From fe4572663507636070a87f91c2d2388d6857defe Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Thu, 25 Oct 2018 08:27:22 +0200
Subject: [PATCH] stream: don't assume malformed TCP packets

This deep in the stream engine packets are valid, so don't check
for the tcph header in a packet as it confuses scan-build.

Do add a DEBUG_VALIDATE_BUG_ON so in QA we double check.
---
 src/stream-tcp-reassemble.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/stream-tcp-reassemble.c b/src/stream-tcp-reassemble.c
index 20bcc6bdcd..9ba72675bc 100644
--- a/src/stream-tcp-reassemble.c
+++ b/src/stream-tcp-reassemble.c
@@ -1703,6 +1703,9 @@ int StreamTcpReassembleHandleSegment(ThreadVars *tv, TcpReassemblyThreadCtx *ra_
                                      Packet *p, PacketQueue *pq)
 {
     SCEnter();
+
+    DEBUG_VALIDATE_BUG_ON(p->tcph == NULL);
+
     SCLogDebug("ssn %p, stream %p, p %p, p->payload_len %"PRIu16"",
                 ssn, stream, p, p->payload_len);
 
@@ -1722,9 +1725,9 @@ int StreamTcpReassembleHandleSegment(ThreadVars *tv, TcpReassemblyThreadCtx *ra_
         dir = UPDATE_DIR_PACKET;
     } else if (p->flags & PKT_PSEUDO_STREAM_END) {
         dir = UPDATE_DIR_PACKET;
-    } else if (p->tcph && (p->tcph->th_flags & TH_RST)) { // accepted rst
+    } else if (p->tcph->th_flags & TH_RST) { // accepted rst
         dir = UPDATE_DIR_PACKET;
-    } else if (p->tcph && (p->tcph->th_flags & TH_FIN) && ssn->state > TCP_TIME_WAIT) {
+    } else if ((p->tcph->th_flags & TH_FIN) && ssn->state > TCP_TIME_WAIT) {
         dir = UPDATE_DIR_PACKET;
     } else if (ssn->state == TCP_CLOSED) {
         dir = UPDATE_DIR_BOTH;
-- 
2.47.2