You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When passing a small "unsafe" node buffer to Axios that is less than the size of Buffer.poolSize which is 8192 bytes, axios passes the entire 8192 bytes in the pool which can contain random data.
Use of this pre-allocated internal memory pool is a key difference between calling Buffer.alloc(size, fill) vs. Buffer.allocUnsafe(size).fill(fill). Specifically, Buffer.alloc(size, fill) will never use the internal Buffer pool, while Buffer.allocUnsafe(size).fill(fill) will use the internal Buffer pool if size is less than or equal to half Buffer.poolSize. The difference is subtle but can be important when an application requires the additional performance that Buffer.allocUnsafe() provides.
When passing a small "unsafe" node buffer to Axios that is less than the size of
Buffer.poolSize
which is 8192 bytes, axios passes the entire 8192 bytes in the pool which can contain random data.--or --
Buffer.allocUnsafe(size)
Here is a test to reproduce the issue:
Pull Request w/ test: #773
The text was updated successfully, but these errors were encountered: