-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.
Already on GitHub? Sign in to your account
Safe Buffer usage #790
Safe Buffer usage #790
Conversation
I like |
So I guess this PR #750 was based on the wrong version number then... it should have been |
if (b & 0x80) return -((b & ~0x80) * 0x100000000 + a) | ||
return b * 0x100000000 + a | ||
if (b & 0x80) return -(((b & ~0x80) * 0x100000000) + a) | ||
return (b * 0x100000000) + a |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
extra parentheses for readable?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
standard
@latest warns on these, haven't bumped yet in repository though - indeed it is just readability
Should we use |
Currently |
@@ -18,7 +18,7 @@ function fromBase58Check (address) { | |||
function toBase58Check (hash, version) { | |||
typeforce(types.tuple(types.Hash160bit, types.UInt8), arguments) | |||
|
|||
var payload = new Buffer(21) | |||
var payload = Buffer.allocUnsafe(21) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I see two variants in this PR: Buffer.alloc(length)
and Buffer.allocUnsafe(length)
. Can you choose one?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@fanatid I've used Buffer.alloc
all through the tests... and Buffer.allocUnsafe
in parts of the code where were previously using new Buffer
; so no change.
We should probably only need need Buffer.alloc
in cases of user input no?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
allocUnsafe
(from docs) uses internal memory pool, maybe we should use alloc
everywhere? (at least in bitcoinjs-lib)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this code is tested well enough that we can use both?
Wait... Blimey. |
travis will be fine, because |
base-x was bumped correctly https://github.com/cryptocoinjs/base-x/blob/v3.0.0/package.json#L41 |
@fanatid only after a screw around. Well, I guess this isn't merging any time soon then. Ha. |
Re-targeting |
Rebased, using |
@fanatid review would be appreciated 馃憤 .
Non-controversial, but, sensitive and I'd like at least 2 extra eyes since it touches the ECDSA module.
This is not a breaking change (we're already at a minimum of Node 4.5.0)