From: Victor Julien <victor@inliniac.net>
Date: Wed, 21 Oct 2020 18:22:50 +0000 (+0200)
Subject: stream: harden data size handling
X-Git-Tag: suricata-6.0.1~94
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=27c9280735c28a380e5b9c0b30e841fabb934e02;p=thirdparty%2Fsuricata.git

stream: harden data size handling
---

diff --git a/src/stream-tcp-reassemble.c b/src/stream-tcp-reassemble.c
index 8b195b6d16..80de222e32 100644
--- a/src/stream-tcp-reassemble.c
+++ b/src/stream-tcp-reassemble.c
@@ -1043,11 +1043,10 @@ static inline uint32_t AdjustToAcked(const Packet *p,
     /* get window of data that is acked */
     if (StreamTcpInlineMode() == FALSE) {
         SCLogDebug("ssn->state %s", StreamTcpStateAsString(ssn->state));
-        if ((ssn->state < TCP_CLOSED ||
-                    (ssn->state == TCP_CLOSED &&
-                     (ssn->flags & STREAMTCP_FLAG_CLOSED_BY_RST) != 0)) &&
-                (p->flags & PKT_PSEUDO_STREAM_END))
-        {
+        if (data_len == 0 || ((ssn->state < TCP_CLOSED ||
+                                      (ssn->state == TCP_CLOSED &&
+                                              (ssn->flags & STREAMTCP_FLAG_CLOSED_BY_RST) != 0)) &&
+                                     (p->flags & PKT_PSEUDO_STREAM_END))) {
             // fall through, we use all available data
         } else {
             uint64_t last_ack_abs = STREAM_BASE_OFFSET(stream);