aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix filestore match code not expecting NULL file ptr.

Browse Source
remotes/origin/master-1.2.x
Victor Julien 13 years ago
parent a65eb59c41
commit 679b8ec1ba
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File

10
src/detect-filestore.c
Unescape Escape View File

@ -253,14 +253,22 @@ int DetectFilestorePostMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx, Pack
int DetectFilestoreMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Flow *f,
uint8_t flags, void *state, Signature *s, SigMatch *m)
{
uint16_t file_id = 0;
SCEnter();
if (det_ctx->filestore_cnt > DETECT_FILESTORE_MAX) {
SCReturnInt(1);
}
/* file can be NULL when a rule with filestore scope > file
* matches. */
File *file = (File *)state;
if (file != NULL) {
file_id = file->file_id;
}
det_ctx->filestore[det_ctx->filestore_cnt].file_id = file->file_id;
det_ctx->filestore[det_ctx->filestore_cnt].file_id = file_id;
det_ctx->filestore[det_ctx->filestore_cnt].tx_id = det_ctx->tx_id;
SCLogDebug("%u, file %u, tx %u", det_ctx->filestore_cnt,

Write Preview
Loading…
Cancel
Save