[ZBX-2003] arithmetic expressions are evaluated incorrectly Created: 2010 Feb 12 Updated: 2017 May 30 Resolved: 2010 Feb 22 |
|
Status: | Closed |
Project: | ZABBIX BUGS AND ISSUES |
Component/s: | Server (S) |
Affects Version/s: | 1.8.1 |
Fix Version/s: | 1.8.2, 1.9.0 (alpha) |
Type: | Incident report | Priority: | Critical |
Reporter: | Aleksandrs Saveljevs | Assignee: | Unassigned |
Resolution: | Fixed | Votes: | 0 |
Labels: | None | ||
Remaining Estimate: | Not Specified | ||
Time Spent: | Not Specified | ||
Original Estimate: | Not Specified |
Description |
The problematic function is evaluate_simple() in src/libs/zbxserver/expression.c. The way it works is as follows. When it processes an operator, it searches the expression for that operator from left to right, splits the expression in two, recursively evaluates each part, and, finally, applies the operator. This algorithm has problems for both "-" and "/". For instance, evaluating "64/8/8" yields 64, whereas the correct answer is 1. Similarly, "100-10-1" would yield "91", whereas the correct value is 89. Luckily, evaluate_simple() evaluates "100-10-1" to 89, because of the function compress_signs(), which turns "100-10-1" into "100+N10+N1". A quick solution to this problem would be to search for "-" and "/" from right to left (using strrchr), instead of left to right (with strchr). Another solution would be to completely rewrite evaluate() and evaluate_simple(), as more efficient algorithms for evaluating expressions exist. PS: You can also note the statement *p='|'; throughout the function, executed for all the operators. It does not seem to have any adverse effects, however, it seems to be a sign of copy-paste, which, potentially, is a major source of problems of its own. |
Comments |
Comment by Aleksandrs Saveljevs [ 2010 Feb 16 ] |
Implemented the quick solution in r10198 in |
Comment by Alexei Vladishev [ 2010 Feb 17 ] |
Please test it. |
Comment by richlv [ 2010 Feb 22 ] |
non-trivial to test from user perspective, but seems to work as expected with changes from the dev branch. probably easier to test by code review |
Comment by Aleksandrs Saveljevs [ 2010 Feb 23 ] |
Fixed in pre1.8.2, revision 10380. |