From: Victor Julien <victor@inliniac.net>
Date: Mon, 30 Nov 2015 14:46:15 +0000 (+0100)
Subject: smtp: improve handling of bad traffic
X-Git-Tag: suricata-3.0RC2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=260841827f5a7404365be17fdf7e064a05dc2c83;p=thirdparty%2Fsuricata.git

smtp: improve handling of bad traffic

No longer fail tracking the SMTP stream when a unexpected reply is
encountered.

Do not store the unexpected reply.
---

diff --git a/src/app-layer-smtp.c b/src/app-layer-smtp.c
index cd0a732e1e..61ac4ec645 100644
--- a/src/app-layer-smtp.c
+++ b/src/app-layer-smtp.c
@@ -887,12 +887,14 @@ static int SMTPProcessReply(SMTPState *state, Flow *f,
                 state->parser_state |= SMTP_PARSER_STATE_FIRST_REPLY_SEEN;
             if (reply_code == SMTP_REPLY_220)
                 SCReturnInt(0);
-            else
+            else {
                 SMTPSetEvent(state, SMTP_DECODER_EVENT_INVALID_REPLY);
+                SCReturnInt(0);
+            }
         } else {
             /* decoder event - unable to match reply with request */
             SCLogDebug("unable to match reply with request");
-            SCReturnInt(-1);
+            SCReturnInt(0);
         }
     }