Merge branch 'origin/topic/bbannier/spicy-reject_protocol-during-teardown'

CHANGES

@@ -1,3 +1,17 @@
+6.1.0-dev.444 | 2023-09-25 14:59:19 +0200
+
+  * Do not require cookie for `reject_protocol` during teardown. (Benjamin Bannier, Corelight)
+
+    A user reported that they ran into a situation where a parse error
+    caused an assertion failure in `reject_protocol`. printf debugging points
+    to the `CookieSetter`s in the `try`/`catch` blocks during processing
+    already clearing the cookie RAII-style; since their `catch` blocks
+    already send an analyzer violation no further sending of one from
+    `reject_protocol` is required.
+
+    This patch replaces the assert in `reject_protocol` with a runtime check
+    and an early return if the cookie is already cleared.
+
 6.1.0-dev.442 | 2023-09-25 13:50:15 +0200
 
   * ci/benchmark: Also send CIRRUS_TASK_NAME to benchmarker API (Arne Welzel, Corelight)

VERSION

@@ -1 +1 @@
-6.1.0-dev.442
+6.1.0-dev.444

src/spicy/runtime-support.cc

@@ -453,7 +453,12 @@ void rt::confirm_protocol() {
 void rt::reject_protocol(const std::string& reason) {
     auto _ = hilti::rt::profiler::start("zeek/rt/reject_protocol");
     auto cookie = static_cast<Cookie*>(hilti::rt::context::cookie());
-    assert(cookie);
+
+    // We might be invoked during teardown when the cookie has already been
+    // cleared. These other code paths also take care of sending an analyzer
+    // violation to Zeek, so we can immediately return for such cases here.
+    if ( ! cookie )
+        return;
 
     if ( auto x = cookie->protocol ) {
         auto tag = spicy_mgr->tagForProtocolAnalyzer(x->analyzer->GetAnalyzerTag());