From: Antoine LUONG <antoine.luong@c-s.fr>
Date: Tue, 20 Feb 2018 15:36:13 +0000 (+0100)
Subject: prelude: fix duplicated analyzer in Prelude alert
X-Git-Tag: suricata-4.1.0-beta1~11
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=caa2903f1fd543a89ee4edb3b6e90a2f22c9bbbf;p=thirdparty%2Fsuricata.git

prelude: fix duplicated analyzer in Prelude alert
---

diff --git a/src/alert-prelude.c b/src/alert-prelude.c
index 00d4e379af..dd56a90674 100644
--- a/src/alert-prelude.c
+++ b/src/alert-prelude.c
@@ -1005,6 +1005,7 @@ static int PreludePrintStreamSegmentCallback(const Packet *p, void *data, const
  */
 static TmEcode AlertPreludeThreadInit(ThreadVars *t, const void *initdata, void **data)
 {
+    int ret;
     AlertPreludeThread *aun;
 
     SCEnter();
@@ -1024,7 +1025,8 @@ static TmEcode AlertPreludeThreadInit(ThreadVars *t, const void *initdata, void
     aun->ctx = ((OutputCtx *)initdata)->data;
 
     /* Create a per-thread idmef analyzer */
-    if (unlikely(idmef_analyzer_new(&aun->analyzer) < 0)) {
+    ret = idmef_analyzer_clone(prelude_client_get_analyzer(aun->ctx->client), &aun->analyzer);
+    if (unlikely(ret < 0)) {
         SCLogError(SC_ERR_INITIALIZATION,
                    "Error creating idmef analyzer for Prelude.");
 
@@ -1032,16 +1034,6 @@ static TmEcode AlertPreludeThreadInit(ThreadVars *t, const void *initdata, void
         SCReturnInt(TM_ECODE_FAILED);
     }
 
-    /* Setup the per-thread idmef analyzer */
-    if (unlikely(SetupAnalyzer(aun->analyzer) < 0)) {
-        SCLogError(SC_ERR_INITIALIZATION,
-                   "Error configuring idmef analyzer for Prelude.");
-
-        idmef_analyzer_destroy(aun->analyzer);
-        SCFree(aun);
-        SCReturnInt(TM_ECODE_FAILED);
-    }
-
     *data = (void *)aun;
     SCReturnInt(TM_ECODE_OK);
 }