Actions
Bug #7552
closedapplayer: misdetection if response is seen first without request
Affected Versions:
Effort:
Difficulty:
Label:
Description
Transaction gets cleaned by AppLayerParserTransactionsCleanup before detection is run in the to_client direction when stream.midstream=true and first packet is to client dir.
Found in: https://github.com/OISF/suricata-verify/pull/2282
The next step is find a pcap to reproduce the bug
Updated by OISF Ticketbot about 1 month ago
- Label deleted (
Needs backport to 7.0)
Updated by Alice da Silva Akaki about 1 month ago
- Affected Versions 7.0.8, git master added
- Label Needs backport to 7.0 added
Updated by OISF Ticketbot about 1 month ago
- Label deleted (
Needs backport to 7.0)
Updated by Alice da Silva Akaki about 1 month ago
S-V tests that indicate the bug
https://github.com/OISF/suricata-verify/pull/2292
Updated by Shivani Bhardwaj about 1 month ago
- Subject changed from detect: flags not set to client dir if midsteam==true and 1st packet to client to applayer: misdetection if response is seen first without request
Updated by Philippe Antoine 29 days ago
- Status changed from New to In Review
- Assignee changed from OISF Dev to Philippe Antoine
Updated by Philippe Antoine 19 days ago
- Status changed from In Review to Resolved
Actions