From 3c9a135c0f2cab5df1942f0e52d206d4f7ed1e1f Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Wed, 26 Feb 2014 07:19:19 +0100
Subject: [PATCH] isdataat: fix coverity issue

During keyword setup there was a path that in theory could lead to
indexing an array with a negative int.

Coverity 400608
---
 src/detect-isdataat.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/detect-isdataat.c b/src/detect-isdataat.c
index a62a5331d9..cb754bcc77 100644
--- a/src/detect-isdataat.c
+++ b/src/detect-isdataat.c
@@ -257,7 +257,7 @@ int DetectIsdataatSetup (DetectEngineCtx *de_ctx, Signature *s, char *isdataatst
 
     idad = DetectIsdataatParse(isdataatstr, &offset);
     if (idad == NULL)
-        goto end;
+        return -1;
 
     int sm_list;
     if (s->list != DETECT_SM_LIST_NOTSET) {
@@ -365,8 +365,11 @@ int DetectIsdataatSetup (DetectEngineCtx *de_ctx, Signature *s, char *isdataatst
                                              DETECT_ISDATAAT, s->sm_lists_tail[DETECT_SM_LIST_HRHHDMATCH]);
         if (prev_pm == NULL)
             sm_list = DETECT_SM_LIST_PMATCH;
-        else
+        else {
             sm_list = SigMatchListSMBelongsTo(s, prev_pm);
+            if (sm_list < 0)
+                goto end;
+        }
     } else {
         sm_list = DETECT_SM_LIST_PMATCH;
     }
@@ -411,6 +414,8 @@ int DetectIsdataatSetup (DetectEngineCtx *de_ctx, Signature *s, char *isdataatst
     ret = 0;
 
 end:
+    if (ret != 0)
+        DetectIsdataatFree(idad);
     return ret;
 }
 
-- 
2.47.2