zabbix: fix CVE-2023-29449

JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. Preprocessing/webhook/global script configuration and testing are only available to Administrative roles (Admin and Superadmin). Administrative privileges should be typically granted to users who need to perform tasks that require more control over the system. The security risk is limited because not all users have this level of access. References: https://support.zabbix.com/browse/ZBX-22589 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Urade, Yogitag <Yogita.Urade@windriver.com> 2023-07-31 07:22:49 +0000
committer: Armin Kuster <akuster808@gmail.com> 2023-08-03 16:50:52 -0400
commit: 83470f71c67fe8491013cdbffbc7fa1317d35500 (patch)
tree: 48e227ecc679ed5b43a48a0d24423158a7894bbf
parent: 5cb27408e13d9d61f4da37adf733ddfa6eaefc5b (diff)
download: meta-openembedded-83470f71c67fe8491013cdbffbc7fa1317d35500.tar.gz
2 files changed, 248 insertions, 0 deletions
diff --git a/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-29449.patch b/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-29449.patch
new file mode 100644
index 0000000000..675d9e0f35
--- /dev/null
+++ b/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-29449.patch
@@ -0,0 +1,247 @@
+From 240754ccee1b6b35ac47862be56dacec11e65b32 Mon Sep 17 00:00:00 2001
+From: Dmitrijs Goloscapovs <dmitrijs.goloscapovs@zabbix.com>
+Date: Thu, 27 Jul 2023 11:23:54 +0000
+Subject: [PATCH] .......PS. [DEV-2387] added new limits for JS objects
+Merge in ZBX/zabbix from feature/DEV-2387-6.0 to release/6.0
+* commit '16e5f15a70cfbf00c646cb92d1fcb8a362900285':
+  .......PS. [DEV-2387] removed logsize check based on json buffer
+  .......PS. [DEV-2387] removed logsize check based on json buffer
+  .......PS. [DEV-2387] fixed pr comments
+  .......PS. [DEV-2387] removed useless include
+  .......PS. [DEV-2387] added limits for logging and adding httprequest headers
+  .......PS. [DEV-2387] limited initialization of new HttpRequest objects
+CVE: CVE-2023-29449
+Upstream-Status: Backport [https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/240754ccee1]
+Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
+---
+ src/libs/zbxembed/console.c     | 23 ++++++++++++-----------
+ src/libs/zbxembed/embed.c       |  1 +
+ src/libs/zbxembed/embed.h       |  3 +++
+ src/libs/zbxembed/httprequest.c | 28 ++++++++++++++++++++++++++++
+ src/libs/zbxembed/zabbix.c      | 23 ++++++++++++-----------
+ 5 files changed, 56 insertions(+), 22 deletions(-)
+diff --git a/src/libs/zbxembed/console.c b/src/libs/zbxembed/console.c
+index c733487..60c48fc 100644
+--- a/src/libs/zbxembed/console.c
+++ b/src/libs/zbxembed/console.c
+@@ -90,27 +90,28 @@ static duk_ret_t    es_log_message(duk_context *ctx, int level)
+        else
+                msg_output = zbx_strdup(msg_output, "undefined");
+-       zabbix_log(level, "%s", msg_output);
+-
+        duk_get_memory_functions(ctx, &out_funcs);
+        env = (zbx_es_env_t *)out_funcs.udata;
+-       if (NULL == env->json)
+-               goto out;
+-
+-       if (ZBX_ES_LOG_MEMORY_LIMIT < env->json->buffer_size)   /* approximate limit */
