From 823f6b35d05b7ecc0218d2de788ba8970096891c Mon Sep 17 00:00:00 2001
From: Jeff Lucovsky <jeff@lucovsky.org>
Date: Mon, 23 Sep 2019 19:43:14 -0400
Subject: [PATCH] filestore: Validate stream-depth when non-zero

Make sure that configured non-zero values for stream-depth are
greater than stream_config.depth
---
 src/output-filestore.c | 15 ++++++++++++---
 src/util-error.c       |  1 +
 src/util-error.h       |  1 +
 3 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/src/output-filestore.c b/src/output-filestore.c
index bf2abf1d15..832ecfd12b 100644
--- a/src/output-filestore.c
+++ b/src/output-filestore.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2018 Open Information Security Foundation
+/* Copyright (C) 2018-2020 Open Information Security Foundation
  *
  * You can copy, redistribute or modify this Program under the terms of
  * the GNU General Public License version 2 as published by the Free
@@ -17,6 +17,7 @@
 
 #include "suricata-common.h"
 
+#include "stream-tcp.h"
 #include "app-layer-parser.h"
 #include "app-layer-htp.h"
 #include "app-layer-htp-xff.h"
@@ -493,8 +494,16 @@ static OutputInitResult OutputFilestoreLogInitCtx(ConfNode *conf)
                        "from conf file - %s.  Killing engine",
                        stream_depth_str);
             exit(EXIT_FAILURE);
-        } else {
-            FileReassemblyDepthEnable(stream_depth);
+        }
+        if (stream_depth) {
+            if (stream_depth <= stream_config.reassembly_depth) {
+                SCLogWarning(SC_WARN_FILESTORE_CONFIG,
+                           "file-store.stream-depth value %" PRIu32 " has "
+                           "no effect since it's less than stream.reassembly.depth "
+                           "value.", stream_depth);
+            } else {
+                FileReassemblyDepthEnable(stream_depth);
+            }
         }
     }
 
diff --git a/src/util-error.c b/src/util-error.c
index 66339a5625..bc56addd8d 100644
--- a/src/util-error.c
+++ b/src/util-error.c
@@ -371,6 +371,7 @@ const char * SCErrorToString(SCError err)
         CASE_CODE (SC_ERR_ERF_BAD_RLEN);
         CASE_CODE (SC_WARN_ERSPAN_CONFIG);
         CASE_CODE (SC_WARN_HASSH_DISABLED);
+        CASE_CODE (SC_WARN_FILESTORE_CONFIG);
 
         CASE_CODE (SC_ERR_MAX);
     }
diff --git a/src/util-error.h b/src/util-error.h
index 8bc18b83f7..6df9c20faf 100644
--- a/src/util-error.h
+++ b/src/util-error.h
@@ -361,6 +361,7 @@ typedef enum {
     SC_ERR_ERF_BAD_RLEN,
     SC_WARN_ERSPAN_CONFIG,
     SC_WARN_HASSH_DISABLED,
+    SC_WARN_FILESTORE_CONFIG,
 
     SC_ERR_MAX
 } SCError;
-- 
2.47.2