OISF · victorjulien · May 26, 2024 · May 26, 2024 · Jun 3, 2024 · Nov 12, 2023
diff --git a/.github/workflows/builds.yml b/.github/workflows/builds.yml
@@ -613,94 +613,6 @@ jobs:
       - run: make clean
       - run: make -j ${{ env.CPUS }}
 
-  centos-stream8:
-    name: CentOS Stream 8
-    runs-on: ubuntu-latest
-    container: quay.io/centos/centos:stream8
-    needs: [prepare-deps, debian-12-dist]
-    steps:
-      # Cache Rust stuff.
-      - name: Cache cargo registry
-        uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2
-        with:
-          path: ~/.cargo
-          key: ${{ github.job }}-cargo
-
-      - name: Cache RPMs
-        uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2
-        with:
-          path: /var/cache/dnf
-          key: ${{ github.job }}-dnf
-      - run: echo "keepcache=1" >> /etc/dnf/dnf.conf
-
-      - name: Determine number of CPUs
-        run: echo CPUS=$(nproc --all) >> $GITHUB_ENV
-
-      - name: Install system packages
-        run: |
-          dnf -y install dnf-plugins-core epel-release
-          dnf config-manager --set-enabled powertools
-          dnf -y install \
-                autoconf \
-                automake \
-                diffutils \
-                numactl-devel \
-                dpdk-devel \
-                file-devel \
-                gcc \
-                gcc-c++ \
-                git \
-                jansson-devel \
-                jq \
-                libtool \
-                libyaml-devel \
-                libnfnetlink-devel \
-                libnetfilter_queue-devel \
-                libnet-devel \
-                libcap-ng-devel \
-                libevent-devel \
-                libmaxminddb-devel \
-                libpcap-devel \
-                libtool \
-                lz4-devel \
-                make \
-                pcre2-devel \
-                pkgconfig \
-                python3-devel \
-                python3-yaml \
-                rust-toolset \
-                sudo \
-                which \
-                zlib-devel
-      - name: Download suricata.tar.gz
-        uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e
-        with:
-          name: dist
-      - run: tar zxvf suricata-*.tar.gz --strip-components=1
-      - name: ./configure
-        run: CFLAGS="${DEFAULT_CFLAGS}" ./configure
-      - run: make -j ${{ env.CPUS }}
-      - run: make install
-      - run: make install-conf
-      - run: suricatasc -h
-      - run: suricata-update -V
-      - name: Check if Suricata-Update example configuration files are installed
-        run: |
-          test -e /usr/local/lib/suricata/python/suricata/update/configs/disable.conf
-          test -e /usr/local/lib/suricata/python/suricata/update/configs/drop.conf
-          test -e /usr/local/lib/suricata/python/suricata/update/configs/enable.conf
-          test -e /usr/local/lib/suricata/python/suricata/update/configs/modify.conf
-          test -e /usr/local/lib/suricata/python/suricata/update/configs/threshold.in
-          test -e /usr/local/lib/suricata/python/suricata/update/configs/update.yaml
-      - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e
-        with:
-          name: prep
-          path: prep
-      - run: tar xf prep/suricata-verify.tar.gz
-      - run: python3 ./suricata-verify/run.py -q --debug-failed
-      - run: suricata-update -V
-      - run: suricatasc -h
-
   fedora-39-sv-codecov:
     name: Fedora 39 (Suricata Verify codecov)
     runs-on: ubuntu-latest

diff --git a/src/app-layer-frames.c b/src/app-layer-frames.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 2007-2022 Open Information Security Foundation
+/* Copyright (C) 2007-2024 Open Information Security Foundation
  *
  * You can copy, redistribute or modify this Program under the terms of
  * the GNU General Public License version 2 as published by the Free
@@ -83,6 +83,32 @@ static void FrameDebug(const char *prefix, const Frames *frames, const Frame *fr
 #endif
 }
 
