detect: only apply ConfigApplyTx with app-layers

Ticket: 4972 Otherwise, it makes no sense to look for a tx...
victorjulien · Mar 4, 2022 · c3a2206 · c3a2206
1 parent e5838b8
commit c3a2206
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 0 deletions.
diff --git a/src/detect-config.c b/src/detect-config.c
@@ -288,6 +288,10 @@ static int DetectConfigSetup (DetectEngineCtx *de_ctx, Signature *s, const char
         fd->scope = CONFIG_SCOPE_TX;
     }
 
+    if (fd->scope == CONFIG_SCOPE_TX) {
+        s->flags |= SIG_FLAG_APPLAYER;
+    }
+
     sm->ctx = (SigMatchCtx*)fd;
     SigMatchAppendSMToList(s, sm, DETECT_SM_LIST_POSTMATCH);
 

diff --git a/src/detect-engine-build.c b/src/detect-engine-build.c
@@ -33,6 +33,7 @@
 #include "detect-dsize.h"
 #include "detect-tcp-flags.h"
 #include "detect-flow.h"
+#include "detect-config.h"
 #include "detect-flowbits.h"
 
 #include "util-profiling.h"
@@ -560,6 +561,13 @@ static int SignatureCreateMask(Signature *s)
             case DETECT_ENGINE_EVENT:
                 s->mask |= SIG_MASK_REQUIRE_ENGINE_EVENT;
                 break;
+            case DETECT_CONFIG: {
+                DetectConfigData *fd = (DetectConfigData *)sm->ctx;
+                if (fd->scope == CONFIG_SCOPE_FLOW) {
+                    s->mask |= SIG_MASK_REQUIRE_FLOW;
+                }
+                break;
+            }
         }
     }