From 68cc53d18836200946ec5ed451783ec0184e53f5 Mon Sep 17 00:00:00 2001
From: Mats Klepsland <mats.klepsland@gmail.com>
Date: Sat, 25 Aug 2018 21:50:05 +0200
Subject: [PATCH] app-layer-ssl: make sure that JA3 stuff is only initialized
 once

Avoid possible memory leaks by making sure that JA3 buffer and
string is only initialized once.
---
 src/app-layer-ssl.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/app-layer-ssl.c b/src/app-layer-ssl.c
index 7ee33798d6..42c306730a 100644
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@@ -560,7 +560,7 @@ static inline int TLSDecodeHSHelloVersion(SSLState *ssl_state,
     }
 
     if ((ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) &&
-            ssl_config.enable_ja3) {
+            ssl_config.enable_ja3 && ssl_state->ja3_str == NULL) {
         uint16_t version = *input << 8 | *(input + 1);
 
         ssl_state->ja3_str = Ja3BufferInit();
@@ -1096,7 +1096,7 @@ static int TLSDecodeHandshakeHello(SSLState *ssl_state,
         goto end;
 
     if ((ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) &&
-            ssl_config.enable_ja3) {
+            ssl_config.enable_ja3 && ssl_state->ja3_hash == NULL) {
         ssl_state->ja3_hash = Ja3GenerateHash(ssl_state->ja3_str);
     }