From 39570d8d0500a4a5fe8a9e9bc1aef406e8a7d4f4 Mon Sep 17 00:00:00 2001
From: Jason Ish <jason.ish@oisf.net>
Date: Wed, 4 May 2022 13:18:09 -0600
Subject: [PATCH] rules: use primary default-rule-path if set on command line

When reloading rules, respect `--set default-rule-path=...` from the
command line if set.

Previously the rule reload would always take the default-rule-path from
the configuration file, even if overrided on the command line.

Issue: #1911
(cherry picked from commit 3ea6572e22d9ffcb26d9d408a91a3c0a5291c847)
---
 src/detect-engine-loader.c | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/detect-engine-loader.c b/src/detect-engine-loader.c
index 99364a0a24..f83dbc076f 100644
--- a/src/detect-engine-loader.c
+++ b/src/detect-engine-loader.c
@@ -68,11 +68,17 @@ char *DetectLoadCompleteSigPath(const DetectEngineCtx *de_ctx, const char *sig_f
         return NULL;
     }
 
-    if (strlen(de_ctx->config_prefix) > 0) {
+    /* If we have a configuration prefix, only use it if the primary configuration node
+     * is not marked as final, as that means it was provided on the command line with
+     * a --set. */
+    ConfNode *default_rule_path = ConfGetNode("default-rule-path");
+    if ((!default_rule_path || !default_rule_path->final) && strlen(de_ctx->config_prefix) > 0) {
         snprintf(varname, sizeof(varname), "%s.default-rule-path",
                 de_ctx->config_prefix);
-    } else {
-        snprintf(varname, sizeof(varname), "default-rule-path");
+        default_rule_path = ConfGetNode(varname);
+    }
+    if (default_rule_path) {
+        defaultpath = default_rule_path->val;
     }
 
     /* Path not specified */
-- 
2.47.2