websocket: add test with control frame in reassembly

Ticket: 8413

Author: catenacyber

tests/websocket-control-frag/README.md

@@ -0,0 +1,11 @@
+# Description
+
+Test websocket reassembly with control frame injected
+
+# PCAP
+
+The pcap was crafted by a script supplied by wooseokdotkim
+
+# Ticket
+
+https://redmine.openinfosecfoundation.org/issues/8413

tests/websocket-control-frag/input.pcap

@@ -0,0 +1 @@
+alert websocket any any -> any any (msg:"MALWARE"; websocket.payload; content:"MALWARE_DOWNLOAD cmd.exe /c powershell"; sid:1; rev:1;)

tests/websocket-control-frag/test.rules

@@ -0,0 +1,12 @@
+requires:
+  min-version: 9
+
+args:
+  - -k none
+
+checks:
+  - filter:
+      count: 1
+      match:
+        event_type: alert
+        alert.signature_id: 1