From: Victor Julien <victor@inliniac.net>
Date: Thu, 30 Nov 2017 07:04:48 +0000 (+0100)
Subject: detect/flowint: harden code
X-Git-Tag: suricata-4.0.2~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ef9eb18182af9159c8d9a5569adff11c5349d169;p=thirdparty%2Fsuricata.git

detect/flowint: harden code

Make sure packet has a flow.

Related to bug #2288.
---

diff --git a/src/detect-flowint.c b/src/detect-flowint.c
index eda0f17774..2f5f5af92b 100644
--- a/src/detect-flowint.c
+++ b/src/detect-flowint.c
@@ -95,6 +95,9 @@ int DetectFlowintMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx,
     uint32_t targetval;
     int ret = 0;
 
+    if (p->flow == NULL)
+        return 0;
+
     /** ATM If we are going to compare the current var with another
      * that doesn't exist, the default value will be zero;
      * if you don't want this behaviour, you can use the keyword
diff --git a/src/flow-var.c b/src/flow-var.c
index d4506b9b03..a92358f271 100644
--- a/src/flow-var.c
+++ b/src/flow-var.c
@@ -53,6 +53,9 @@ static void FlowVarUpdateInt(FlowVar *fv, uint32_t value)
  */
 FlowVar *FlowVarGetByKey(Flow *f, const uint8_t *key, uint16_t keylen)
 {
+    if (f == NULL)
+        return NULL;
+
     GenericVar *gv = f->flowvar;
 
     for ( ; gv != NULL; gv = gv->next) {
@@ -74,6 +77,9 @@ FlowVar *FlowVarGetByKey(Flow *f, const uint8_t *key, uint16_t keylen)
  */
 FlowVar *FlowVarGet(Flow *f, uint32_t idx)
 {
+    if (f == NULL)
+        return NULL;
+
     GenericVar *gv = f->flowvar;
 
     for ( ; gv != NULL; gv = gv->next) {