From: Juliana Fajardini <jufajardini@gmail.com>
Date: Mon, 9 May 2022 14:24:18 +0000 (-0300)
Subject: detect/alert: directly increment alerts.discarded
X-Git-Tag: suricata-6.0.6~57
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b3070b8ba915e43b5b0e535ad71ebbf29877036f;p=thirdparty%2Fsuricata.git

detect/alert: directly increment alerts.discarded

In the unlikely case of AlertQueueExpand failure, we were incrementing
the discarded alerts stats in AlertQueueAppend via the Packet member in the
DetectEngineThreadCtx, which may not be initialized yet.

Bug #5353

(cherry picked from commit 28ac75b50594f464949c036bbb34ceff759bdc9c)
---

diff --git a/src/detect-engine-alert.c b/src/detect-engine-alert.c
index 9cc7006f31..5cc98b0ec1 100644
--- a/src/detect-engine-alert.c
+++ b/src/detect-engine-alert.c
@@ -266,7 +266,7 @@ void AlertQueueAppend(DetectEngineThreadCtx *det_ctx, const Signature *s, Packet
         /* we must grow the alert queue */
         if (pos == AlertQueueExpand(det_ctx)) {
             /* this means we failed to expand the queue */
-            det_ctx->p->alerts.discarded++;
+            p->alerts.discarded++;
             return;
         }
     }