in_forward: fix init error cleanup and parser state handling

[edsiper]

• Reset per-message option state in forward parser to avoid stale options reuse.
• Fix HELO handshake path to return error immediately on send failure.
• Add NULL-check for security.users split parsing.
• Use fw_config_destroy() on init failures to cleanly release allocated resources.
• Align options index types/sentinels (chunk_id/metadata_id) to int for safer comparisons.

---

Fluent Bit is licensed under Apache 2.0, by submitting this pull request I understand that this code will be released under the terms of that license.

Summary by CodeRabbit

• Bug Fixes
  • Enhanced error handling and resource cleanup in the forward input plugin to ensure proper shutdown during failure scenarios.
  • Improved validation of user data parsing with comprehensive error recovery and cleanup procedures.
  • Standardized error handling across plugin components for increased reliability and consistency.

[coderabbitai]

📝 Walkthrough

Walkthrough

This PR improves error handling and resource cleanup in the in_forward plugin. It adds validation for user configuration parsing, centralizes cleanup via a dedicated destruction function, and adjusts function signatures for consistency in type handling.

Changes

Cohort / File(s)	Summary
User and Config Error Handling plugins/in_forward/fw.c, plugins/in_forward/fw_config.c	Added validation for user-value parsing with proper error logging and state cleanup; replaced ad-hoc memory operations in error paths with centralized fw_config_destroy() cleanup function to ensure consistent resource teardown.
Protocol Processing Type Adjustments plugins/in_forward/fw_prot.c	Changed return types of get_options_metadata and get_options_chunk from size_t to int with corresponding index parameter adjustments; simplified error handling in send_helo; added initialization of chunk_id/metadata_id to -1 and reset contain_options flag in main loop for consistent state management.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• in_forward: fix username parsing #11026: Directly modifies plugins/in_forward/fw.c setup_users parsing and split cleanup for username/password handling.
• in_forward: Fix user authentication to align Fluentd's behavior #10973: Addresses in_forward user-loading and error paths with user-auth checks and config destruction on failures.

Suggested labels

bug, backport to v4.0.x, backport to v4.1.x

Suggested reviewers

• cosmo0920
• koleini
• fujimotos

Poem

🐰 A forward plugin, once wild and untamed,
Now cleans up its errors with systematic aim!
Validation and destruction in harmony dance,
Types aligned true—no resource leaks by chance! ✨

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main changes: initialization error cleanup improvements and parser state handling fixes across the forward plugin.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch in_forward-cleanup

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

plugins/in_forward/fw.c (1)

210-214: ⚠️ Potential issue | 🟡 Minor

Pre-existing: flb_malloc failure leaks previously added users.

If flb_malloc fails here, return -1 is reached without calling delete_users(ctx). Any users already linked to ctx->users in prior loop iterations will leak, since fw_config_destroy (called by the caller) does not clean up the users list.

Proposed fix

         user = flb_malloc(sizeof(struct flb_in_fw_user));
         if (!user) {
             flb_errno();
+            delete_users(ctx);
             return -1;
         }