Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
bit-buffer
Advanced tools
BitBuffer provides two objects, BitView
and BitStream
. BitView
is a wrapper for ArrayBuffers, similar to JavaScript's DataView, but with support for bit-level reads and writes. BitStream
is a wrapper for a BitView
used to help maintain your current buffer position, as well as to provide higher-level read / write operations such as for ASCII strings.
bb.buffer // Underlying ArrayBuffer.
Default constructor, takes in a single argument of an ArrayBuffer. Optional are the byteOffset
and byteLength
arguments to offset and truncate the view's representation of the buffer.
Reads bits
number of bits starting at offset
, twiddling the bits appropriately to return a proper 32-bit signed or unsigned value. NOTE: While JavaScript numbers are 64-bit floating-point values, we don't bother with anything other than the first 32 bits.
Shortcuts for getBits, setting the correct bits
/ signed
values.
Gets 32 bits from offset
, and coerces and returns as a proper float32 value.
Gets 64 bits from offset
, and coerces and returns as a proper float64 value.
Sets bits
number of bits at offset
.
Shortcuts for setBits, setting the correct bits
count.
Coerces a float32 to uint32 and sets at offset
.
Coerces a float64 to two uint32s and sets at offset
.
bb.byteIndex; // Get current index in bytes.
bb.byteIndex = 0; // Set current index in bytes.
bb.view; // Underlying BitView
bb.length; // Get the length of the stream in bits
bb.bitsLeft; // The number of bits left in the stream
bb.index; // Get the current index in bits
bb.index = 0// Set the current index in bits
Default constructor, takes in a single argument of a BitView
, ArrayBuffer
or node Buffer
.
Shortcut constructor that initializes a new BitView(buffer, byteOffset, byteLength)
for the stream to use.
Returns bits
numbers of bits from the view at the current index, updating the index.
Sets bits
numbers of bits from value
in the view at the current index, updating the index.
Read a 8, 16 or 32 bits (unsigned) integer at the current index, updating the index.
Write 8, 16 or 32 bits from value
as (unsigned) integer at the current index, updating the index.
Read a 32 or 64 bit floating point number at the current index, updating the index.
Set 32 or 64 bits from value
as floating point value at the current index, updating the index.
Read a single bit from the view at the current index, updating the index.
Write a single bit to the view at the current index, updating the index.
Reads bytes from the underlying view at the current index until either bytes
count is reached or a 0x00 terminator is reached.
Writes a string followed by a NULL character to the underlying view starting at the current index. If the string is longer than bytes
it will be truncated, and if it is shorter 0x00 will be written in its place.
Create a new BitStream
from the underlying view starting the the current index and a length of length
bits. Updating the index of the existing BitStream
Read byteLength
bytes of data from the underlying view as ArrayBuffer
, updating the index.
MIT
FAQs
Bit-level reads and writes for ArrayBuffers
We found that bit-buffer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.