Fix IRC names command parsing

src/analyzer/protocol/irc/IRC.cc

@@ -252,14 +252,15 @@ void IRC_Analyzer::DeliverStream(int length, const u_char* line, bool orig)
 			{
 			vector<string> parts = SplitWords(params, ' ');
 
-			// Remove nick name.
+			if ( parts.size() < 3 )
-			parts.erase(parts.begin());
-			if ( parts.size() < 2 )
 				{
 				Weird("irc_invalid_names_line");
 				return;
 				}
 
+			// Remove nick name.
+			parts.erase(parts.begin());
+
 			string type = parts[0];
 			string channel = parts[1];
 

testing/btest/Baseline/scripts.base.protocols.irc.names-weird/weird.log

@@ -0,0 +1,10 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	weird
+#open	2018-09-13-00-31-10
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	name	addl	notice	peer
+#types	time	string	addr	port	addr	port	string	string	bool	string
+1536797872.428637	ClEkJM2Vm5giqnMf4h	127.0.0.1	65389	127.0.0.1	6666	irc_invalid_names_line	-	F	bro
+#close	2018-09-13-00-31-10

testing/btest/scripts/base/protocols/irc/names-weird.bro

@@ -0,0 +1,7 @@
+# @TEST-EXEC: bro -C -r $TRACES/irc-353.pcap %INPUT
+# @TEST-EXEC: btest-diff weird.log
+
+event irc_names_info(c: connection, is_orig: bool, c_type: string, channel: string, users: string_set)
+	{
+	print channel, users;
+	}