From 4c4b1de1681c33d79647112d23fce15b157b6b79 Mon Sep 17 00:00:00 2001
From: Lukas Sismis <lukas.sismis@gmail.com>
Date: Fri, 20 May 2022 21:33:38 +0200
Subject: [PATCH] bypass: fix memory leak - reassign of FlowBypassInfo

In some situations bypass callback is called on already bypassed
flow. This allocates FlowBypassInfo structure for the flow but
does not check if the flow already has one.

Issue: #5368
(cherry picked from commit 05797c45bb5bb8b23a7af3dea2aa794c6f33e02d)
---
 src/decode.c | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/src/decode.c b/src/decode.c
index 749609bf2c..fa1e3735b1 100644
--- a/src/decode.c
+++ b/src/decode.c
@@ -446,11 +446,17 @@ void PacketBypassCallback(Packet *p)
                 (state == FLOW_STATE_CAPTURE_BYPASSED)) {
             return;
         }
-        FlowBypassInfo *fc = SCCalloc(sizeof(FlowBypassInfo), 1);
-        if (fc) {
-            FlowSetStorageById(p->flow, GetFlowBypassInfoID(), fc);
-        } else {
-            return;
+
+        FlowBypassInfo *fc;
+
+        fc = FlowGetStorageById(p->flow, GetFlowBypassInfoID());
+        if (fc == NULL) {
+            fc = SCCalloc(sizeof(FlowBypassInfo), 1);
+            if (fc) {
+                FlowSetStorageById(p->flow, GetFlowBypassInfoID(), fc);
+            } else {
+                return;
+            }
         }
     }
     if (p->BypassPacketsFlow && p->BypassPacketsFlow(p)) {
-- 
2.47.2