From d2eed166bd1d583f2d7ec932a06002280343b718 Mon Sep 17 00:00:00 2001
From: Jon Siwek <jsiwek@corelight.com>
Date: Fri, 2 Aug 2019 11:55:46 -0700
Subject: [PATCH] GH-517: fix MQTT suback/unsuback accessing non-existent index

---
 CHANGES                               | 4 ++++
 VERSION                               | 2 +-
 scripts/base/protocols/mqtt/main.zeek | 6 ++++++
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/CHANGES b/CHANGES
index 6f1e35ba0c..3843f87a5e 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,8 @@
 
+2.6-748 | 2019-08-02 11:55:46 -0700
+
+  * GH-517: fix MQTT suback/unsuback accessing non-existent index (Jon Siwek, Corelight)
+
 2.6-747 | 2019-08-02 11:30:52 -0700
 
   * Fix how Broker/CAF sleep duration options are set (Jon Siwek, Corelight)
diff --git a/VERSION b/VERSION
index 69963f373b..9252ecbcf5 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.6-747
+2.6-748
diff --git a/scripts/base/protocols/mqtt/main.zeek b/scripts/base/protocols/mqtt/main.zeek
index d70a3e5bb9..f29e2968d3 100644
--- a/scripts/base/protocols/mqtt/main.zeek
+++ b/scripts/base/protocols/mqtt/main.zeek
@@ -302,6 +302,9 @@ event mqtt_suback(c: connection, msg_id: count, granted_qos: count) &priority=5
 	{
 	set_session(c);
 
+	if ( msg_id !in c$mqtt_state$subscribe )
+		return;
+
 	local x = c$mqtt_state$subscribe[msg_id];
 	x$granted_qos_level = granted_qos;
 	x$ack = T;
@@ -327,6 +330,9 @@ event mqtt_unsuback(c: connection, msg_id: count) &priority=-5
 	{
 	set_session(c);
 
+	if ( msg_id !in c$mqtt_state$subscribe )
+		return;
+
 	local x = c$mqtt_state$subscribe[msg_id];
 	x$ack = T;