From: Victor Julien <victor@inliniac.net>
Date: Thu, 17 Dec 2020 09:54:05 +0000 (+0100)
Subject: stream/tcp: fix async mode ACK validation
X-Git-Tag: suricata-5.0.6~39
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fafcb282d86593f49c54b4665f7d5ddff5b65849;p=thirdparty%2Fsuricata.git

stream/tcp: fix async mode ACK validation

(cherry picked from commit 8aa02c6d15f013f9ce934e440ee073701d3ea502)
---

diff --git a/src/stream-tcp.c b/src/stream-tcp.c
index a99ce68b65..8683af70fc 100644
--- a/src/stream-tcp.c
+++ b/src/stream-tcp.c
@@ -2014,8 +2014,7 @@ static int StreamTcpPacketStateSynRecv(ThreadVars *tv, Packet *p,
 
             if (ssn->flags & STREAMTCP_FLAG_MIDSTREAM) {
                 ssn->server.window = TCP_GET_WINDOW(p);
-                ssn->client.next_win = ssn->server.last_ack +
-                    ssn->server.window;
+                ssn->server.next_win = ssn->server.last_ack + ssn->server.window;
                 /* window scaling for midstream pickups, we can't do much
                  * other than assume that it's set to the max value: 14 */
                 ssn->server.wscale = TCP_WSCALE_MAX;
@@ -5828,6 +5827,11 @@ static inline int StreamTcpValidateAck(TcpSession *ssn, TcpStream *stream, Packe
         SCReturnInt(0);
     }
 
+    /* no further checks possible for ASYNC */
+    if ((ssn->flags & STREAMTCP_FLAG_ASYNC) != 0) {
+        SCReturnInt(0);
+    }
+
     if (ssn->state > TCP_SYN_SENT && SEQ_GT(ack, stream->next_win)) {
         SCLogDebug("ACK %"PRIu32" is after next_win %"PRIu32, ack, stream->next_win);
         goto invalid;