Symptom
Snort3 crashing and restarting
Conditions
snort3 crashes while trying to access a NULL pointer during Client Hello modify verdict evaluation. This occurs when a previously cached and accessed server certificate is removed from the cache and is no longer available at the time of verdict evaluation.
Further Problem Description
This may be reproduced by resuming a TLS session for which the original server certificate is already cached and then clearing the original server certificate cache before processing a retried CH message.
A retry may occur when evaluating SSL rule with URL categories.
