From 042f8063623e205d194e9367f23472eb77c985b6 Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Mon, 18 Mar 2019 10:34:03 +0100
Subject: [PATCH] detect: fix match array reset

Fix match array reset depending on prefilter matches for the
current run. If there were none, the match array of the previous
packet was used. This could lead to inspection of rules from the
wrong rule group.
---
 src/detect.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/detect.c b/src/detect.c
index c83d318dbf..427e7f87d2 100644
--- a/src/detect.c
+++ b/src/detect.c
@@ -237,7 +237,6 @@ static inline void DetectPrefilterMergeSort(DetectEngineCtx *de_ctx,
                                             DetectEngineThreadCtx *det_ctx)
 {
     SigIntId mpm, nonmpm;
-    det_ctx->match_array_cnt = 0;
     SigIntId *mpm_ptr = det_ctx->pmq.rule_id_array;
     SigIntId *nonmpm_ptr = det_ctx->non_pf_id_array;
     uint32_t m_cnt = det_ctx->pmq.rule_id_array_cnt;
@@ -922,6 +921,7 @@ static DetectRunScratchpad DetectRunSetup(
     det_ctx->filestore_cnt = 0;
     det_ctx->base64_decoded_len = 0;
     det_ctx->raw_stream_progress = 0;
+    det_ctx->match_array_cnt = 0;
 
 #ifdef DEBUG
     if (p->flags & PKT_STREAM_ADD) {