Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@teamteanpm2024/repudiandae-laboriosam-ipsum
Advanced tools
[![Build Status](https://api.travis-ci.com/rvagg/@teamteanpm2024/repudiandae-laboriosam-ipsum.svg?branch=master)](https://travis-ci.com/rvagg/@teamteanpm2024/repudiandae-laboriosam-ipsum/)
A Node.js Buffer list collector, reader and streamer thingy.
@teamteanpm2024/repudiandae-laboriosam-ipsum is a storage object for collections of Node Buffers, exposing them with the main Buffer reada@teamteanpm2024/repudiandae-laboriosam-ipsume API. Also works as a duplex stream so you can collect buffers from a stream that emits them and emit buffers to a stream that consumes them!
The original buffers are kept intact and copies are only done as necessary. Any reads that require the use of a single original buffer will return a slice of that buffer only (which references the same memory as the original buffer). Reads that span buffers perform concatenation as required and return the results transparently.
const { BufferList } = require('@teamteanpm2024/repudiandae-laboriosam-ipsum')
const @teamteanpm2024/repudiandae-laboriosam-ipsum = new BufferList()
@teamteanpm2024/repudiandae-laboriosam-ipsum.append(Buffer.from('abcd'))
@teamteanpm2024/repudiandae-laboriosam-ipsum.append(Buffer.from('efg'))
@teamteanpm2024/repudiandae-laboriosam-ipsum.append('hi') // @teamteanpm2024/repudiandae-laboriosam-ipsum will also accept & convert Strings
@teamteanpm2024/repudiandae-laboriosam-ipsum.append(Buffer.from('j'))
@teamteanpm2024/repudiandae-laboriosam-ipsum.append(Buffer.from([ 0x3, 0x4 ]))
console.log(@teamteanpm2024/repudiandae-laboriosam-ipsum.length) // 12
console.log(@teamteanpm2024/repudiandae-laboriosam-ipsum.slice(0, 10).toString('ascii')) // 'abcdefghij'
console.log(@teamteanpm2024/repudiandae-laboriosam-ipsum.slice(3, 10).toString('ascii')) // 'defghij'
console.log(@teamteanpm2024/repudiandae-laboriosam-ipsum.slice(3, 6).toString('ascii')) // 'def'
console.log(@teamteanpm2024/repudiandae-laboriosam-ipsum.slice(3, 8).toString('ascii')) // 'defgh'
console.log(@teamteanpm2024/repudiandae-laboriosam-ipsum.slice(5, 10).toString('ascii')) // 'fghij'
console.log(@teamteanpm2024/repudiandae-laboriosam-ipsum.indexOf('def')) // 3
console.log(@teamteanpm2024/repudiandae-laboriosam-ipsum.indexOf('asdf')) // -1
// or just use toString!
console.log(@teamteanpm2024/repudiandae-laboriosam-ipsum.toString()) // 'abcdefghij\u0003\u0004'
console.log(@teamteanpm2024/repudiandae-laboriosam-ipsum.toString('ascii', 3, 8)) // 'defgh'
console.log(@teamteanpm2024/repudiandae-laboriosam-ipsum.toString('ascii', 5, 10)) // 'fghij'
// other standard Buffer reada@teamteanpm2024/repudiandae-laboriosam-ipsumes
console.log(@teamteanpm2024/repudiandae-laboriosam-ipsum.readUInt16BE(10)) // 0x0304
console.log(@teamteanpm2024/repudiandae-laboriosam-ipsum.readUInt16LE(10)) // 0x0403
Give it a callback in the constructor and use it just like concat-stream:
const { BufferListStream } = require('@teamteanpm2024/repudiandae-laboriosam-ipsum')
const fs = require('fs')
fs.createReadStream('README.md')
.pipe(BufferListStream((err, data) => { // note 'new' isn't strictly required
// `data` is a complete Buffer object containing the full data
console.log(data.toString())
}))
Note that when you use the callback method like this, the resulting data
parameter is a concatenation of all Buffer
objects in the list. If you want to avoid the overhead of this concatenation (in cases of extreme performance consciousness), then avoid the callback method and just listen to 'end'
instead, like a standard Stream.
