Defensive Coding with Secure Buffer Allocation

Snippet

Defensive Coding with Secure Buffer Allocation

Buffer.alloc(size) initializes memory with zeros, preventing sensitive data 'leaks' from previously used memory. While allocUnsafe is faster, it should only be used if the buffer is immediately and completely overwritten.

snippet.js
javascript
const sensitiveData = "password123";
 
// SAFE: Zero-fills the memory
const secureBuffer = Buffer.alloc(16);
secureBuffer.write(sensitiveData);
 
// UNSAFE: May contain old, sensitive data from memory
const unsafeBuffer = Buffer.allocUnsafe(16);
 
console.log('Secure:', secureBuffer);
console.log('Unsafe (raw):', unsafeBuffer);

nodejs

Breakdown

Buffer.alloc(16)

Allocates 16 bytes of memory and fills it with zeros.

Buffer.allocUnsafe(16)

Allocates memory without clearing it, potentially exposing old data.

secureBuffer.write(...)

Safely writes the string into the zeroed memory.

Previous snippet Next snippet

More Intermediate JavaScript exercises →

From your library

Defensive Coding with Secure Buffer Allocation

Related