From 0d5fd0f6580682b30628b9f1abf02e478b1eda94 Mon Sep 17 00:00:00 2001
From: Eric Leblond <eric@regit.org>
Date: Tue, 17 Jan 2017 12:59:51 -0800
Subject: [PATCH] util-file: fix error logic in hash computation

This patch fixes an issue with hash computation resulting in the
invalidity of at least one hash when at least two different hashes
functions were used.

Impact was setting as `force-hash: [md5, sha256]` not to be valid.
Also it could lead to false negative if too different hash functions
had to be used on a single file due to signatures.
---
 src/util-file.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/util-file.c b/src/util-file.c
index 8a79fcbdeb..a327f13935 100644
--- a/src/util-file.c
+++ b/src/util-file.c
@@ -574,19 +574,23 @@ int FileAppendData(FileContainer *ffc, const uint8_t *data, uint32_t data_len)
 
     if (FileStoreNoStoreCheck(ffc->tail) == 1) {
 #ifdef HAVE_NSS
+        int hash_done = 0;
         /* no storage but forced hashing */
         if (ffc->tail->md5_ctx) {
             HASH_Update(ffc->tail->md5_ctx, data, data_len);
-            SCReturnInt(0);
+            hash_done = 1;
         }
         if (ffc->tail->sha1_ctx) {
             HASH_Update(ffc->tail->sha1_ctx, data, data_len);
-            SCReturnInt(0);
+            hash_done = 1;
         }
         if (ffc->tail->sha256_ctx) {
             HASH_Update(ffc->tail->sha256_ctx, data, data_len);
-            SCReturnInt(0);
+            hash_done = 1;
         }
+
+        if (hash_done)
+            SCReturnInt(0);
 #endif
         if (g_file_force_tracking || (!(ffc->tail->flags & FILE_NOTRACK)))
             SCReturnInt(0);