app-layer-ssl: make sure that JA3 stuff is only initialized once

Avoid possible memory leaks by making sure that JA3 buffer and string is only initialized once.
7 years ago · 68cc53d188
parent 5ec2f6e7b3
commit 68cc53d188
1 changed files with 2 additions and 2 deletions
--- a/src/app-layer-ssl.c
+++ b/src/app-layer-ssl.c
@ -560,7 +560,7 @@ static inline int TLSDecodeHSHelloVersion(SSLState *ssl_state,
    }

    if ((ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) &&
-            ssl_config.enable_ja3) {
+            ssl_config.enable_ja3 && ssl_state->ja3_str == NULL) {
        uint16_t version = *input << 8 | *(input + 1);

        ssl_state->ja3_str = Ja3BufferInit();
@ -1096,7 +1096,7 @@ static int TLSDecodeHandshakeHello(SSLState *ssl_state,
        goto end;

    if ((ssl_state->current_flags & SSL_AL_FLAG_STATE_CLIENT_HELLO) &&
-            ssl_config.enable_ja3) {
+            ssl_config.enable_ja3 && ssl_state->ja3_hash == NULL) {
        ssl_state->ja3_hash = Ja3GenerateHash(ssl_state->ja3_str);
    }