+       if (ZBX_ES_LOG_MEMORY_LIMIT < env->log_size)
+        {
+                err_index = duk_push_error_object(ctx, DUK_RET_EVAL_ERROR, "log exceeds the maximum size of "
+                                ZBX_FS_UI64 " bytes.", ZBX_ES_LOG_MEMORY_LIMIT);
+                goto out;
+        }
+-       zbx_json_addobject(env->json, NULL);
+-       zbx_json_adduint64(env->json, "level", (zbx_uint64_t)level);
+-       zbx_json_adduint64(env->json, "ms", zbx_get_duration_ms(&env->start_time));
+-       zbx_json_addstring(env->json, "message", msg_output, ZBX_JSON_TYPE_STRING);
+-       zbx_json_close(env->json);
+       zabbix_log(level, "%s", msg_output);
+
+       if (NULL != env->json)
+       {
+               zbx_json_addobject(env->json, NULL);
+               zbx_json_adduint64(env->json, "level", (zbx_uint64_t)level);
+               zbx_json_adduint64(env->json, "ms", zbx_get_duration_ms(&env->start_time));
+               zbx_json_addstring(env->json, "message", msg_output, ZBX_JSON_TYPE_STRING);
+               zbx_json_close(env->json);
+       }
+ out:
+       env->log_size += strlen(msg_output);
+        zbx_free(msg_output);
+        if (-1 != err_index)
+diff --git a/src/libs/zbxembed/embed.c b/src/libs/zbxembed/embed.c
+index 34d8d18..cc80925 100644
+--- a/src/libs/zbxembed/embed.c
+++ b/src/libs/zbxembed/embed.c
+@@ -444,6 +444,7 @@ int zbx_es_execute(zbx_es_t *es, const char *script, const char *code, int size,
+        zabbix_log(LOG_LEVEL_DEBUG, "In %s() param:%s", __func__, param);
+        zbx_timespec(&es->env->start_time);
+       es->env->http_req_objects = 0;
+        if (NULL != es->env->json)
+        {
+diff --git a/src/libs/zbxembed/embed.h b/src/libs/zbxembed/embed.h
+index a0a360c..2b954a8 100644
+--- a/src/libs/zbxembed/embed.h
+++ b/src/libs/zbxembed/embed.h
+@@ -48,6 +48,9 @@ struct zbx_es_env
+        struct zbx_json *json;
+        jmp_buf         loc;
+
+       int             http_req_objects;
+       size_t          log_size;
+ };
+ zbx_es_env_t   *zbx_es_get_env(duk_context *ctx);
+diff --git a/src/libs/zbxembed/httprequest.c b/src/libs/zbxembed/httprequest.c
+index 8c2839c..7f0eed9 100644
+--- a/src/libs/zbxembed/httprequest.c
+++ b/src/libs/zbxembed/httprequest.c
+@@ -52,6 +52,7 @@ typedef struct
+        size_t                  headers_in_alloc;
+        size_t                  headers_in_offset;
+        unsigned char           custom_header;
+       size_t                  headers_sz;
+ }
+ zbx_es_httprequest_t;
+@@ -145,13 +146,21 @@ static duk_ret_t  es_httprequest_dtor(duk_context *ctx)
+  ******************************************************************************/
+ static duk_ret_t       es_httprequest_ctor(duk_context *ctx)
+ {
+#define MAX_HTTPREQUEST_OBJECT_COUNT   10
+        zbx_es_httprequest_t    *request;
+        CURLcode                err;
+       zbx_es_env_t            *env;
+        int                     err_index = -1;
+        if (!duk_is_constructor_call(ctx))
+                return DUK_RET_TYPE_ERROR;
+       if (NULL == (env = zbx_es_get_env(ctx)))
+               return duk_error(ctx, DUK_RET_TYPE_ERROR, "cannot access internal environment");
