in_forward: fix init error cleanup and parser state handling

edsiper · edsiper · commit a1d9c2a9a637 · 2026-03-05T11:29:52.000-06:00
- Reset per-message option state in forward parser to avoid stale options reuse.
  - Fix HELO handshake path to return error immediately on send failure.
  - Add NULL-check for security.users split parsing.
  - Use fw_config_destroy() on init failures to cleanly release allocated resources.
  - Align options index types/sentinels (chunk_id/metadata_id) to int for safer comparisons.

Signed-off-by: Eduardo Silva &lt;eduardo@chronosphere.io&gt;
diff --git a/plugins/in_forward/fw.c b/plugins/in_forward/fw.c
@@ -222,6 +222,14 @@ static int setup_users(struct flb_in_fw_config *ctx,
 
         /* As a value we expect a pair of a username and a passowrd */
         split = flb_utils_split(kv->val, ' ', 1);
+        if (split == NULL) {
+            flb_plg_error(ctx->ins,
+                          "invalid value, expected username and password");
+            delete_users(ctx);
+            flb_free(user);
+            return -1;
+        }
+
         if (mk_list_size(split) != 2) {
             flb_plg_error(ctx->ins,
                           "invalid value, expected username and password");
@@ -348,7 +356,7 @@ static int in_fw_init(struct flb_input_instance *ins,
     /* Load users */
     ret = setup_users(ctx, ins);
     if (ret == -1) {
-        flb_free(ctx);
+        fw_config_destroy(ctx);
         return -1;
     }
 
diff --git a/plugins/in_forward/fw_config.c b/plugins/in_forward/fw_config.c
@@ -90,7 +90,7 @@ struct flb_in_fw_config *fw_config_init(struct flb_input_instance *i_ins)
     ret = flb_input_config_map_set(i_ins, (void *)config);
     if (ret == -1) {
         flb_plg_error(i_ins, "config map set error");
-        flb_free(config);
+        fw_config_destroy(config);
         return NULL;
     }
 
@@ -117,6 +117,7 @@ struct flb_in_fw_config *fw_config_init(struct flb_input_instance *i_ins)
     /* Shared Key */
     if (config->empty_shared_key) {
         if (fw_create_empty_shared_key(config, i_ins) == -1) {
+            fw_config_destroy(config);
             return NULL;
         }
     }
diff --git a/plugins/in_forward/fw_prot.c b/plugins/in_forward/fw_prot.c
@@ -254,7 +254,6 @@ int flb_secure_forward_set_helo(struct flb_input_instance *in,
 static int send_helo(struct flb_input_instance *in, struct flb_connection *connection,
                      struct flb_in_fw_helo *helo)
 {
-    int result;
     size_t sent;
     ssize_t bytes;
     msgpack_packer mp_pck;
@@ -302,16 +301,10 @@ static int send_helo(struct flb_input_instance *in, struct flb_connection *conne
 
     if (bytes == -1) {
         flb_plg_error(in, "cannot send HELO");
-
-        result = -1;
-    }
-    else {
-        result = 0;
+        return -1;
     }
 
-    result = flb_secure_forward_set_helo(in, helo, nonce, user_auth_salt);
-
-    return result;
+    return flb_secure_forward_set_helo(in, helo, nonce, user_auth_salt);
 }
 
 static void flb_secure_forward_format_bin_to_hex(uint8_t *buf, size_t len, char *out)
@@ -827,7 +820,7 @@ static int send_ack(struct flb_input_instance *in, struct fw_conn *conn,
 
 }
 
-static size_t get_options_metadata(msgpack_object *arr, int expected, size_t *idx)
+static int get_options_metadata(msgpack_object *arr, int expected, int *idx)
 {
     size_t i;
     msgpack_object *options;
@@ -880,15 +873,15 @@ static size_t get_options_metadata(msgpack_object *arr, int expected, size_t *id
             return -1;
         }
 
-        *idx = i;
+        *idx = (int) i;
 
         return 0;
     }
 
     return 0;
 }
 
-static size_t get_options_chunk(msgpack_object *arr, int expected, size_t *idx)
+static int get_options_chunk(msgpack_object *arr, int expected, int *idx)
 {
     size_t i;
     msgpack_object *options;
@@ -941,7 +934,7 @@ static size_t get_options_chunk(msgpack_object *arr, int expected, size_t *idx)
             return -1;
         }
 
-        *idx = i;
+        *idx = (int) i;
         return 0;
     }
 
@@ -1256,9 +1249,9 @@ int fw_prot_process(struct flb_input_instance *ins, struct fw_conn *conn)
     int stag_len;
     int event_type;
     int contain_options = FLB_FALSE;
+    int chunk_id = -1;
+    int metadata_id = -1;
     size_t index = 0;
-    size_t chunk_id = -1;
-    size_t metadata_id = -1;
     const char *stag;
     flb_sds_t out_tag = NULL;
     size_t bytes;
@@ -1353,6 +1346,7 @@ int fw_prot_process(struct flb_input_instance *ins, struct fw_conn *conn)
 
             /* Map the array */
             root = result.data;
+            contain_options = FLB_FALSE;
 
             if (root.type != MSGPACK_OBJECT_ARRAY) {
                 flb_plg_debug(ctx->ins,

Original file line number	Diff line number	Diff line change
`@@ -90,7 +90,7 @@ struct flb_in_fw_config fw_config_init(struct flb_input_instance i_ins)`
`90`	`90`	`ret = flb_input_config_map_set(i_ins, (void *)config);`
`91`	`91`	`if (ret == -1) {`
`92`	`92`	`flb_plg_error(i_ins, "config map set error");`
`93`		`- flb_free(config);`
	`93`	`+ fw_config_destroy(config);`
`94`	`94`	`return NULL;`
`95`	`95`	`}`
`96`	`96`
`@@ -117,6 +117,7 @@ struct flb_in_fw_config fw_config_init(struct flb_input_instance i_ins)`
`117`	`117`	`/* Shared Key */`
`118`	`118`	`if (config->empty_shared_key) {`
`119`	`119`	`if (fw_create_empty_shared_key(config, i_ins) == -1) {`
	`120`	`+ fw_config_destroy(config);`
`120`	`121`	`return NULL;`
`121`	`122`	`}`
`122`	`123`	`}`