Loading...

XML

Word

Printable

Type: Problem report
Resolution: Fixed
Priority: Major
Fix Version/s: 4.0.25rc1, 5.0.4rc1, 5.2.0alpha2, 5.2 (plan)
Affects Version/s: 5.0.1
Component/s: Server (S)
Labels:
None

Sprint:
Sprint 66 (Jul 2020), Sprint 67 (Aug 2020)
Story Points:
0.125

Install MySQL UnixODBC driver
Create any valid 'database' monitor item
Press Test button on frontend
Press Get value on test form

Value is reported back

Now delete SQL query from item form (leave the field empty)

Press Test
Press Get Value on test form

Zabbix server crashes immediately:

 3000:20200706:171918.962 Got signal [signal:11(SIGSEGV),reason:1,refaddr:(nil)]. Crashing ...
  3000:20200706:171918.962 ====== Fatal information: ======
  3000:20200706:171918.962 Program counter: 0x7f24e179758c
  3000:20200706:171918.962 === Registers: ===
  3000:20200706:171918.962 r8      =     55aaf631c0f8 =       94192763257080 =       94192763257080
  3000:20200706:171918.962 r9      =                3 =                    3 =                    3
  3000:20200706:171918.962 r10     =                0 =                    0 =                    0
  3000:20200706:171918.962 r11     =               5f =                   95 =                   95
  3000:20200706:171918.962 r12     =                1 =                    1 =                    1
  3000:20200706:171918.962 r13     =     55aaf632af20 =       94192763318048 =       94192763318048
  3000:20200706:171918.962 r14     =                0 =                    0 =                    0
  3000:20200706:171918.962 r15     =                0 =                    0 =                    0
  3000:20200706:171918.962 rdi     =                0 =                    0 =                    0
  3000:20200706:171918.962 rsi     =     55aaf631ca90 =       94192763259536 =       94192763259536
  3000:20200706:171918.962 rbp     =     55aaf631ca90 =       94192763259536 =       94192763259536
  3000:20200706:171918.962 rbx     =                0 =                    0 =                    0
  3000:20200706:171918.962 rdx     =                0 =                    0 =                    0
  3000:20200706:171918.962 rax     =                0 =                    0 =                    0
  3000:20200706:171918.962 rcx     =                0 =                    0 =                    0
  3000:20200706:171918.962 rsp     =     7ffd6de3f430 =      140726447109168 =      140726447109168
  3000:20200706:171918.962 rip     =     7f24e179758c =      139796378383756 =      139796378383756
  3000:20200706:171918.962 efl     =            10206 =                66054 =                66054
  3000:20200706:171918.962 csgsfs  =   2b000000000033 =    12103423998558259 =    12103423998558259
  3000:20200706:171918.962 err     =                4 =                    4 =                    4
  3000:20200706:171918.963 trapno  =                e =                   14 =                   14
  3000:20200706:171918.963 oldmask =                0 =                    0 =                    0
  3000:20200706:171918.963 cr2     =                0 =                    0 =                    0

Expected - Item test form will report back error that SQL query is missing

This is critical bug, it allows any Admin user to crash Zabbix server from frontend (intentionally or by accident)

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

crash.txt
37 kB
2020 Jul 07 09:49
empty_query_error.png
10 kB
2020 Jul 10 13:56
image-2020-07-06-17-16-54-261.png
13 kB
2020 Jul 06 17:16
image-2020-07-06-17-17-58-228.png
5 kB
2020 Jul 06 17:17
image-2020-07-06-17-18-56-503.png
16 kB
2020 Jul 06 17:18

Assignee:: Viktors Tjarve

Reporter:: Kaspars Mednis

Team:: Team A

Votes:: 1 Vote for this issue

Watchers:: 9 Start watching this issue

Created:: 2020 Jul 06 17:22

Updated:: 2024 Apr 10 16:50

Resolved:: 2020 Aug 31 15:39

Details

Description

Attachments

Attachments

Activity

People

Dates