From 5c83716dcbf1707dfa7f5a76b57606a9af0fc5b9 Mon Sep 17 00:00:00 2001 From: Eric Leblond Date: Fri, 24 May 2019 23:37:49 +0200 Subject: [PATCH] decode: prevent segfault on bypass without flow When using a rule like: pass ip any any -> any any (msg:"Bypass"; sid:1; rev:1;) We could get a match even in case of flow exhaustion where the Packet has no Flow attached. --- src/decode.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/decode.c b/src/decode.c index 6094c72924..e3773b530c 100644 --- a/src/decode.c +++ b/src/decode.c @@ -399,6 +399,9 @@ void PacketDefragPktSetupParent(Packet *parent) void PacketBypassCallback(Packet *p) { + if (p->flow == NULL) { + return; + } /* Don't try to bypass if flow is already out or * if we have failed to do it once */ int state = SC_ATOMIC_GET(p->flow->flow_state); -- 2.47.2