+
+       if (MAX_HTTPREQUEST_OBJECT_COUNT == env->http_req_objects)
+               return duk_error(ctx, DUK_RET_EVAL_ERROR, "maximum count of HttpRequest objects was reached");
+
+        duk_push_this(ctx);
+        request = (zbx_es_httprequest_t *)zbx_malloc(NULL, sizeof(zbx_es_httprequest_t));
+@@ -189,7 +198,10 @@ out:
+                return duk_throw(ctx);
+        }
+       env->http_req_objects++;
+
+        return 0;
+#undef MAX_HTTPREQUEST_OBJECT_COUNT
+ }
+ /******************************************************************************
+@@ -201,10 +213,12 @@ out:
+  ******************************************************************************/
+ static duk_ret_t       es_httprequest_add_header(duk_context *ctx)
+ {
+#define ZBX_ES_MAX_HEADERS_SIZE        ZBX_KIBIBYTE * 128
+        zbx_es_httprequest_t    *request;
+        CURLcode                err;
+        char                    *utf8 = NULL;
+        int                     err_index = -1;
+       size_t                  header_sz;
+        if (NULL == (request = es_httprequest(ctx)))
+                return duk_error(ctx, DUK_RET_EVAL_ERROR, "internal scripting error: null object");
+@@ -215,9 +229,20 @@ static duk_ret_t   es_httprequest_add_header(duk_context *ctx)
+                goto out;
+        }
+       header_sz = strlen(utf8);
+
+       if (ZBX_ES_MAX_HEADERS_SIZE < request->headers_sz + header_sz)
+       {
+               err_index = duk_push_error_object(ctx, DUK_RET_TYPE_ERROR, "headers exceeded maximum size of "
+                       ZBX_FS_UI64 " bytes.", ZBX_ES_MAX_HEADERS_SIZE);
+
+               goto out;
+       }
+
+        request->headers = curl_slist_append(request->headers, utf8);
+        ZBX_CURL_SETOPT(ctx, request->handle, CURLOPT_HTTPHEADER, request->headers, err);
+        request->custom_header = 1;
+       request->headers_sz += header_sz + 1;
+ out:
+        zbx_free(utf8);
+@@ -225,6 +250,7 @@ out:
+                return duk_throw(ctx);
+        return 0;
+#undef ZBX_ES_MAX_HEADERS_SIZE
+ }
+ /******************************************************************************
+@@ -244,6 +270,7 @@ static duk_ret_t    es_httprequest_clear_header(duk_context *ctx)
+        curl_slist_free_all(request->headers);
+        request->headers = NULL;
+        request->custom_header = 0;
+       request->headers_sz = 0;
+        return 0;
+ }
+@@ -311,6 +338,7 @@ static duk_ret_t    es_httprequest_query(duk_context *ctx, const char *http_request
+                {
+                        curl_slist_free_all(request->headers);
+                        request->headers = NULL;
+                       request->headers_sz = 0;
+                }
+                if (NULL != contents)
+diff --git a/src/libs/zbxembed/zabbix.c b/src/libs/zbxembed/zabbix.c
+index 820768f..0ecde86 100644
+--- a/src/libs/zbxembed/zabbix.c
+++ b/src/libs/zbxembed/zabbix.c
+@@ -81,27 +81,28 @@ static duk_ret_t    es_zabbix_log(duk_context *ctx)
+                zbx_replace_invalid_utf8(message);
+        }
+-       zabbix_log(level, "%s", message);
+-
+        duk_get_memory_functions(ctx, &out_funcs);
