Double free in in_forward when processing msgpack traces #11238
Description
Bug Report
Describe the bug
The in_forward plugin crashes with a SIGSEGV (double free) when processing msgpack traces.
The issue is because the ctrace container is destroyed twice.
The code in fw_prot.c does not follow the memory requirements of input_trace_append.
https://github.com/fluent/fluent-bit/blob/master/plugins/in_forward/fw_prot.c#L1162
https://github.com/fluent/fluent-bit/blob/master/src/flb_input_trace.c#L33
#0 0x1231489 in ctr_resource_destroy() at lib/ctraces/src/ctr_resource.c:81
#1 0x1231615 in ctr_resource_span_destroy() at lib/ctraces/src/ctr_resource.c:147
#2 0x122da08 in ctr_destroy() at lib/ctraces/src/ctraces.c:69
#3 0x12646e3 in ctr_decode_msgpack_destroy() at lib/ctraces/src/ctr_decode_msgpack.c:774
#4 0x954c54 in append_log() at plugins/in_forward/fw_prot.c:1180
#5 0x9569c4 in fw_prot_process() at plugins/in_forward/fw_prot.c:1644
#6 0x94c94d in fw_conn_event() at plugins/in_forward/fw_conn.c:108
#7 0x5c0f7f in flb_engine_start() at src/flb_engine.c:1150
#8 0x54a67e in flb_lib_worker() at src/flb_lib.c:835
#9 0x775816094ac2 in start_thread() at /rseq-internal.h:442
Your Environment
- Version used: 4.1.1