Skip to content

dangerous-function-buffer-alloc-unsafe

Ensure buffer does not use allowUnsafe

Node.js's allocUnsafe method of the Buffer class will allocate uninitialized memory, which means that the allocated segment of memory may contain old data that is potentially sensitive. Always use the Buffer.alloc() method instead.

Examples

Insecure Example

Buffer.allocUnsafe(size);

Secure Example

Buffer.alloc(size);