Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
The 'bufrw' npm package is a buffer read/write library designed to facilitate the reading and writing of binary data. It provides a set of tools to handle binary data serialization and deserialization, making it easier to work with binary protocols.
Buffer Reading
This feature allows you to read binary data from a buffer. In this example, a 32-bit unsigned integer is read from a buffer in big-endian format.
const bufrw = require('bufrw');
const buffer = Buffer.from([0x01, 0x02, 0x03, 0x04]);
const result = bufrw.UInt32BE.readFrom(buffer, 0);
console.log(result.value); // 16909060
Buffer Writing
This feature allows you to write binary data into a buffer. In this example, a 32-bit unsigned integer is written into a buffer in big-endian format.
const bufrw = require('bufrw');
const buffer = Buffer.alloc(4);
bufrw.UInt32BE.writeInto(16909060, buffer, 0);
console.log(buffer); // <Buffer 01 02 03 04>
Custom Serialization
This feature allows you to define custom serialization structures. In this example, a structure consisting of an 8-bit unsigned integer followed by a 16-bit unsigned integer in big-endian format is defined and written into a buffer.
const bufrw = require('bufrw');
const MyStruct = bufrw.Struct([bufrw.UInt8, bufrw.UInt16BE]);
const buffer = Buffer.alloc(3);
MyStruct.writeInto([0x01, 0x0203], buffer, 0);
console.log(buffer); // <Buffer 01 02 03>
The 'buffer' package is a core Node.js module that provides a way of handling binary data directly in JavaScript. It is similar to 'bufrw' in that it allows reading and writing of binary data, but it is more general-purpose and does not provide the same level of abstraction for custom serialization.
The 'binary' package provides a declarative way to work with binary data in Node.js. It allows you to define binary structures and parse them from buffers. It is similar to 'bufrw' in that it provides tools for binary data serialization and deserialization, but it uses a different approach with a focus on declarative syntax.
The 'struct' package allows you to define and work with binary data structures in Node.js. It is similar to 'bufrw' in that it provides tools for defining and working with binary data structures, but it offers a different API and focuses on ease of use for defining complex binary structures.
Buffer Reading and Writing
Simple length-prefixed string:
var bufrw = require("bufrw");
var buf = bufrw.toBuffer(bufrw.str1, "hello world");
// <Buffer 0b 68 65 6c 6c 6f 20 77 6f 72 6c 64>
var str = bufrw.fromBuffer(bufrw.str1, buf)
// "hello world"
// TODO more examples
A combinatoric library for synchronous binary buffer reading and writing.
The design is to combine:
Into a single re-combinable data type, eventually supporting code generation for efficiency.
Any of those three steps may result in an error, so rather than rely on error throw/catching we use an error-able result type.
See docs.jsig
npm install bufrw
npm test
npm run add-licence
This will add the licence headers.npm run cover
This runs the tests with code coveragenpm run lint
This will run the linter on your codenpm test
This will run the tests.npm run trace
This will run your tests in tracing mode.npm run travis
This is run by travis.CI to run your testsnpm run view-cover
This will show code coverage in a browserFAQs
Buffer Reading and Writing
The npm package bufrw receives a total of 394,974 weekly downloads. As such, bufrw popularity was classified as popular.
We found that bufrw demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 11 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.