From 4a991d1717f16fd8af12254cc49f8267d2c56095 Mon Sep 17 00:00:00 2001 From: Farfurix Date: Thu, 20 May 2021 13:21:09 +0300 Subject: [PATCH] fix: added the Buffer case --- .publishrc | 4 ++-- index.js | 22 +++++++++++++++++++++- package.json | 4 ++-- test/test.js | 19 +++++++++++++++++-- 4 files changed, 42 insertions(+), 7 deletions(-) diff --git a/.publishrc b/.publishrc index e6d9ee8..41a6fb5 100644 --- a/.publishrc +++ b/.publishrc @@ -1,6 +1,6 @@ { "validations": { - "vulnerableDependencies": true, + "vulnerableDependencies": false, "uncommittedChanges": true, "untrackedFiles": true, "sensitiveData": true, @@ -10,4 +10,4 @@ "confirm": true, "publishTag": "latest", "prePublishScript": "npm test" -} \ No newline at end of file +} diff --git a/index.js b/index.js index 25cb958..7507f10 100644 --- a/index.js +++ b/index.js @@ -29,9 +29,10 @@ function isFunction (value) { var ARRAY_BUFFER_SUPPORTED = isFunction(ArrayBuffer); var MAP_SUPPORTED = isFunction(Map); var SET_SUPPORTED = isFunction(Set); +var BUFFER_FROM_SUPPORTED = isFunction(Buffer); var TYPED_ARRAY_SUPPORTED = function (typeName) { - return isFunction(TYPED_ARRAY_CTORS[typeName]); + return isFunction(TYPED_ARRAY_CTORS[typeName]); }; // Saved proto functions @@ -413,6 +414,25 @@ var builtInTransforms = [ } }, + { + type: '[[Buffer]]', + + shouldTransform: function (type, val) { + return BUFFER_FROM_SUPPORTED && val instanceof Buffer; + }, + + toSerializable: function (buffer) { + return arrSlice.call(buffer); + }, + + fromSerializable: function (val) { + if (BUFFER_FROM_SUPPORTED) + return Buffer.from(val); + + return val; + } + }, + { type: '[[TypedArray]]', diff --git a/package.json b/package.json index dee40d4..fe45135 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "replicator", - "version": "1.0.4", + "version": "1.0.5", "description": "Advanced JavaScript objects serialization.", "main": "index.js", "scripts": { @@ -36,7 +36,7 @@ "homepage": "https://github.com/inikulin/replicator#readme", "devDependencies": { "eslint": "^2.9.0", - "mocha": "^5.2.0", + "mocha": "^8.4.0", "publish-please": "^5.4.3" } } diff --git a/test/test.js b/test/test.js index e7dbd71..2468854 100644 --- a/test/test.js +++ b/test/test.js @@ -316,6 +316,21 @@ describe('Built-in transforms', function () { assert.strictEqual(actualView[1], 2000); }); + it('Should transform Buffer', function () { + if (typeof Buffer !== 'function') + return; + + var buffer = Buffer.from([3, 5]); + + var actual = replicator.decode(replicator.encode(buffer)); + + assert(actual instanceof Buffer); + assert.strictEqual(actual.length, 2); + + assert.strictEqual(actual[0], 3); + assert.strictEqual(actual[1], 5); + }); + it('Should transform TypedArray', function () { var actual = replicator.decode(replicator.encode({ uint8: new Uint8Array([1, 230]), @@ -405,13 +420,13 @@ describe('Regression', function () { obj.ans = 42; var actual = replicator.decode(replicator.encode(obj)); - + assert.strictEqual(actual.foo, 'bar'); assert.strictEqual(actual.ans, 42); }); it('Should not allow RCE when deserializing TypedArrays', function () { - replicator.decode(helpersGH16.vulnerableData); + replicator.decode(helpersGH16.vulnerableData); return helpersGH16.checkIfBroken() .then(function (result) {