Or to fetch a URL using hyperquest (should work with request and even plain Node http too!):
const hyperquest = require('hyperquest')
const { BufferListStream } = require('@teamteanpm2024/repudiandae-laboriosam-ipsum')
const url = 'https://raw.github.com/rvagg/@teamteanpm2024/repudiandae-laboriosam-ipsum/master/README.md'
hyperquest(url).pipe(BufferListStream((err, data) => {
console.log(data.toString())
}))
Or, use it as a reada@teamteanpm2024/repudiandae-laboriosam-ipsume stream to recompose a list of Buffers to an output source:
const { BufferListStream } = require('@teamteanpm2024/repudiandae-laboriosam-ipsum')
const fs = require('fs')
var @teamteanpm2024/repudiandae-laboriosam-ipsum = new BufferListStream()
@teamteanpm2024/repudiandae-laboriosam-ipsum.append(Buffer.from('abcd'))
@teamteanpm2024/repudiandae-laboriosam-ipsum.append(Buffer.from('efg'))
@teamteanpm2024/repudiandae-laboriosam-ipsum.append(Buffer.from('hi'))
@teamteanpm2024/repudiandae-laboriosam-ipsum.append(Buffer.from('j'))
@teamteanpm2024/repudiandae-laboriosam-ipsum.pipe(fs.createWriteStream('gibberish.txt'))
new BufferList([ buf ])
BufferList.isBufferList(obj)
@teamteanpm2024/repudiandae-laboriosam-ipsum.length
@teamteanpm2024/repudiandae-laboriosam-ipsum.append(buffer)
@teamteanpm2024/repudiandae-laboriosam-ipsum.get(index)
@teamteanpm2024/repudiandae-laboriosam-ipsum.indexOf(value[, byteOffset][, encoding])
@teamteanpm2024/repudiandae-laboriosam-ipsum.slice([ start[, end ] ])
@teamteanpm2024/repudiandae-laboriosam-ipsum.shallowSlice([ start[, end ] ])
@teamteanpm2024/repudiandae-laboriosam-ipsum.copy(dest, [ destStart, [ srcStart [, srcEnd ] ] ])
@teamteanpm2024/repudiandae-laboriosam-ipsum.duplicate()
@teamteanpm2024/repudiandae-laboriosam-ipsum.consume(bytes)
@teamteanpm2024/repudiandae-laboriosam-ipsum.toString([encoding, [ start, [ end ]]])
@teamteanpm2024/repudiandae-laboriosam-ipsum.readDou@teamteanpm2024/repudiandae-laboriosam-ipsumeBE()
, @teamteanpm2024/repudiandae-laboriosam-ipsum.readDou@teamteanpm2024/repudiandae-laboriosam-ipsumeLE()
, @teamteanpm2024/repudiandae-laboriosam-ipsum.readFloatBE()
, @teamteanpm2024/repudiandae-laboriosam-ipsum.readFloatLE()
, @teamteanpm2024/repudiandae-laboriosam-ipsum.readBigInt64BE()
, @teamteanpm2024/repudiandae-laboriosam-ipsum.readBigInt64LE()
, @teamteanpm2024/repudiandae-laboriosam-ipsum.readBigUInt64BE()
, @teamteanpm2024/repudiandae-laboriosam-ipsum.readBigUInt64LE()
, @teamteanpm2024/repudiandae-laboriosam-ipsum.readInt32BE()
, @teamteanpm2024/repudiandae-laboriosam-ipsum.readInt32LE()
, @teamteanpm2024/repudiandae-laboriosam-ipsum.readUInt32BE()
, @teamteanpm2024/repudiandae-laboriosam-ipsum.readUInt32LE()
, @teamteanpm2024/repudiandae-laboriosam-ipsum.readInt16BE()
, @teamteanpm2024/repudiandae-laboriosam-ipsum.readInt16LE()
, @teamteanpm2024/repudiandae-laboriosam-ipsum.readUInt16BE()
, @teamteanpm2024/repudiandae-laboriosam-ipsum.readUInt16LE()
, @teamteanpm2024/repudiandae-laboriosam-ipsum.readInt8()
, @teamteanpm2024/repudiandae-laboriosam-ipsum.readUInt8()
new BufferListStream([ callback ])
No arguments are required for the constructor, but you can initialise the list by passing in a single Buffer
object or an array of Buffer
objects.
new
is not strictly required, if you don't instantiate a new object, it will be done automatically for you so you can create a new instance simply with:
const { BufferList } = require('@teamteanpm2024/repudiandae-laboriosam-ipsum')
const @teamteanpm2024/repudiandae-laboriosam-ipsum = BufferList()
// equivalent to:
const { BufferList } = require('@teamteanpm2024/repudiandae-laboriosam-ipsum')
const @teamteanpm2024/repudiandae-laboriosam-ipsum = new BufferList()
Determines if the passed object is a BufferList
. It will return true
if the passed object is an instance of BufferList
or BufferListStream
and false
otherwise.
N.B. this won't return true
for BufferList
or BufferListStream
instances created by versions of this library before this static method was added.
