DOS Quadratic complexity when having too many transactions
Kind of found by oss-fuzz
This is true for protocols such as MQTT, Modbus or HTTP2, where each packet/PDU has a transaction identifier (called stream for HTTP2), and we loop over our whole list of transactions to find the right one.
Attack si to start many requests, and do not finish them, so that Suricata keeps them.
There may be more protocols