[PATCH 1/4] dnp3: check done state, not complete state for progress

Complete is a flag used to tell if the message was completely parsed,
as not all messages may be completely parsed if we don't know all
their objects. However, they are still "done".

In the alstate-progress callback, check the done flag, not the
complete flag.

Ticket: #8181
(cherry picked from commit d61eef9a8a0d92921989479de15e5cbfec3251a9)

Origin: upstream, https://github.com/OISF/suricata/commit/63225d5f8ef64cc65164c0bb1800730842d54942.patch
Bug: https://redmine.openinfosecfoundation.org/issues/8181
Subject: Upstream fix for CVE-2026-22259 part 1

Gbp-Pq: Name CVE-2026-22259_1.patch

diff --git a/src/app-layer-dnp3.c b/src/app-layer-dnp3.c
index 26422cb18021ab4a9f0bae4e601adc5577c117f6..4f210f036a505f10a84d97e7496f38c466d7223b 100644 (file)
--- a/src/app-layer-dnp3.c
+++ b/src/app-layer-dnp3.c
@@ -1436,7 +1436,7 @@ static int DNP3GetAlstateProgress(void *tx, uint8_t direction)
         SCReturnInt(1);
     }
 
-    if (dnp3tx->complete)
+    if (dnp3tx->done)
         retval = 1;
 
     SCReturnInt(retval);