Security News
JSR Working Group Kicks Off with Ambitious Roadmap and Plans for Open Governance
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
cmem_helpers
Advanced tools
This provides a few simple & light helpers for working with C-memory. It should be useful for FFI, native node-modules, and browser/node wasm, and has no dependencies. It should also work for other runtimes like bun, deno, or quickjs.
Use it to pass and work with strings, and structs. It is very light and intended for no-emscripten host-code, or situations where you want to do your own thing, a bit.
I also wrote a couple medium posts about how it works:
You can add it to your project like this:
npm i cmem_helpers
And then import or require it:
import memhelpers from 'cmem_helpers'
// OR
const memhelpers = require('cmem_helpers')
You can also use it on the web:
<script type=module>
import memhelpers from 'https://cdn.jsdelivr.net/npm/cmem_helpers/+esm'
</script>
You can also use an importmap to make your code look the same:
<script type="importmap">
{
"imports": {
"cmem_helpers": "https://cdn.jsdelivr.net/npm/cmem_helpers/+esm"
}
}
</script>
<script type=module>
import memhelpers from 'cmem_helpers'
// YOUR CODE HERE
</script>
Here is an example with WASM, in the browser/nodejs:
import memhelpers from 'cmem_helpers'
// define this to pass functions to WASM
const env = {
demo(namePtr){
console.log(`Hello ${getString(namePtr)}!`)
}
}
// load your bytes in wasmBytes however you do that
const wasmBytes = '...'
const mod = (await WebAssembly.instantiate(wasmBytes, { env })).instance.exports
// here is the actual setup
const { struct, structClass, setString, getString } = memhelpers(mod.memory.buffer, mod.malloc)
The first param is a buffer associated with the memory, and the second is optional, and it's a way to allocate bytes, and get a pointer. In this example, I exposed a function called malloc
in my wasm, so I can allocate bytes, in the host. You can see an example in the test wasm.
These are for basic C-style null-terminated UTF-8 strings.
// get a string from a pointer, using /0 termination (standard c-string)
getString(strPtr)
// explicitly tell it the length
getString(strPtr, 100)
// set a string in memory, with length (remember the last /0 char)
setString("Hello", address, 6)
// set a string in memory, without length
setString("Hello", address)
// get a pointer to a new string (if you setup malloc earlier)
const ptr = setString("Hello")
This very simple helper uses DataView to interact directly with the memory.
Valid types are:
BigInt64
BigUint64
Float32
Float64
Int16
Int32
Int8
Uint16
Uint32
Uint8
You can define a struct like this:
const Color = struct({
r: 'Uint8',
g: 'Uint8',
b: 'Uint8',
a: 'Uint8'
})
And now you can make Color
objects, with an address, and/or intiial value:
const color = Color({r: 0, g: 0, b: , a: 255}, address)
If you provided a malloc
function earlier, when you set it up, you can also do this:
const color = Color()
const color = Color({r: 0, g: 0, b: , a: 255})
And it will allocate it for you. It will have a couple members: _size
and _address
that you can use in other things, for example to pass the pointer to a function:
mod.useMyColor(color._address)
You can also access the underlying bytes, if you need them:
console.log(color._bytes)
You can also use structClass
, if you like to use them more like classes, and they will work the same:
const Color = structClass({
r: 'Uint8',
g: 'Uint8',
b: 'Uint8',
a: 'Uint8'
})
const color = new Color()
I have a few ideas for the future:
FAQs
simple & light helpers for working with C-memory
We found that cmem_helpers demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
Security News
Research
An advanced npm supply chain attack is leveraging Ethereum smart contracts for decentralized, persistent malware control, evading traditional defenses.
Security News
Research
Attackers are impersonating Sindre Sorhus on npm with a fake 'chalk-node' package containing a malicious backdoor to compromise developers' projects.