From dd015669c7e553491110e5698555116ea3028d00 Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Thu, 30 Nov 2017 08:04:48 +0100
Subject: [PATCH] detect/flowint: harden code

Make sure packet has a flow.

Related to bug #2288.
---
 src/detect-flowint.c | 3 +++
 src/flow-var.c       | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/src/detect-flowint.c b/src/detect-flowint.c
index ec99de2732..a322c8d0dd 100644
--- a/src/detect-flowint.c
+++ b/src/detect-flowint.c
@@ -95,6 +95,9 @@ int DetectFlowintMatch(ThreadVars *t, DetectEngineThreadCtx *det_ctx,
     uint32_t targetval;
     int ret = 0;
 
+    if (p->flow == NULL)
+        return 0;
+
     /** ATM If we are going to compare the current var with another
      * that doesn't exist, the default value will be zero;
      * if you don't want this behaviour, you can use the keyword
diff --git a/src/flow-var.c b/src/flow-var.c
index 96b3ad3a84..963eb4d6a3 100644
--- a/src/flow-var.c
+++ b/src/flow-var.c
@@ -53,6 +53,9 @@ static void FlowVarUpdateInt(FlowVar *fv, uint32_t value)
  */
 FlowVar *FlowVarGet(Flow *f, uint16_t idx)
 {
+    if (f == NULL)
+        return NULL;
+
     GenericVar *gv = f->flowvar;
 
     for ( ; gv != NULL; gv = gv->next) {