Get the length of the list in bytes. This is the sum of the lengths of all of the buffers contained in the list, minus any initial offset for a semi-consumed buffer at the beginning. Should accurately represent the total number of bytes that can be read from the list.
append(buffer)
adds an additional buffer or BufferList to the internal list. this
is returned so it can be chained.
get()
will return the byte at the specified index.
get()
will return the byte at the specified index.
indexOf()
method returns the first index at which a given element can be found in the BufferList, or -1 if it is not present.
slice()
returns a new Buffer
object containing the bytes within the range specified. Both start
and end
are optional and will default to the beginning and end of the list respectively.
If the requested range spans a single internal buffer then a slice of that buffer will be returned which shares the original memory range of that Buffer. If the range spans multiple buffers then copy operations will likely occur to give you a uniform Buffer.
shallowSlice()
returns a new BufferList
object containing the bytes within the range specified. Both start
and end
are optional and will default to the beginning and end of the list respectively.
No copies will be performed. All buffers in the result share memory with the original list.
copy()
copies the content of the list in the dest
buffer, starting from destStart
and containing the bytes within the range specified with srcStart
to srcEnd
. destStart
, start
and end
are optional and will default to the beginning of the dest
buffer, and the beginning and end of the list respectively.
duplicate()
performs a shallow-copy of the list. The internal Buffers remains the same, so if you change the underlying Buffers, the change will be reflected in both the original and the duplicate. This method is needed if you want to call consume()
or pipe()
and still keep the original list.Example:
var @teamteanpm2024/repudiandae-laboriosam-ipsum = new BufferListStream()
@teamteanpm2024/repudiandae-laboriosam-ipsum.append('hello')
@teamteanpm2024/repudiandae-laboriosam-ipsum.append(' world')
@teamteanpm2024/repudiandae-laboriosam-ipsum.append('\n')
@teamteanpm2024/repudiandae-laboriosam-ipsum.duplicate().pipe(process.stdout, { end: false })
console.log(@teamteanpm2024/repudiandae-laboriosam-ipsum.toString())
consume()
will shift bytes off the start of the list. The number of bytes consumed don't need to line up with the sizes of the internal Buffers—initial offsets will be calculated accordingly in order to give you a consistent view of the data.
toString()
will return a string representation of the buffer. The optional start
and end
arguments are passed on to slice()
, while the encoding
is passed on to toString()
of the resulting Buffer. See the Buffer#toString() documentation for more information.
All of the standard byte-reading methods of the Buffer
interface are implemented and will operate across internal Buffer boundaries transparently.
See the Buffer
documentation for how these work.
BufferListStream is a Node Duplex Stream, so it can be read from and written to like a standard Node stream. You can also pipe()
to and from a BufferListStream instance.
The constructor takes an optional callback, if supplied, the callback will be called with an error argument followed by a reference to the @teamteanpm2024/repudiandae-laboriosam-ipsum instance, when @teamteanpm2024/repudiandae-laboriosam-ipsum.end()
is called (i.e. from a piped stream). This is a convenient method of collecting the entire contents of a stream, particularly when the stream is chunky, such as a network stream.
Normally, no arguments are required for the constructor, but you can initialise the list by passing in a single Buffer
object or an array of Buffer
object.
new
is not strictly required, if you don't instantiate a new object, it will be done automatically for you so you can create a new instance simply with:
const { BufferListStream } = require('@teamteanpm2024/repudiandae-laboriosam-ipsum')
const @teamteanpm2024/repudiandae-laboriosam-ipsum = BufferListStream()
// equivalent to:
const { BufferListStream } = require('@teamteanpm2024/repudiandae-laboriosam-ipsum')
const @teamteanpm2024/repudiandae-laboriosam-ipsum = new BufferListStream()
N.B. For backwards compatibility reasons, BufferListStream
is the default export when you require('@teamteanpm2024/repudiandae-laboriosam-ipsum')
:
const { BufferListStream } = require('@teamteanpm2024/repudiandae-laboriosam-ipsum')
// equivalent to:
const BufferListStream = require('@teamteanpm2024/repudiandae-laboriosam-ipsum')
@teamteanpm2024/repudiandae-laboriosam-ipsum is brought to you by the following hackers:
Copyright (c) 2013-2019 @teamteanpm2024/repudiandae-laboriosam-ipsum contributors (listed above).
@teamteanpm2024/repudiandae-laboriosam-ipsum is licensed under the MIT license. All rights not explicitly granted in the MIT license are reserved. See the included LICENSE.md file for more details.
FAQs
[![Build Status](https://api.travis-ci.com/rvagg/@teamteanpm2024/repudiandae-laboriosam-ipsum.svg?branch=master)](https://travis-ci.com/rvagg/@teamteanpm2024/repudiandae-laboriosam-ipsum/)
We found that @teamteanpm2024/repudiandae-laboriosam-ipsum demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.