+        env = (zbx_es_env_t *)out_funcs.udata;
+-       if (NULL == env->json)
+-               goto out;
+-
+-       if (ZBX_ES_LOG_MEMORY_LIMIT < env->json->buffer_size)   /* approximate limit */
+       if (ZBX_ES_LOG_MEMORY_LIMIT < env->log_size)
+        {
+                err_index = duk_push_error_object(ctx, DUK_RET_EVAL_ERROR, "log exceeds the maximum size of "
+                                ZBX_FS_UI64 " bytes.", ZBX_ES_LOG_MEMORY_LIMIT);
+                goto out;
+        }
+-       zbx_json_addobject(env->json, NULL);
+-       zbx_json_adduint64(env->json, "level", (zbx_uint64_t)level);
+-       zbx_json_adduint64(env->json, "ms", zbx_get_duration_ms(&env->start_time));
+-       zbx_json_addstring(env->json, "message", message, ZBX_JSON_TYPE_STRING);
+-       zbx_json_close(env->json);
+       zabbix_log(level, "%s", message);
+
+       if (NULL != env->json)
+       {
+               zbx_json_addobject(env->json, NULL);
+               zbx_json_adduint64(env->json, "level", (zbx_uint64_t)level);
+               zbx_json_adduint64(env->json, "ms", zbx_get_duration_ms(&env->start_time));
+               zbx_json_addstring(env->json, "message", message, ZBX_JSON_TYPE_STRING);
+               zbx_json_close(env->json);
+       }
+ out:
+       env->log_size += strlen(message);
+        zbx_free(message);
+        if (-1 != err_index)
+--
+2.35.5
diff --git a/meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb b/meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb
index 7f530a5529..c373ed9f0c 100644
--- a/meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb
+++ b/meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb
@@ -29,6 +29,7 @@ SRC_URI = "https://cdn.zabbix.com/zabbix/sources/stable/5.4/${BPN}-${PV}.tar.gz
    file://CVE-2022-43515.patch \
    file://CVE-2022-46768.patch \
    file://CVE-2023-29451.patch \
+    file://CVE-2023-29449.patch \
 "
 SRC_URI[md5sum] = "f295fd2df86143d72f6ff26e47d9e39e"
author	Urade, Yogitag <Yogita.Urade@windriver.com>	2023-07-31 07:22:49 +0000
committer	Armin Kuster <akuster808@gmail.com>	2023-08-03 16:50:52 -0400
commit	83470f71c67fe8491013cdbffbc7fa1317d35500 (patch)
tree	48e227ecc679ed5b43a48a0d24423158a7894bbf
parent	5cb27408e13d9d61f4da37adf733ddfa6eaefc5b (diff)
download	meta-openembedded-83470f71c67fe8491013cdbffbc7fa1317d35500.tar.gz

diff --git a/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-29449.patch b/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-29449.patch new file mode 100644 index 0000000000..675d9e0f35 --- /dev/null +++ b/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-29449.patch
@@ -0,0 +1,247 @@
		1	From 240754ccee1b6b35ac47862be56dacec11e65b32 Mon Sep 17 00:00:00 2001
		2	From: Dmitrijs Goloscapovs <dmitrijs.goloscapovs@zabbix.com>
		3	Date: Thu, 27 Jul 2023 11:23:54 +0000
		4	Subject: [PATCH] .......PS. [DEV-2387] added new limits for JS objects
		5
		6	Merge in ZBX/zabbix from feature/DEV-2387-6.0 to release/6.0
		7
		8	* commit '16e5f15a70cfbf00c646cb92d1fcb8a362900285':
		9	.......PS. [DEV-2387] removed logsize check based on json buffer
		10	.......PS. [DEV-2387] removed logsize check based on json buffer
