flow-timeout: fix memory errors on flow bypass

For flow bypass, the flow timeout handling is triggered which may
create up to 3 pseudo packets that hold a reference to the flow.
However, in the bypass case the code signaled to the timeout logic
that the flow can be freed unconditionally by returning 1. This
lead to packets going through the engine with a pointer to a now
freed/recycled flow.

This patch fixes the logic by removing the special bypass case,
which seemed redundant anyway. Effectively reverts 68d9677.

Bug #1928.

src/flow-manager.c

@@ -266,15 +266,6 @@ static int FlowManagerFlowTimedOut(Flow *f, struct timeval *ts)
 
     int server = 0, client = 0;
 
-    int state = SC_ATOMIC_GET(f->flow_state);
-    if ((state == FLOW_STATE_LOCAL_BYPASSED) ||
-            (state == FLOW_STATE_CAPTURE_BYPASSED)) {
-        if (FlowForceReassemblyNeedReassembly(f, &server, &client) == 1) {
-            FlowForceReassemblyForFlow(f, server, client);
-        }
-        return 1;
-    }
-
     if (!(f->flags & FLOW_TIMEOUT_REASSEMBLY_DONE) &&
             FlowForceReassemblyNeedReassembly(f, &server, &client) == 1) {
         FlowForceReassemblyForFlow(f, server, client);