From: Michael Altizer (mialtize) <mialtize@cisco.com>
Date: Wed, 13 Feb 2019 18:55:45 +0000 (-0500)
Subject: Merge pull request #1513 in SNORT/snort3 from ~MIALTIZE/snort3:rebinder to master
X-Git-Tag: 3.0.0-251~44
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8edf29de8d87617c56ee07e10f5a75eb9e3b6e4d;p=thirdparty%2Fsnort3.git

Merge pull request #1513 in SNORT/snort3 from ~MIALTIZE/snort3:rebinder to master

Squashed commit of the following:

commit e3e96a2b0650eb5a9c1970d4f7cbfcfe2709bca3
Author: Michael Altizer <mialtize@cisco.com>
Date:   Mon Feb 11 15:55:24 2019 -0500

    binder: Reset flow gadget and protocol ID on failed rebinding
---

diff --git a/src/network_inspectors/binder/binder.cc b/src/network_inspectors/binder/binder.cc
index 0bc36ee54..a7968aeae 100644
--- a/src/network_inspectors/binder/binder.cc
+++ b/src/network_inspectors/binder/binder.cc
@@ -394,7 +394,7 @@ static void set_service(Flow* flow, const HostAttributeEntry* host)
 
 static Inspector* get_gadget(Flow* flow)
 {
-    if ( !flow->ssn_state.snort_protocol_id )
+    if ( flow->ssn_state.snort_protocol_id == UNKNOWN_PROTOCOL_ID )
         return nullptr;
 
     const char* s = SnortConfig::get_conf()->proto_ref->get_name(flow->ssn_state.snort_protocol_id);
@@ -551,7 +551,7 @@ void Stuff::apply_service(Flow* flow, const HostAttributeEntry* host)
     {
         flow->set_gadget(gadget);
 
-        if ( !flow->ssn_state.snort_protocol_id )
+        if ( flow->ssn_state.snort_protocol_id == UNKNOWN_PROTOCOL_ID )
             flow->ssn_state.snort_protocol_id = gadget->get_service();
     }
 
@@ -718,14 +718,22 @@ void Binder::handle_flow_service_change( Flow* flow )
 
     Inspector* ins = find_gadget(flow);
 
-    if ( ins )
+    if ( flow->gadget != ins )
     {
-        if (flow->gadget != nullptr )
+        if ( flow->gadget )
             flow->clear_gadget();
-        flow->set_gadget(ins);
-        flow->ssn_state.snort_protocol_id = ins->get_service();
+        if ( ins )
+        {
+            flow->set_gadget(ins);
+            flow->ssn_state.snort_protocol_id = ins->get_service();
+        }
+        else
+            flow->ssn_state.snort_protocol_id = UNKNOWN_PROTOCOL_ID;
     }
-    else if ( flow->service )
+
+    // If there is no inspector bound to this flow after the service change, see if there's at least
+    // an associated protocol ID.
+    if ( !ins && flow->service )
         flow->ssn_state.snort_protocol_id = SnortConfig::get_conf()->proto_ref->find(flow->service);
 
     if ( !flow->is_stream() )