Actions
Bug #7552
closed
AD
PA
app-layer: misdetection if response is seen first without request
Bug #7552:
app-layer: misdetection if response is seen first without request
Description
Transaction gets cleaned by AppLayerParserTransactionsCleanup before detection is run in the to_client direction when stream.midstream=true and first packet is to client dir.
Found in: https://github.com/OISF/suricata-verify/pull/2282
The next step is find a pcap to reproduce the bug
OT Updated by OISF Ticketbot about 1 year ago
- Subtask #7553 added
OT Updated by OISF Ticketbot about 1 year ago
- Label deleted (
Needs backport to 7.0)
AD Updated by Alice da Silva Akaki about 1 year ago
- Affected Versions 7.0.8, git main added
- Label Needs backport to 7.0 added
OT Updated by OISF Ticketbot about 1 year ago
- Label deleted (
Needs backport to 7.0)
AD Updated by Alice da Silva Akaki about 1 year ago
S-V tests that indicate the bug
https://github.com/OISF/suricata-verify/pull/2292
SB Updated by Shivani Bhardwaj about 1 year ago
- Subject changed from detect: flags not set to client dir if midsteam==true and 1st packet to client to applayer: misdetection if response is seen first without request
PA Updated by Philippe Antoine about 1 year ago
- Status changed from New to In Review
- Assignee changed from OISF Dev to Philippe Antoine
PA Updated by Philippe Antoine about 1 year ago
- Status changed from In Review to Resolved
PA Updated by Philippe Antoine about 1 year ago
- Status changed from Resolved to Closed
VJ Updated by Victor Julien about 1 year ago
- Subject changed from applayer: misdetection if response is seen first without request to app-layer: misdetection if response is seen first without request
Actions