		11	.......PS. [DEV-2387] fixed pr comments
		12	.......PS. [DEV-2387] removed useless include
		13	.......PS. [DEV-2387] added limits for logging and adding httprequest headers
		14	.......PS. [DEV-2387] limited initialization of new HttpRequest objects
		15
		16	CVE: CVE-2023-29449
		17
		18	Upstream-Status: Backport [https://git.zabbix.com/projects/ZBX/repos/zabbix/commits/240754ccee1]
		19
		20	Signed-off-by: Yogita Urade <yogita.urade@windriver.com>
		21	---
		22	src/libs/zbxembed/console.c \| 23 ++++++++++++-----------
		23	src/libs/zbxembed/embed.c \| 1 +
		24	src/libs/zbxembed/embed.h \| 3 +++
		25	src/libs/zbxembed/httprequest.c \| 28 ++++++++++++++++++++++++++++
		26	src/libs/zbxembed/zabbix.c \| 23 ++++++++++++-----------
		27	5 files changed, 56 insertions(+), 22 deletions(-)
		28
		29	diff --git a/src/libs/zbxembed/console.c b/src/libs/zbxembed/console.c
		30	index c733487..60c48fc 100644
		31	--- a/src/libs/zbxembed/console.c
		32	+++ b/src/libs/zbxembed/console.c
		33	@@ -90,27 +90,28 @@ static duk_ret_t es_log_message(duk_context *ctx, int level)
		34	else
		35	msg_output = zbx_strdup(msg_output, "undefined");
		36
		37	- zabbix_log(level, "%s", msg_output);
		38	-
		39	duk_get_memory_functions(ctx, &out_funcs);
		40	env = (zbx_es_env_t *)out_funcs.udata;
		41
		42	- if (NULL == env->json)
		43	- goto out;
		44	-
		45	- if (ZBX_ES_LOG_MEMORY_LIMIT < env->json->buffer_size) /* approximate limit */
		46	+ if (ZBX_ES_LOG_MEMORY_LIMIT < env->log_size)
		47	{
		48	err_index = duk_push_error_object(ctx, DUK_RET_EVAL_ERROR, "log exceeds the maximum size of "
		49	ZBX_FS_UI64 " bytes.", ZBX_ES_LOG_MEMORY_LIMIT);
		50	goto out;
		51	}
		52
		53	- zbx_json_addobject(env->json, NULL);
		54	- zbx_json_adduint64(env->json, "level", (zbx_uint64_t)level);
		55	- zbx_json_adduint64(env->json, "ms", zbx_get_duration_ms(&env->start_time));
		56	- zbx_json_addstring(env->json, "message", msg_output, ZBX_JSON_TYPE_STRING);
		57	- zbx_json_close(env->json);
		58	+ zabbix_log(level, "%s", msg_output);
		59	+
		60	+ if (NULL != env->json)
		61	+ {
		62	+ zbx_json_addobject(env->json, NULL);
		63	+ zbx_json_adduint64(env->json, "level", (zbx_uint64_t)level);
		64	+ zbx_json_adduint64(env->json, "ms", zbx_get_duration_ms(&env->start_time));
		65	+ zbx_json_addstring(env->json, "message", msg_output, ZBX_JSON_TYPE_STRING);
		66	+ zbx_json_close(env->json);
		67	+ }
		68	out:
		69	+ env->log_size += strlen(msg_output);
		70	zbx_free(msg_output);
		71
		72	if (-1 != err_index)
		73	diff --git a/src/libs/zbxembed/embed.c b/src/libs/zbxembed/embed.c
		74	index 34d8d18..cc80925 100644
		75	--- a/src/libs/zbxembed/embed.c
		76	+++ b/src/libs/zbxembed/embed.c
		77	@@ -444,6 +444,7 @@ int zbx_es_execute(zbx_es_t es, const char script, const char *code, int size,
		78	zabbix_log(LOG_LEVEL_DEBUG, "In %s() param:%s", __func__, param);
		79
		80	zbx_timespec(&es->env->start_time);
		81	+ es->env->http_req_objects = 0;
		82
		83	if (NULL != es->env->json)
		84	{
		85	diff --git a/src/libs/zbxembed/embed.h b/src/libs/zbxembed/embed.h
		86	index a0a360c..2b954a8 100644
		87	--- a/src/libs/zbxembed/embed.h
		88	+++ b/src/libs/zbxembed/embed.h
