[ZBX-9701] Special character $ doesn't pass in external check parameter Created: 2015 Jul 13  Updated: 2017 Oct 24  Resolved: 2017 Oct 24

Status: Closed
Component/s: Proxy (P), Server (S)
Affects Version/s: 2.4.1
Fix Version/s: None

Type: Problem report Priority: Trivial
Reporter: Dmitry Gorobets Assignee: Unassigned
Resolution: Duplicate Votes: 3
Labels: escaping, externalchecks

Issue Links:
duplicates ZBX-2450 no security measures are taken for ex... Reopened


Zabbix doesn't pass character $ in external check parameter, example:

quartz_scheduler_check1.py["-n","cluster-app1","-j","ReceiveMailTask$4","-t","c2c23f92-e4a5-4ed4-8dce-8fb1b55e198b"], result - ['-n', 'cluster-app1', '-j', 'ReceiveMailTask', '-t', 'c2c23f92-e4a5-4ed4-8dce-8fb1b55e198b']

If add backslash() to escape:

We'll get ['-n', 'cluster-app1', '-j', 'ReceiveMailTask\\', '-t', 'c2c23f92-e4a5-4ed4-8dce-8fb1b55e198b']

Comment by Aleksandrs Saveljevs [ 2015 Jul 13 ]

The "$" character is passed, but external checks are executed through the shell and so "$" is treated as the beginning of a shell variable.

It should probably be solved in a way similar to ZBX-4529 by single-quoting the arguments.

Comment by Dmitry Gorobets [ 2015 Jul 13 ]

I tried to solve problem with single quotes, but it didn't help.
Example: quartz_scheduler_check1.py['-n','cluster-app1','-j','ReceiveMailTask$4','-t','c2c23f92-e4a5-4ed4-8dce-8fb1b55e198b']
Result: '-n' 'cluster-app1' '-j' 'ReceiveMailTask' '-t' 'c2c23f92-e4a5-4ed4-8dce-8fb1b55e1

Comment by Aleksandrs Saveljevs [ 2015 Jul 13 ]

Above I meant that the server should single-quote the arguments instead of double-quoting them at src/zabbix_server/poller/checks_external.c, function get_value_external(). In other words, you are correct that there is a bug in Zabbix.

Comment by Dmitry Gorobets [ 2015 Jul 13 ]

Zabbix version 2.4.1 (revision 49643)

Comment by Dmitry Gorobets [ 2015 Jul 15 ]

Bug can be fixed by editing line 88 at src/zabbix_server/poller/checks_external.c

zbx_snprintf_alloc(&cmd, &cmd_alloc, &cmd_offset, " \"%s\"", param_esc);


zbx_snprintf_alloc(&cmd, &cmd_alloc, &cmd_offset, " '%s'", param_esc);
Comment by Aleksandrs Saveljevs [ 2015 Jul 16 ]

Just a note that the patch above does solve the reporter's case, but will generally make things much worse: external items with parameters containing double quotes, backslashes and especially single quotes will no longer work.

Comment by Tom M. [ 2015 Oct 19 ]

The same issue is present in the 2.2 release (as seen on zabbix-server-2.2.10-1.el6.x86_64).

Comment by Glebs Ivanovskis (Inactive) [ 2017 Oct 24 ]

Closing as Duplicate of ZBX-2450.

Generated at Tue Feb 19 19:12:37 EET 2019 using JIRA 7.3.9#73021-sha1:26adfd3d76803e1a04219c5cd05b58dbafff0dbf.