engine/analyzer: check if file pointer exists before writing

de_ctx->ea->fp_engine_analysis_fp is only initialized if
engine-analysis.rules-fast-pattern is enabled in the configuration. If
this config param is missing, this leads to segfault.

Bug 7822

diff --git a/src/detect-engine-analyzer.c b/src/detect-engine-analyzer.c
index 98eb1b95589858090d4a39d1e1f48f7a80423294..c6c3b2759617426e6c27a1aca45ad7fe33a6aa6b 100644 (file)
--- a/src/detect-engine-analyzer.c
+++ b/src/detect-engine-analyzer.c
@@ -622,12 +622,14 @@ static void EngineAnalysisRulesPrintFP(const DetectEngineCtx *de_ctx, const Sign
 void EngineAnalysisRulesFailure(
         const DetectEngineCtx *de_ctx, const char *line, const char *file, int lineno)
 {
-    fprintf(de_ctx->ea->fp_engine_analysis_fp, "== Sid: UNKNOWN ==\n");
-    fprintf(de_ctx->ea->fp_engine_analysis_fp, "%s\n", line);
-    fprintf(de_ctx->ea->fp_engine_analysis_fp, "    FAILURE: invalid rule.\n");
-    fprintf(de_ctx->ea->fp_engine_analysis_fp, "    File: %s.\n", file);
-    fprintf(de_ctx->ea->fp_engine_analysis_fp, "    Line: %d.\n", lineno);
-    fprintf(de_ctx->ea->fp_engine_analysis_fp, "\n");
+    if (de_ctx->ea->fp_engine_analysis_fp) {
+        fprintf(de_ctx->ea->fp_engine_analysis_fp, "== Sid: UNKNOWN ==\n");
+        fprintf(de_ctx->ea->fp_engine_analysis_fp, "%s\n", line);
+        fprintf(de_ctx->ea->fp_engine_analysis_fp, "    FAILURE: invalid rule.\n");
+        fprintf(de_ctx->ea->fp_engine_analysis_fp, "    File: %s.\n", file);
+        fprintf(de_ctx->ea->fp_engine_analysis_fp, "    Line: %d.\n", lineno);
+        fprintf(de_ctx->ea->fp_engine_analysis_fp, "\n");
+    }
 }
 
 typedef struct RuleAnalyzer {