+/**
+ * \note "open" means a frame that has no length set (len == -1)
+ * \todo perhaps we can search backwards */
+Frame *FrameGetLastOpenByType(Frames *frames, const uint8_t frame_type)
+{
+    Frame *candidate = NULL;
+
+    SCLogDebug(
+            "frames %p cnt %u, looking for last of type %" PRIu8, frames, frames->cnt, frame_type);
+    for (uint16_t i = 0; i < frames->cnt; i++) {
+        if (i < FRAMES_STATIC_CNT) {
+            Frame *frame = &frames->sframes[i];
+            FrameDebug("get_by_id(static)", frames, frame);
+            if (frame->type == frame_type && frame->len == -1)
+                candidate = frame;
+        } else {
+            const uint16_t o = i - FRAMES_STATIC_CNT;
+            Frame *frame = &frames->dframes[o];
+            FrameDebug("get_by_id(dynamic)", frames, frame);
+            if (frame->type == frame_type && frame->len == -1)
+                candidate = frame;
+        }
+    }
+    return candidate;
+}
+
 Frame *FrameGetById(Frames *frames, const int64_t id)
 {
     SCLogDebug("frames %p cnt %u, looking for %" PRIi64, frames, frames->cnt, id);
@@ -427,7 +453,7 @@ Frame *AppLayerFrameNewByPointer(Flow *f, const StreamSlice *stream_slice,
     if (f->proto == IPPROTO_TCP && f->protoctx == NULL)
         return NULL;
     if (frame_start < stream_slice->input ||
-            frame_start >= stream_slice->input + stream_slice->input_len)
+            frame_start > stream_slice->input + stream_slice->input_len)
         return NULL;
 #endif
     BUG_ON(frame_start < stream_slice->input);
@@ -666,6 +692,27 @@ Frame *AppLayerFrameGetById(Flow *f, const int dir, const FrameId frame_id)
     return FrameGetById(frames, frame_id);
 }
 
+Frame *AppLayerFrameGetLastOpenByType(Flow *f, const int dir, const uint8_t frame_type)
+{
+    if (!(FrameConfigTypeIsEnabled(f->alproto, frame_type)))
+        return NULL;
+
+    FramesContainer *frames_container = AppLayerFramesGetContainer(f);
+    SCLogDebug("get frame_type %" PRIu8 " direction %u/%s frames_container %p", frame_type, dir,
+            dir == 0 ? "toserver" : "toclient", frames_container);
+    if (frames_container == NULL)
+        return NULL;
+
+    Frames *frames;
+    if (dir == 0) {
+        frames = &frames_container->toserver;
+    } else {
+        frames = &frames_container->toclient;
+    }
+    SCLogDebug("frames %p", frames);
+    return FrameGetLastOpenByType(frames, frame_type);
+}
+
 static inline bool FrameIsDone(const Frame *frame, const uint64_t abs_right_edge)
 {
     /* frame with negative length means we don't know the size yet. */

diff --git a/src/app-layer-frames.h b/src/app-layer-frames.h
@@ -88,9 +88,13 @@ void AppLayerFrameDump(Flow *f);
 
 Frame *FrameGetByIndex(Frames *frames, const uint32_t idx);
 Frame *FrameGetById(Frames *frames, const int64_t id);
+Frame *FrameGetLastOpenByType(Frames *frames, const uint8_t frame_type);
 
 Frame *AppLayerFrameGetById(Flow *f, const int direction, const FrameId frame_id);
+Frame *AppLayerFrameGetLastOpenByType(Flow *f, const int direction, const uint8_t frame_type);
+
 FrameId AppLayerFrameGetId(Frame *r);
+
 void AppLayerFrameAddEvent(Frame *frame, uint8_t e);
 void AppLayerFrameAddEventById(Flow *f, const int dir, const FrameId id, uint8_t e);
 void AppLayerFrameSetLength(Frame *frame, int64_t len);