[ZBX-10797] Evaluation of macros in calculated items is not escaped properly Created: 2016 May 13  Updated: 2017 May 30  Resolved: 2016 Jul 25

Status: Closed
Project: ZABBIX BUGS AND ISSUES
Component/s: Server (S)
Affects Version/s: 3.0.2
Fix Version/s: 3.0.5rc1, 3.2.0alpha1

Type: Incident report Priority: Minor
Reporter: Raymond Kuiper Assignee: Unassigned
Resolution: Fixed Votes: 0
Labels: calculateditems, lld, macros
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: PNG File error.PNG     PNG File item.png    

 Description   

When using macros in calculated items, Zabbix doesn't seem to escape these properly internally.

In this case the value of #FSNAME = "[Intel(R) PRO/1000 MT Network Connection".

Zabbix seems Intel() as a function with the parameter of "R", even though in the item configuration this has been escaped using '"'.

 Comments   
Comment by Alexander Vladishev [ 2016 Jun 29 ]

Thank you! I confirm the issue.

Comment by Glebs Ivanovskis (Inactive) [ 2016 Jul 05 ]

Looks to me like regression from ZBX-10429. In substitute_simple_macros():

		else if (0 != (macro_type & MACRO_TYPE_ITEM_EXPRESSION))
		{
			if (0 == strncmp(m, "{$", 2))	/* user defined macros */
			{
				require_numeric = 1;
				DCget_user_macro(&dc_host->hostid, 1, m, &replace_to);
				pos = token.token.r;
			}
		}
		...
		if (1 == require_numeric && NULL != replace_to)
		{
			if (SUCCEED == (res = is_double_suffix(replace_to)))
				wrap_negative_double_suffix(&replace_to, NULL);
			else if (NULL != error)
				zbx_snprintf(error, maxerrlen, "Macro '%s' value is not numeric", m);
		}

I think we should sort of fail in case require_numeric == 1 and replace_to == NULL. Otherwise we attempt to evaluate calculated item expression with not expanded macro.

This is just a bit of a problem. Quoting may be broken too.

Comment by Andris Mednis [ 2016 Jul 05 ]

Even before substitute_simple_macros() there is a calcitem_parse_expression() which sees expression: '{$TEST_MACRO_INTEL:"Intel(R) Corporation Ethernet Connection I217-LM"}' and happily parses 'ntel(R)' as a function into 

'{$TEST_MACRO_INTEL:"I{1} Corporation Ethernet Connection I217-LM"}'

.

Comment by Andris Mednis [ 2016 Jul 11 ]

Fixed in development branch svn://svn.zabbix.com/branches/dev/ZBX-10797 .

Comment by Andris Mednis [ 2016 Jul 25 ]

Fixed in versions:

  • pre-3.0.5 r61191.
  • pre-3.1.0 (trunk) r61192.
Comment by Andris Mednis [ 2016 Jul 25 ]

No documentation changes.

Generated at Tue Nov 04 12:45:47 EET 2025 using Jira 9.12.4#9120004-sha1:625303b708afdb767e17cb2838290c41888e9ff0.