-
Notifications
You must be signed in to change notification settings - Fork 10
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: using Buffer.alloc(size) instead of new Buffer(size) #34
Conversation
lib/byte.js
Outdated
@@ -21,7 +21,7 @@ function ByteBuffer(options) { | |||
if (array) { | |||
this._bytes = array; | |||
} else { | |||
this._bytes = new Buffer(this._size); | |||
this._bytes = Buffer.alloc(this._size); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
我还专门查了的,把 10.0.0 看成 0.10.0 了,但是 ci 里 4 是过了的
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
node 4 有,0.10.0 和 0.12.0 没有,还要支持吗?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
1.4.1 |
new Buffer(size)
没有 fill 0,可能会导致信息泄露。并且 node 10 里已经 deprecated,用 Buffer.alloc / Buffer.from / Buffer.allocUnsafe 代替https://snyk.io/vuln/npm:byte:20180512