From: Philippe Antoine <contact@catenacyber.fr>
Date: Fri, 8 Apr 2022 13:15:23 +0000 (+0200)
Subject: detect: config checks alstate before getting tx
X-Git-Tag: suricata-7.0.0-beta1~746
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dccf2e4c30b968477d9cc7e7a86b64b97893831c;p=thirdparty%2Fsuricata.git

detect: config checks alstate before getting tx

Ticket: 4972

As is done in detect-lua-extensions.
We can have a flow with alproto unknown, no state, and therefore
cannot run AppLayerParserGetTx which could try to run a NULL
function
---

diff --git a/src/detect-config.c b/src/detect-config.c
index 0f06b9a66b..dfd39998dd 100644
--- a/src/detect-config.c
+++ b/src/detect-config.c
@@ -89,6 +89,9 @@ void DetectConfigRegister(void)
 static void ConfigApplyTx(Flow *f,
         const uint64_t tx_id, const DetectConfigData *config)
 {
+    if (f->alstate == NULL) {
+        return;
+    }
     void *tx = AppLayerParserGetTx(f->proto, f->alproto, f->alstate, tx_id);
     if (tx) {
         AppLayerTxData *txd = AppLayerParserGetTxData(f->proto, f->alproto, tx);