Suricata

As reported on oisf-devel:

Observed 2 segmentation faults while using Suricata. The traffic used for the test was a (large) merged pcap of multiple pcaps available on pcapr.net.
Although that pcap cannot be retrieved and shared, I have noted some preliminary GDB analysis that might help identify the issues.

1) Segmentation fault occurred at "libhtp/htp/htp_response_generic.c" 279L
Code: size_t len = bstr_len(tx->response_line);

(gdb) p tx->response_line
$24 = (bstr *) 0x0
(gdb) p tx->response_line.ptr
Cannot access memory at 0x0
Macro bstr_len tried to dereference a NULL pointer (response_line)

2) Segmentation fault occurred at "src/detect-http-method.c" 697L
Code: for(idx = 0; idx < list_size(hs->connp->conn->transactions); idx++)

The pointer "hs" is NULL, and is being dereferenced. Suricata does have a check to detect whether this ptr is NULL.
However, the check is performed before acquiring a semaphore. Apparently, things change by the time the semaphore is acquired.
Perhaps, the checks need to be performed before and after the semaphore operation.