Skip to content

Unsafe Buffer Allocation

What does this mean ?

Buffer.allocUnsafe(size); creates a new Buffer of size bytes. If size is 0, a zero-length Buffer is constructed. The underlying memory for these Buffer objects is not initialized. The newly generated Buffer's contents are unknown and may contain sensitive data.

What can happen ?

When Buffer.allocUnsafe() is called, the allocated memory segment is uninitialized (it is not zeroed-out). While this approach allows for quick memory allocation, the allocated region of memory may include outdated, possibly sensitive data. When reading a Buffer constructed by Buffer.allocUnsafe() without entirely overwriting the memory, this old data may be leaked.

Recommendation

  • Buffer.alloc(size[, fill[, encoding]) creates a new Buffer with the provided size. This approach is slower than Buffer.allocUnsafe(size), but it ensures that freshly formed Buffer instances never include potentially sensitive old data. If size is not a number, a TypeError will be issued.
  • Buffer.allocUnsafe(size) and Buffer.allocUnsafeSlow(size) both produce an empty Buffer of the provided size. Because the Buffer is uninitialized, the allocated portion of memory may contain potentially sensitive old data.

Sample Code

Vulnerable :

const todo = new Schema({
    content    : Buffer,
    updated_at : Date
});

References