gzip: skip FCOMMENT terminator in streaming decompressor

[saddamr3e]

The streaming gzip decompressor parses the optional header fields before handing the rest of the stream to inflate. The FNAME branch advances past the field's terminating NUL, but the FCOMMENT branch stops one byte short and leaves the comment's NUL in place. That stray byte then gets treated as the start of the deflate body (or as the FHCRC bytes), so any gzip payload that carries a comment field fails to decompress on this path. in_forward feeds network payloads through this decompressor, so a client that sets the COMMENT flag trips it. I ran into it while building a stream with a comment field and watching flb_decompress return a failure instead of the original data. Incrementing xlen the same way the FNAME branch does skips the terminator and keeps the read position aligned.

---

Testing

• Example configuration file for the change
• [N/A] Debug log output from testing the change
• Attached unit test exercising the streaming decompressor with an FCOMMENT field

[INPUT]
    name     forward
    listen   0.0.0.0
    port     24224

[OUTPUT]
    name     stdout
    match    *

Send a forward message with compressed set to gzip where the gzip stream carries an FCOMMENT field. Added tests/internal/gzip.c:decompress_with_comment, which frames a gzip payload with a comment and runs it through flb_decompress. It fails on the unpatched tree (the decompressor returns an error and reconstructs nothing) and passes after the change.

• [N/A] Run local packaging test showing all targets build.
• [N/A] Set ok-package-test label to test for all targets.

Documentation

• [N/A] Documentation required for this feature

Backporting

• Backport to latest stable release.

---

Fluent Bit is licensed under Apache 2.0, by submitting this pull request I understand that this code will be released under the terms of that license.

Summary by CodeRabbit

• Bug Fixes

  • Improved gzip streaming decompression to correctly process optional metadata fields, including FCOMMENT, ensuring the decompressor consumes the comment data properly and produces accurate output.

• Tests

  • Added a new gzip decompression test that inserts a NUL-terminated comment (FCOMMENT) into the stream and verifies decompressed bytes match the original payload.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2dc12f3f-0367-40d5-b40a-48ebd6ac14f5

📥 Commits

Reviewing files that changed from the base of the PR and between edaae9b and 7f0d887.

📒 Files selected for processing (1)

• src/flb_gzip.c

🚧 Files skipped from review as they are similar to previous changes (1)

• src/flb_gzip.c

---

📝 Walkthrough

Walkthrough

flb_gzip_decompressor_process_optional_headers now counts the FCOMMENT terminator when skipping optional gzip headers. A new test builds a gzip stream with an injected FCOMMENT field and verifies streaming decompression still matches the original payload.

Changes

FCOMMENT field fix and regression test

Layer / File(s)	Summary
FCOMMENT byte consumption fix and decompression test src/flb_gzip.c, tests/internal/gzip.c	xlen is incremented after strnlen so read_buffer and input_buffer_length advance past the FCOMMENT NUL terminator. The test file adds flb_compression.h, implements test_decompress_with_comment() to build and decompress a FCOMMENT-bearing gzip stream, and registers the new test in TEST_LIST.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested reviewers

• fujimotos
• edsiper

Poem

A comment hid in gzip’s tide,
But now the NUL is counted wide.
With one small hop, the bytes align,
And decompression sings just fine.
🐇

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 33.33% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly and concisely describes the main fix in the streaming gzip decompressor.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/flb_gzip.c`:
- Around line 810-811: The variable `xlen` is declared as `uint16_t` but
receives values from `strnlen()` which returns `size_t`. This causes truncation
for large FCOMMENT/FNAME fields, leading to wraparound and misaligned parsing.
Change the declaration of `xlen` from `uint16_t` to `size_t` to properly handle
the full range of values returned by `strnlen()` and prevent wraparound during
the optional-header skipping logic.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 8b42eb2e-887e-401c-96ca-e3025311dffb

📥 Commits

Reviewing files that changed from the base of the PR and between 9bf9c1b and edaae9b.

📒 Files selected for processing (2)

• src/flb_gzip.c
• tests/internal/gzip.c