Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-26058

signed integer overflow zbx_is_ip4()

XMLWordPrintable

    • Icon: Defect (Security) Defect (Security)
    • Resolution: Duplicate
    • Icon: Trivial Trivial
    • None
    • 7.4.0alpha1
    • None
    • None

      If we use ./zabbix_get args
      (Where args in xxd utility:
      00000000: 2d70 7320 2d73 2031 3131 3131 3131 3131 -ps -s 111111111
      00000010: 3131 3131 3131 31e8 033a 3b20 2d6b 2003 1111111..:;.-k..), then we got integer signed overflow in signed integer overflow zbx_is_ip4():

      ip.c:41:18: runtime error: signed integer overflow: 1111111111 * 10 cannot be represented in type 'int'
      #0 0x555555667da0 in zbx_is_ip4 /zabbixnew/zabbix/src/libs/zbxip/ip.c:41:18
      #1 0x5555555c534a in zbx_socket_connect /zabbixnew/zabbix/src/libs/zbxcomms/comms.c:524:17
      #2 0x5555555c6905 in zbx_socket_create /zabbixnew/zabbix/src/libs/zbxcomms/comms.c:661:17
      #3 0x5555555c6833 in zbx_tcp_connect /zabbixnew/zabbix/src/libs/zbxcomms/comms.c:712:9
      #4 0x5555555c2a84 in get_value /zabbixnew/zabbix/src/zabbix_get/zabbix_get.c:275:24
      #5 0x5555555c1eb0 in main /zabbixnew/zabbix/src/zabbix_get/zabbix_get.c:605:8
      Problem is actual for upstream version. You can accept PR for fix it:
      https://github.com/zabbix/zabbix/pull/140

      I use clang-19 with -fasnitize=UBSAN option. You were closed my previous Issue so fairly and I couldn't reply on your questions, but problem was approved.

            zabbix.dev Zabbix Development Team
            aushakov Aleksandr Ushakov
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: