Value corruption for ASN_COUNTER64 #19
Description
net-snmp-0.2.5/lib/net/snmp/varbind.rb, in value()
when Constants::ASN_COUNTER64
counter = Wrapper::Counter64.new(struct.val[:counter64])
counter.high * 2^32 + counter.lowThe caret operator in Ruby is the bitwise XOR operator.
Operator precedence for the operators in the above expression (high to low) is * + ^
If high and low were both 0, this evaluates as such:
(0 * 2) ^ (32 + 0) = 0 ^ 32 = 32
10000 XOR 00000 results in 10000 (32).
This is a pretty serious breach of integrity for high-capacity counters! Any user should patch your own copy of this library!
As you can see the result is not what was intended, which is to use an exponent operator. In Ruby, that's ** and it is higher in precedence than all but !, ~, and unary +.
Line 51 of varbind.rb (as of the current commit 490fa59) should read
counter.high * 2**32 + counter.low