From: Philippe Antoine Date: Mon, 13 Sep 2021 10:18:34 +0000 (+0200) Subject: detect: fixes InspectionBuffer id with transforms X-Git-Tag: suricata-7.0.0-beta1~1239 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c3339c853e3b35d896db68644ee7557fb725da18;p=thirdparty%2Fsuricata.git detect: fixes InspectionBuffer id with transforms When InspectionBufferGet gets called with base_id Later InspectionBufferSetup must also be called with base_id In case there were transforms, we had base_id != list_id Not calling InspectionBufferSetup with the right id resulted in leaving a dangling pointer, because it was not added to det_ctx->inspect.to_clear_queue Bug: #4681. --- diff --git a/src/detect-file-data.c b/src/detect-file-data.c index 4ec99bd968..515bc4e9d9 100644 --- a/src/detect-file-data.c +++ b/src/detect-file-data.c @@ -366,7 +366,7 @@ static InspectionBuffer *HttpServerBodyGetDataCallback(DetectEngineThreadCtx *de StreamingBufferGetDataAtOffset(body->sb, &data, &data_len, offset); - InspectionBufferSetup(det_ctx, list_id, buffer, data, data_len); + InspectionBufferSetup(det_ctx, base_id, buffer, data, data_len); buffer->inspect_offset = offset; body->body_inspected = body->content_len_so_far; SCLogDebug("body->body_inspected now: %" PRIu64, body->body_inspected); diff --git a/src/detect-http-client-body.c b/src/detect-http-client-body.c index 617f179a60..8fe1802bf6 100644 --- a/src/detect-http-client-body.c +++ b/src/detect-http-client-body.c @@ -284,7 +284,7 @@ static InspectionBuffer *HttpRequestBodyGetDataCallback(DetectEngineThreadCtx *d StreamingBufferGetDataAtOffset(body->sb, &data, &data_len, offset); - InspectionBufferSetup(det_ctx, list_id, buffer, data, data_len); + InspectionBufferSetup(det_ctx, base_id, buffer, data, data_len); buffer->inspect_offset = offset; body->body_inspected = body->content_len_so_far; SCLogDebug("body->body_inspected now: %" PRIu64, body->body_inspected);