config_format: fix YAML variant cleanup on parser errors

[edsiper]

Fix a YAML config parser leak when malformed plugin variants detach a cfl_variant from parser state but fail before transferring ownership to the parent array or kvlist.

The parser now destroys detached variants on failed child insertion, missing parent state, invalid kvlist key state, and failed parent property insertion.

Also adds the minimized ClusterFuzz testcase as an internal YAML regression fixture.

---

Fluent Bit is licensed under Apache 2.0, by submitting this pull request I understand that this code will be released under the terms of that license.

Summary by CodeRabbit

• Bug Fixes

  • Resolved memory leak issues in YAML configuration parsing under specific failure conditions.

• Tests

  • Added test coverage for additional YAML configuration edge cases.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 25741c5b-8f11-4941-8caa-0c9713737414

📥 Commits

Reviewing files that changed from the base of the PR and between f6126eb and 38218f2.

📒 Files selected for processing (3)

• src/config_format/flb_cf_yaml.c
• tests/internal/config_format_yaml.c
• tests/internal/data/config_format/yaml/clusterfuzz_variant_missing_key.yaml

---

📝 Walkthrough

Walkthrough

The YAML parser's STATE_PLUGIN_VARIANT handler now explicitly destroys temporary variant objects on four failure paths to prevent memory leaks. Test coverage is expanded with a clusterfuzz variant fixture and refactored validation loop that checks multiple broken config inputs.

Changes

YAML Variant Parsing Memory Leak Fixes

Layer / File(s)	Summary
Memory leak fixes in STATE_PLUGIN_VARIANT parsing src/config_format/flb_cf_yaml.c	Adds cfl_variant_destroy() cleanup on four failure paths: when state_variant_set_child() fails during scalar processing, when parent state is NULL after pop, when kvlist key is missing, and when set_child fails during mapping/sequence end.
Test infrastructure for broken variant configs tests/internal/config_format_yaml.c, tests/internal/data/config_format/yaml/clusterfuzz_variant_missing_key.yaml	Introduces FLB_CLUSTERFUZZ_VARIANT_MISSING_KEY macro, refactors test_broken_plugin_variant_yaml to iterate over multiple broken YAML inputs asserting creation fails for each, and adds clusterfuzz fixture with missing-key CUSTOMS structure.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested labels

backport to v4.0.x

Suggested reviewers

• fujimotos
• koleini

Poem

🐰 A leak was found, oh what dismay!
In variants lost, malloc's display,
Now destroy() calls heal the flow,
Four error paths now let mem go,
Tests confirm the fix—hooray!

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the primary change: fixing YAML variant cleanup on parser errors. It directly relates to the main content of the PR, which addresses memory leak prevention in the YAML config parser.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch cfl-variant-array-leak-478376815

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}