From: Eric Leblond <el@stamus-networks.com>
Date: Mon, 20 Jun 2022 19:13:31 +0000 (+0200)
Subject: flow: add function to say if there is gap
X-Git-Tag: suricata-7.0.0-beta1~112
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f9faff5c4cc03904fdfdf001af7b2701aa0deeb7;p=thirdparty%2Fsuricata.git

flow: add function to say if there is gap
---

diff --git a/src/flow.c b/src/flow.c
index 9f4d145084..3bad4bba37 100644
--- a/src/flow.c
+++ b/src/flow.c
@@ -187,6 +187,23 @@ int FlowHasAlerts(const Flow *f)
     return 0;
 }
 
+bool FlowHasGaps(const Flow *f, uint8_t way)
+{
+    if (f->proto == IPPROTO_TCP) {
+        TcpSession *ssn = (TcpSession *)f->protoctx;
+        if (ssn != NULL) {
+            if (way == STREAM_TOCLIENT) {
+                if (ssn->server.flags & STREAMTCP_STREAM_FLAG_HAS_GAP)
+                    return 1;
+            } else {
+                if (ssn->client.flags & STREAMTCP_STREAM_FLAG_HAS_GAP)
+                    return 1;
+            }
+        }
+    }
+    return 0;
+}
+
 /** \brief Set flag to indicate to change proto for the flow
  *
  * \param f flow
diff --git a/src/flow.h b/src/flow.h
index a4ecf78358..a238ff0b99 100644
--- a/src/flow.h
+++ b/src/flow.h
@@ -568,6 +568,7 @@ void FlowShutdown(void);
 void FlowSetIPOnlyFlag(Flow *, int);
 void FlowSetHasAlertsFlag(Flow *);
 int FlowHasAlerts(const Flow *);
+bool FlowHasGaps(const Flow *, uint8_t way);
 void FlowSetChangeProtoFlag(Flow *);
 void FlowUnsetChangeProtoFlag(Flow *);
 int FlowChangeProto(Flow *);