safe-buffer
Advanced tools
Comparing version 1.0.0 to 2.0.0
22
index.js
@@ -12,3 +12,2 @@ module.exports = SafeBuffer | ||
// Copy static methods and properties from Buffer | ||
Object.keys(Buffer).forEach(function (prop) { | ||
@@ -18,8 +17,23 @@ SafeBuffer[prop] = Buffer[prop] | ||
SafeBuffer.alloc = function (len) { | ||
if (typeof len !== 'number') { | ||
SafeBuffer.from = function (value, encoding) { | ||
if (typeof value === 'number') { | ||
throw new TypeError('Argument must not be a number') | ||
} | ||
return new Buffer(value, encoding) | ||
} | ||
SafeBuffer.alloc = function (size) { | ||
if (typeof size !== 'number') { | ||
throw new TypeError('Argument must be a number') | ||
} | ||
return new Buffer(len) | ||
return new Buffer(size) | ||
} | ||
SafeBuffer.zalloc = function (size) { | ||
if (typeof size !== 'number') { | ||
throw new TypeError('Argument must be a number') | ||
} | ||
var buffer = new Buffer(size) | ||
buffer.fill(0) | ||
return buffer | ||
} |
{ | ||
"name": "safe-buffer", | ||
"description": "Safer Node.js Buffer API", | ||
"version": "1.0.0", | ||
"version": "2.0.0", | ||
"author": { | ||
@@ -6,0 +6,0 @@ "name": "Feross Aboukhadijeh", |
@@ -37,7 +37,39 @@ # safe-buffer [![travis][travis-image]][travis-url] [![npm][npm-image]][npm-url] [![downloads][downloads-image]][npm-url] | ||
// Create uninitialized buffers explicitly, when required for performance: | ||
// Going forward, use an explicit API to make clear what you want. | ||
Buffer.alloc(16) // potentially unsafe | ||
Buffer.from('hey', 'utf8') // convert from many types to a Buffer | ||
Buffer.zalloc(16) // create a zero-filled buffer (safe) | ||
Buffer.alloc(16) // create an uninitialized buffer (potentially unsafe) | ||
``` | ||
## api | ||
### `Buffer.from(value, [encoding])` | ||
Creates a new Buffer containing the given `value`. `value` can be an `Array`, `Buffer`, | ||
`ArrayBuffer`, `string`, or `TypedArrayView` (`Uint8Array`, etc.). If `value` is a string, | ||
an `encoding` parameter can also be provided to identify the string character encoding. | ||
### `Buffer.zalloc(size)` | ||
Allocate a zero-filled buffer with the given `size`. This is safe and recommended to use. | ||
### `Buffer.alloc(size)` | ||
Allocate an uninitialized buffer with the given `size`. This is potentially unsafe. The | ||
underlying memory for `Buffer` instances created in this way is not initialized. The | ||
contents are unknown and could contain sensitive data. The buffer must be overwritten | ||
before it's used. | ||
### more methods | ||
The rest of the `Buffer` API is exactly the same as in node.js. | ||
[See the docs](https://nodejs.org/api/buffer.html). | ||
## Related links | ||
- [Node.js issue: Buffer(number) is unsafe](https://github.com/nodejs/node/issues/4660) | ||
- [Node.js Enhancement Proposal: Buffer.from/Buffer.alloc/Buffer.zalloc/Buffer() soft-deprecate](https://github.com/nodejs/node-eps/pull/4) | ||
## Why is `Buffer` unsafe? | ||
@@ -146,3 +178,3 @@ | ||
[Mathius Buus](https://github.com/mafintosh) and I | ||
[Mathias Buus](https://github.com/mafintosh) and I | ||
([Feross Aboukhadijeh](http://feross.org/)) found this issue in one of our own packages, | ||
@@ -209,3 +241,3 @@ [`bittorrent-dht`](https://www.npmjs.com/package/bittorrent-dht). The bug would allow | ||
#### `Buffer.alloc(number)` | ||
#### A new API: `Buffer.alloc(number)` | ||
@@ -252,6 +284,19 @@ The functionality of creating buffers with uninitialized memory should be part of another | ||
1. Change `new Buffer(number)` to return safe, zeroed-out memory | ||
~~1. Change `new Buffer(number)` to return safe, zeroed-out memory~~ | ||
2. Create a new API for creating uninitialized Buffers. We propose: `Buffer.alloc(number)` | ||
~~2. Create a new API for creating uninitialized Buffers. We propose: `Buffer.alloc(number)`~~ | ||
