Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Prior to the introduction of, the JavaScript language had no mechanism for reading or manipulating streams of binary data.
- The class was introduced as part of the Node.js API to enable interaction with octet streams in TCP streams, file system operations, and other contexts.
- With now available, the class implements the API in a manner that is more optimized and suitable for Node.js.
- Instances of the class are similar to arrays of integers but correspond to fixed-sized, raw memory allocations outside the V8 heap.
- The size of the is established when it is created and cannot be changed.
- The class is within the global scope, making it unlikely that one would need to ever use
- // Creates a zero-filled Buffer of length 10.
- // Creates a Buffer of length 10, filled with 0x1.
- // Creates an uninitialized buffer of length 10.
- // This is faster than calling but the returned
- // Buffer instance might contain old data that needs to be
- // overwritten using either or
- // Creates a Buffer containing
- In versions of Node.js prior to 6.0.0, instances were created using the constructor function, which allocates the returned
- differently based on what arguments are provided:
- Passing a number as the first argument to (e.g.) allocates a new object of the specified size.
- Prior to Node.js 8.0.0, the memory allocated for such instances is not initialized and can contain sensitive data
- Such instances must be subsequently initialized by using either or by writing to the entire
- While this behavior is intentional to improve performance, development experience has demonstrated that a more explicit distinction is required between creating a fast-but-uninitialized versus creating a slower-but-safer
- Starting in Node.js 8.0.0, and will return a with initialized memory.
- Passing a string, array, or as the first argument copies the passed object's data into the
- Passing an or a returns a that shares allocated memory with the given array buffer.
- Because the behavior of is different depending on the type of the first argument, security and reliability issues can be inadvertently introduced into applications when argument validation or initialization is not performed.
- To make the creation of instances more reliable and less error-prone, the various forms of the constructor have been deprecated and replaced by separate, and methods.
- Developers should migrate all existing uses of the constructors to one of these new APIs.
- returns a new that contains a copy of the provided octets.
- returns a new that shares the same allocated memory as the given
- returns a new that contains a copy of the contents of the given
- returns a new initialized of the specified size.
- This method is slower than but guarantees that newly created instances never contain old data that is potentially sensitive.
- and each return a new uninitialized of the specified
- Because the is uninitialized, the allocated segment of memory might contain old data that is potentially sensitive.
- instances returned by may be allocated off a shared internal memory pool if is less than or equal to half
- Instances returned by never use the shared internal memory pool.
- Node.js can be started using the command line option to cause all newly allocated instances to be zero-filled upon creation by default, including buffers returned by and
- Use of this flag can have a significant negative impact on performance.
- Use of the option is recommended only when necessary to enforce that newly allocated instances cannot contain old data that is potentially sensitive.
- When calling and, the segment of allocated memory is uninitialized (it is not zeroed-out).
- While this design makes the allocation of memory quite fast, the allocated segment of memory might contain old data that is potentially sensitive.
- Using a created by without completely overwriting the memory can allow this old data to be leaked when the memory is read.
- While there are clear performance advantages to using extra care must be taken in order to avoid introducing security vulnerabilities into an application.
- The command line option
- What makes and "unsafe"?
- Buffers and Character Encodings
- When string data is stored in or extracted out of a instance, a character encoding may be specified.
- Prints
- The character encodings currently supported by Node.js include:
- For 7-bit ASCII data only.
- This encoding is fast and will strip the high bit if set.
- Multibyte encoded Unicode characters. Many web pages and other document formats use UTF-8.
- 2 or 4 bytes, little-endian encoded Unicode characters. Surrogate pairs are supported.
- Alias of
- Base64 encoding. When creating a from a string, this encoding will also correctly accept "URL and Filename Safe Alphabet" as specified in RFC4648, Section 5.
- A way of encoding the into a one-byte encoded string (as defined by the IANA in RFC1345, page 63, to be the Latin-1 supplement block and C0/C1 control codes).
- Encode each byte as two hexadecimal characters.
- Modern Web browsers follow the WHATWG Encoding Standard which aliases both and to. This means that while doing something like, if the returned charset is one of those listed in the WHATWG specification it is possible that the server actually returned encoded data, and using encoding may incorrectly decode the characters.
- and
- instances are also instances.
- However, there are subtle incompatibilities with
- For example, while creates a copy of the slice, the implementation of creates a view over the existing without copying, making far more efficient.
- It is also possible to create new instances from a with the following caveats:
- The object's memory is copied to the, not shared.
- The object's memory is interpreted as an array of distinct elements, and not as a byte array of the target type.
- That is, creates a 4-element with elements, not a with a single element or
- It is possible to create a new that shares the same allocated memory as a instance by using the object's property.
- Copies the contents of
- Shares memory with
- Note that when creating a using a, it is possible to use only a portion of the underlying by passing in and parameters.
- The and have different signatures and implementations.
- Specifically, the variants accept a second argument that is a mapping function that is invoked on every element of the typed array:
- The method, however, does not support the use of a mapping function:
- Buffers and iteration
- instances can be iterated over using syntax:
- Additionally, the, and methods can be used to create iterators.
- The class is a global type for dealing with binary data directly. It can be constructed in a variety of ways.
- Stability: 0 - Deprecated: Use instead.
- An array of bytes to copy from.
- Allocates a new using an of octets.
- Creates a new Buffer containing the UTF-8 bytes of the string
- An or the property of a
- Index of first byte to expose.
- Number of bytes to expose.
- This creates a view of the or without copying the underlying memory.
- For example, when passed a reference to the property of a instance, the newly created will share the same allocated memory as the
- The optional and arguments specify a memory range within the that will be shared by the
- Changing the original changes the Buffer also
- An existing or from which to copy data.
- Copies the passed data onto a new instance.
- The desired length of the new
- Allocates a new of bytes.
- If is larger than or smaller than 0, is
- A zero-length is created if is 0.
- Prior to Node.js 8.0.0, the underlying memory for instances created in this way is not initialized
- The contents of a newly created are unknown and may contain sensitive data
- Use instead to initialize a with zeroes.
- String to encode.
- The encoding of
- Creates a new containing
- The parameter identifies the character encoding of
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement