From: Juliana Fajardini <jufajardini@gmail.com>
Date: Mon, 9 May 2022 14:24:18 +0000 (-0300)
Subject: detect/alert: directly increment alerts.discarded
X-Git-Tag: suricata-7.0.0-beta1~586
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=28ac75b50594f464949c036bbb34ceff759bdc9c;p=thirdparty%2Fsuricata.git

detect/alert: directly increment alerts.discarded

In the unlikely case of AlertQueueExpand failure, we were incrementing
the discarded alerts stats in AlertQueueAppend via the Packet member in the
DetectEngineThreadCtx, which may not be initialized yet.

Bug #5353
---

diff --git a/src/detect-engine-alert.c b/src/detect-engine-alert.c
index 98fe24c2dc..359c224de9 100644
--- a/src/detect-engine-alert.c
+++ b/src/detect-engine-alert.c
@@ -268,7 +268,7 @@ void AlertQueueAppend(DetectEngineThreadCtx *det_ctx, const Signature *s, Packet
         /* we must grow the alert queue */
         if (pos == AlertQueueExpand(det_ctx)) {
             /* this means we failed to expand the queue */
-            det_ctx->p->alerts.discarded++;
+            p->alerts.discarded++;
             return;
         }
     }