incorrectly set per direction leading to
incorrect matches on respective directions.

Bug 6989
---

diff --git a/src/detect-tls-random.c b/src/detect-tls-random.c
index b8af73490a..2dd5871aea 100644
--- a/src/detect-tls-random.c
+++ b/src/detect-tls-random.c
@@ -218,9 +218,9 @@ static InspectionBuffer *GetRandomTimeData(DetectEngineThreadCtx *det_ctx,
         const uint32_t data_len = DETECT_TLS_RANDOM_TIME_LEN;
         const uint8_t *data;
         if (flow_flags & STREAM_TOSERVER) {
-            data = ssl_state->server_connp.random;
-        } else {
             data = ssl_state->client_connp.random;
+        } else {
+            data = ssl_state->server_connp.random;
         }
         InspectionBufferSetup(det_ctx, list_id, buffer, data, data_len);
         InspectionBufferApplyTransforms(buffer, transforms);
@@ -245,9 +245,9 @@ static InspectionBuffer *GetRandomBytesData(DetectEngineThreadCtx *det_ctx,
         const uint32_t data_len = DETECT_TLS_RANDOM_BYTES_LEN;
         const uint8_t *data;
         if (flow_flags & STREAM_TOSERVER) {
-            data = ssl_state->server_connp.random + DETECT_TLS_RANDOM_TIME_LEN;
-        } else {
             data = ssl_state->client_connp.random + DETECT_TLS_RANDOM_TIME_LEN;
+        } else {
+            data = ssl_state->server_connp.random + DETECT_TLS_RANDOM_TIME_LEN;
         }
         InspectionBufferSetup(det_ctx, list_id, buffer, data, data_len);
         InspectionBufferApplyTransforms(buffer, transforms);
@@ -272,9 +272,9 @@ static InspectionBuffer *GetRandomData(DetectEngineThreadCtx *det_ctx,
         const uint32_t data_len = TLS_RANDOM_LEN;
         const uint8_t *data;
         if (flow_flags & STREAM_TOSERVER) {
-            data = ssl_state->server_connp.random;
-        } else {
             data = ssl_state->client_connp.random;
+        } else {
+            data = ssl_state->server_connp.random;
         }
         InspectionBufferSetup(det_ctx, list_id, buffer, data, data_len);
         InspectionBufferApplyTransforms(buffer, transforms);