Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
node-ffi
is a Node.js addon for loading and calling dynamic libraries using
pure JavaScript. It can be used to create bindings to native libraries without
writing any C++ code.
It also simplifies the augmentation of node.js with C code as it takes care of
handling the translation of types across JavaScript and C, which can add reams
of boilerplate code to your otherwise simple C. See the example/factorial
for an example of this use case.
WARNING: node-ffi assumes you know what you're doing. You can pretty easily create situations where you will segfault the interpreter and unless you've got C debugger skills, you probably won't know what's going on.
var ffi = require('ffi');
var libm = ffi.Library('libm', {
'ceil': [ 'double', [ 'double' ] ]
});
libm.ceil(1.5); // 2
// You can also access just functions in the current process by passing a null
var current = ffi.Library(null, {
'atoi': [ 'int', [ 'string' ] ]
});
current.atoi('1234'); // 1234
For a more detailed introduction, see the node-ffi tutorial page.
libffi
comes bundled with node-ffi; it does not need to be installed on your system.Make sure you've installed all the necessary build tools for your platform, then invoke:
$ npm install ffi
To compile from source it's easiest to use
node-gyp
:
$ npm install -g node-gyp
Now you can compile node-ffi
:
$ git clone git://github.com/rbranson/node-ffi.git
$ cd node-ffi
$ node-gyp rebuild
The types that you specify in function declarations correspond to ref's types system. So see its docs for a reference if you are unfamiliar.
Internally, V8 stores integers that will fit into a 32-bit space in a 32-bit integer, and those that fall outside of this get put into double-precision floating point numbers. This is problematic because FP numbers are imprecise. To get around this, the methods in node-ffi that deal with 64-bit integers return strings and can accept strings as parameters.
There is non-trivial overhead associated with FFI calls. Comparing a hard-coded
binding version of strtoul()
to an FFI version of strtoul()
shows that the
native hard-coded binding is orders of magnitude faster. So don't just use the
C version of a function just because it's faster. There's a significant cost in
FFI calls, so make them worth it.
MIT License. See the LICENSE
file.
FAQs
A foreign function interface (FFI) for Node.js
The npm package ffi receives a total of 812 weekly downloads. As such, ffi popularity was classified as not popular.
We found that ffi demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.