From ef6aeb4ba3fba763d860d6d54b4764df9fb0fd8d Mon Sep 17 00:00:00 2001 From: Ruben de Vries Date: Mon, 31 Jul 2017 10:23:08 +0200 Subject: [PATCH] use safe-buffer and Buffer.from to ensure we're actually using a copy of the buffer --- index.js | 5 +++-- package.json | 3 +++ test/index.js | 5 +++-- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/index.js b/index.js index 43f5ec1..994f051 100644 --- a/index.js +++ b/index.js @@ -1,8 +1,9 @@ +var Buffer = require('safe-buffer').Buffer module.exports = function reverse (src) { if (typeof src.reverse === 'function') { - return src.reverse() + return Buffer.from(src).reverse() } else { - var buffer = new Buffer(src.length) + var buffer = Buffer.alloc(src.length) for (var i = 0, j = src.length - 1; i <= j; ++i, --j) { buffer[i] = src[j] diff --git a/package.json b/package.json index 843c65a..26543cf 100644 --- a/package.json +++ b/package.json @@ -37,5 +37,8 @@ "devDependencies": { "standard": "*", "tape": "*" + }, + "dependencies": { + "safe-buffer": "^5.1.1" } } diff --git a/test/index.js b/test/index.js index 96abf21..8722ec4 100644 --- a/test/index.js +++ b/test/index.js @@ -1,3 +1,4 @@ +var Buffer = require('safe-buffer').Buffer var test = require('tape') var reverse = require('../') var reverseInplace = require('../inplace') @@ -6,7 +7,7 @@ var fixtures = require('./fixtures') test('reverse', function (t) { fixtures.forEach(function (f) { t.test('returns ' + f.expected + ' for ' + f.a, function (t) { - var a = new Buffer(f.a, 'hex') + var a = Buffer.from(f.a, 'hex') t.same(reverse(a).toString('hex'), f.expected) t.same(a.toString('hex'), f.a) // input unchanged t.end() @@ -19,7 +20,7 @@ test('reverse', function (t) { test('reverse/inplace', function (t) { fixtures.forEach(function (f) { t.test('returns ' + f.expected + ' for ' + f.a, function (t) { - var a = new Buffer(f.a, 'hex') + var a = Buffer.from(f.a, 'hex') t.same(reverseInplace(a).toString('hex'), f.expected) t.same(a.toString('hex'), f.expected) // input mutated t.end()