		89	@@ -48,6 +48,9 @@ struct zbx_es_env
		90	struct zbx_json *json;
		91
		92	jmp_buf loc;
		93	+
		94	+ int http_req_objects;
		95	+ size_t log_size;
		96	};
		97
		98	zbx_es_env_t zbx_es_get_env(duk_context ctx);
		99	diff --git a/src/libs/zbxembed/httprequest.c b/src/libs/zbxembed/httprequest.c
		100	index 8c2839c..7f0eed9 100644
		101	--- a/src/libs/zbxembed/httprequest.c
		102	+++ b/src/libs/zbxembed/httprequest.c
		103	@@ -52,6 +52,7 @@ typedef struct
		104	size_t headers_in_alloc;
		105	size_t headers_in_offset;
		106	unsigned char custom_header;
		107	+ size_t headers_sz;
		108	}
		109	zbx_es_httprequest_t;
		110
		111	@@ -145,13 +146,21 @@ static duk_ret_t es_httprequest_dtor(duk_context *ctx)
		112	******************************************************************************/
		113	static duk_ret_t es_httprequest_ctor(duk_context *ctx)
		114	{
		115	+#define MAX_HTTPREQUEST_OBJECT_COUNT 10
		116	zbx_es_httprequest_t *request;
		117	CURLcode err;
		118	+ zbx_es_env_t *env;
		119	int err_index = -1;
		120
		121	if (!duk_is_constructor_call(ctx))
		122	return DUK_RET_TYPE_ERROR;
		123
		124	+ if (NULL == (env = zbx_es_get_env(ctx)))
		125	+ return duk_error(ctx, DUK_RET_TYPE_ERROR, "cannot access internal environment");
		126	+
		127	+ if (MAX_HTTPREQUEST_OBJECT_COUNT == env->http_req_objects)
		128	+ return duk_error(ctx, DUK_RET_EVAL_ERROR, "maximum count of HttpRequest objects was reached");
		129	+
		130	duk_push_this(ctx);
		131
		132	request = (zbx_es_httprequest_t *)zbx_malloc(NULL, sizeof(zbx_es_httprequest_t));
		133	@@ -189,7 +198,10 @@ out:
		134	return duk_throw(ctx);
		135	}
		136
		137	+ env->http_req_objects++;
		138	+
		139	return 0;
		140	+#undef MAX_HTTPREQUEST_OBJECT_COUNT
		141	}
		142
		143	/******************************************************************************
		144	@@ -201,10 +213,12 @@ out:
		145	******************************************************************************/
		146	static duk_ret_t es_httprequest_add_header(duk_context *ctx)
		147	{
		148	+#define ZBX_ES_MAX_HEADERS_SIZE ZBX_KIBIBYTE * 128
		149	zbx_es_httprequest_t *request;
		150	CURLcode err;
		151	char *utf8 = NULL;
		152	int err_index = -1;
		153	+ size_t header_sz;
		154
		155	if (NULL == (request = es_httprequest(ctx)))
		156	return duk_error(ctx, DUK_RET_EVAL_ERROR, "internal scripting error: null object");
		157	@@ -215,9 +229,20 @@ static duk_ret_t es_httprequest_add_header(duk_context *ctx)
		158	goto out;
		159	}
		160
		161	+ header_sz = strlen(utf8);
		162	+
		163	+ if (ZBX_ES_MAX_HEADERS_SIZE < request->headers_sz + header_sz)
		164	+ {
		165	+ err_index = duk_push_error_object(ctx, DUK_RET_TYPE_ERROR, "headers exceeded maximum size of "
		166	+ ZBX_FS_UI64 " bytes.", ZBX_ES_MAX_HEADERS_SIZE);
		167	+
		168	+ goto out;
		169	+ }
		170	+
		171	request->headers = curl_slist_append(request->headers, utf8);
		172	ZBX_CURL_SETOPT(ctx, request->handle, CURLOPT_HTTPHEADER, request->headers, err);
		173	request->custom_header = 1;
		174	+ request->headers_sz += header_sz + 1;
		175	out:
		176	zbx_free(utf8);
		177
		178	@@ -225,6 +250,7 @@ out:
		179	return duk_throw(ctx);