### Update | ||
Upon further consideration, we think that returning zeroed out memory is a separate issue. | ||
The core issue is: unsafe buffer allocation should be in a different API. | ||
We now support adding two APIs: | ||
- `Buffer.from(value)` - convert from any type to a buffer | ||
- `Buffer.alloc(size)` - create an uninitialized buffer with given size | ||
This solves the core problem that affected `ws` and `bittorrent-dht` which is | ||
`Buffer(variable)` getting tricked into taking a number argument. | ||
This way, existing code continues working and the impact on the npm ecosystem will be | ||
@@ -258,0 +303,0 @@ minimal. Over time, npm maintainers can migrate performance-critical code to use |
62
test.js
var test = require('tape') | ||
var SafeBuffer = require('./').Buffer | ||
test('safe usage continues to work as before', function (t) { | ||
test('new SafeBuffer(value) works just like Buffer', function (t) { | ||
t.deepEqual(new SafeBuffer('hey'), new Buffer('hey')) | ||
t.deepEqual(new SafeBuffer('hey', 'utf8'), new Buffer('hey', 'utf8')) | ||
t.deepEqual(new SafeBuffer('686579', 'hex'), new Buffer('686579', 'hex')) | ||
t.deepEqual(new SafeBuffer([1, 2, 3]), new Buffer([1, 2, 3])) | ||
t.deepEqual(new SafeBuffer(new Uint8Array([1, 2, 3])), new Buffer(new Uint8Array([1, 2, 3]))) | ||
t.equal(typeof SafeBuffer.isBuffer, 'function') | ||
t.equal(SafeBuffer.isBuffer(new SafeBuffer('hey')), true) | ||
t.equal(Buffer.isBuffer(new SafeBuffer('hey')), true) | ||
t.notOk(Buffer.isBuffer({})) | ||
t.notOk(SafeBuffer.isBuffer({})) | ||
t.end() | ||
}) | ||
test('new Buffer(number) always returns zeroed out memory', function (t) { | ||
test('SafeBuffer.from(value) converts to a Buffer', function (t) { | ||
t.deepEqual(SafeBuffer.from('hey'), new Buffer('hey')) | ||
t.deepEqual(SafeBuffer.from('hey', 'utf8'), new Buffer('hey', 'utf8')) | ||
t.deepEqual(SafeBuffer.from('686579', 'hex'), new Buffer('686579', 'hex')) | ||
t.deepEqual(SafeBuffer.from([1, 2, 3]), new Buffer([1, 2, 3])) | ||
t.deepEqual(SafeBuffer.from(new Uint8Array([1, 2, 3])), new Buffer(new Uint8Array([1, 2, 3]))) | ||
t.end() | ||
}) | ||
test('new SafeBuffer(number) returns zeroed-out memory', function (t) { | ||
for (var i = 0; i < 10; i++) { | ||
t.deepEqual(new SafeBuffer(1000), new Buffer(1000).fill(0)) | ||
t.deepEqual(new SafeBuffer(1000 * 1000), new Buffer(1000 * 1000).fill(0)) | ||
var expected1 = new Buffer(1000) | ||
expected1.fill(0) | ||
t.deepEqual(new SafeBuffer(1000), expected1) | ||
var expected2 = new Buffer(1000 * 1000) | ||
expected2.fill(0) | ||
t.deepEqual(new SafeBuffer(1000 * 1000), expected2) | ||
} | ||
@@ -23,3 +42,16 @@ t.end() | ||
test('Buffer.alloc(number)', function (t) { | ||
test('SafeBuffer.zalloc(number) returns zeroed-out memory', function (t) { | ||
for (var i = 0; i < 10; i++) { | ||
var expected1 = new Buffer(1000) | ||
expected1.fill(0) | ||
t.deepEqual(SafeBuffer.zalloc(1000), expected1) | ||
var expected2 = new Buffer(1000 * 1000) | ||
expected2.fill(0) | ||
t.deepEqual(SafeBuffer.zalloc(1000 * 1000), expected2) | ||
} | ||
t.end() | ||
}) | ||
test('SafeBuffer.alloc(number)', function (t) { | ||
var buf = SafeBuffer.alloc(100) // unitialized memory | ||
@@ -32,3 +64,3 @@ t.equal(buf.length, 100) | ||
test('Buffer.alloc() throws with other types', function (t) { | ||
test('SafeBuffer.alloc() throws with non-number types', function (t) { | ||
t.plan(4) | ||
@@ -48,1 +80,17 @@ t.throws(function () { | ||
}) | ||
test('SafeBuffer.zalloc() throws with non-number types', function (t) { | ||
t.plan(4) | ||
t.throws(function () { | ||
SafeBuffer.zalloc('hey') | ||
}) | ||
t.throws(function () { | ||
SafeBuffer.zalloc('hey', 'utf8') | ||
}) | ||
t.throws(function () { | ||
SafeBuffer.zalloc([1, 2, 3]) | ||
}) | ||
t.throws(function () { | ||
SafeBuffer.zalloc({}) | ||
}) | ||
}) |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
17705
113
350