From: Davis McPherson (davmcphe) Date: Sat, 18 Jul 2020 12:07:01 +0000 (+0000) Subject: Merge pull request #2337 in SNORT/snort3 from ~DAVMCPHE/snort3:meta-ack-bugfix to... X-Git-Tag: 3.0.2-3~19 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2c5be924ea0c1761a167c346d003656ee0556131;p=thirdparty%2Fsnort3.git Merge pull request #2337 in SNORT/snort3 from ~DAVMCPHE/snort3:meta-ack-bugfix to master Squashed commit of the following: commit facdc89e9bc8937a7cd33d4063dc0a9a50fbdf58 Author: davis mcpherson Date: Wed Jul 15 16:20:24 2020 -0400 stream_tcp: when clearing a session during meta-ack processing pass a nullptr as the Packet* parameter --- diff --git a/src/stream/tcp/tcp_state_closed.cc b/src/stream/tcp/tcp_state_closed.cc index 582d593f6..575e69e82 100644 --- a/src/stream/tcp/tcp_state_closed.cc +++ b/src/stream/tcp/tcp_state_closed.cc @@ -143,7 +143,7 @@ bool TcpStateClosed::do_post_sm_packet_actions(TcpSegmentDescriptor& tsd, TcpStr { // The last ACK is a part of the session. Delete the session after processing is // complete. - trk.session->clear_session(false, true, false, tsd.get_pkt() ); + trk.session->clear_session(false, true, false, tsd.is_meta_ack_packet() ? nullptr : tsd.get_pkt() ); flow->session_state |= STREAM_STATE_CLOSED; trk.session->set_pkt_action_flag(ACTION_LWSSN_CLOSED); } diff --git a/src/stream/tcp/tcp_state_closing.cc b/src/stream/tcp/tcp_state_closing.cc index 132585fce..22c5b3ee7 100644 --- a/src/stream/tcp/tcp_state_closing.cc +++ b/src/stream/tcp/tcp_state_closing.cc @@ -136,7 +136,7 @@ bool TcpStateClosing::do_post_sm_packet_actions(TcpSegmentDescriptor& tsd, TcpSt ( trk.session->get_listener_state(tsd) == TcpStreamTracker::TCP_TIME_WAIT ) ) { Flow* flow = tsd.get_flow(); - trk.session->clear_session(false, true, false, tsd.get_pkt() ); + trk.session->clear_session(false, true, false, tsd.is_meta_ack_packet() ? nullptr : tsd.get_pkt() ); flow->session_state |= STREAM_STATE_CLOSED; trk.session->set_pkt_action_flag(ACTION_LWSSN_CLOSED); } diff --git a/src/stream/tcp/tcp_state_last_ack.cc b/src/stream/tcp/tcp_state_last_ack.cc index 2f1f54dcb..c779edcec 100644 --- a/src/stream/tcp/tcp_state_last_ack.cc +++ b/src/stream/tcp/tcp_state_last_ack.cc @@ -134,9 +134,8 @@ bool TcpStateLastAck::do_post_sm_packet_actions(TcpSegmentDescriptor& tsd, TcpSt if ( ( talker_state == TcpStreamTracker::TCP_TIME_WAIT ) || ( talker_state == TcpStreamTracker::TCP_CLOSED ) ) { - // The last ACK is a part of the session. Delete the session after processing is - // complete. - trk.session->clear_session(false, true, false, tsd.get_pkt() ); + // The last ACK is a part of the session. Delete session after processing the ack + trk.session->clear_session(false, true, false, tsd.is_meta_ack_packet() ? nullptr : tsd.get_pkt() ); flow->session_state |= STREAM_STATE_CLOSED; trk.session->set_pkt_action_flag(ACTION_LWSSN_CLOSED); } diff --git a/src/stream/tcp/tcp_state_time_wait.cc b/src/stream/tcp/tcp_state_time_wait.cc index 679d1153d..2787bae09 100644 --- a/src/stream/tcp/tcp_state_time_wait.cc +++ b/src/stream/tcp/tcp_state_time_wait.cc @@ -120,7 +120,7 @@ bool TcpStateTimeWait::do_post_sm_packet_actions(TcpSegmentDescriptor& tsd, TcpS { // The last ACK is a part of the session. Delete the session after processing is // complete. - trk.session->clear_session(false, true, false, tsd.get_pkt() ); + trk.session->clear_session(false, true, false, tsd.is_meta_ack_packet() ? nullptr : tsd.get_pkt() ); flow->session_state |= STREAM_STATE_CLOSED; trk.session->set_pkt_action_flag(ACTION_LWSSN_CLOSED); }