		180
		181	return 0;
		182	+#undef ZBX_ES_MAX_HEADERS_SIZE
		183	}
		184
		185	/******************************************************************************
		186	@@ -244,6 +270,7 @@ static duk_ret_t es_httprequest_clear_header(duk_context *ctx)
		187	curl_slist_free_all(request->headers);
		188	request->headers = NULL;
		189	request->custom_header = 0;
		190	+ request->headers_sz = 0;
		191
		192	return 0;
		193	}
		194	@@ -311,6 +338,7 @@ static duk_ret_t es_httprequest_query(duk_context ctx, const char http_request
		195	{
		196	curl_slist_free_all(request->headers);
		197	request->headers = NULL;
		198	+ request->headers_sz = 0;
		199	}
		200
		201	if (NULL != contents)
		202	diff --git a/src/libs/zbxembed/zabbix.c b/src/libs/zbxembed/zabbix.c
		203	index 820768f..0ecde86 100644
		204	--- a/src/libs/zbxembed/zabbix.c
		205	+++ b/src/libs/zbxembed/zabbix.c
		206	@@ -81,27 +81,28 @@ static duk_ret_t es_zabbix_log(duk_context *ctx)
		207	zbx_replace_invalid_utf8(message);
		208	}
		209
		210	- zabbix_log(level, "%s", message);
		211	-
		212	duk_get_memory_functions(ctx, &out_funcs);
		213	env = (zbx_es_env_t *)out_funcs.udata;
		214
		215	- if (NULL == env->json)
		216	- goto out;
		217	-
		218	- if (ZBX_ES_LOG_MEMORY_LIMIT < env->json->buffer_size) /* approximate limit */
		219	+ if (ZBX_ES_LOG_MEMORY_LIMIT < env->log_size)
		220	{
		221	err_index = duk_push_error_object(ctx, DUK_RET_EVAL_ERROR, "log exceeds the maximum size of "
		222	ZBX_FS_UI64 " bytes.", ZBX_ES_LOG_MEMORY_LIMIT);
		223	goto out;
		224	}
		225
		226	- zbx_json_addobject(env->json, NULL);
		227	- zbx_json_adduint64(env->json, "level", (zbx_uint64_t)level);
		228	- zbx_json_adduint64(env->json, "ms", zbx_get_duration_ms(&env->start_time));
		229	- zbx_json_addstring(env->json, "message", message, ZBX_JSON_TYPE_STRING);
		230	- zbx_json_close(env->json);
		231	+ zabbix_log(level, "%s", message);
		232	+
		233	+ if (NULL != env->json)
		234	+ {
		235	+ zbx_json_addobject(env->json, NULL);
		236	+ zbx_json_adduint64(env->json, "level", (zbx_uint64_t)level);
		237	+ zbx_json_adduint64(env->json, "ms", zbx_get_duration_ms(&env->start_time));
		238	+ zbx_json_addstring(env->json, "message", message, ZBX_JSON_TYPE_STRING);
		239	+ zbx_json_close(env->json);
		240	+ }
		241	out:
		242	+ env->log_size += strlen(message);
		243	zbx_free(message);
		244
		245	if (-1 != err_index)
		246	--
		247	2.35.5


diff --git a/meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb b/meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb index 7f530a5529..c373ed9f0c 100644 --- a/meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb +++ b/meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb
@@ -29,6 +29,7 @@ SRC_URI = "https://cdn.zabbix.com/zabbix/sources/stable/5.4/${BPN}-${PV}.tar.gz
29	file://CVE-2022-43515.patch \	29	file://CVE-2022-43515.patch \
30	file://CVE-2022-46768.patch \	30	file://CVE-2022-46768.patch \
31	file://CVE-2023-29451.patch \	31	file://CVE-2023-29451.patch \
		32	file://CVE-2023-29449.patch \
32	"	33	"
33		34
34	SRC_URI[md5sum] = "f295fd2df86143d72f6ff26e47d9e39e"	35	SRC_URI[md5sum] = "f295fd2df86143d72f6ff26e47d9e39e"