Dealing with binary data can be achieved with the Node.js Buffer class. However, if you use non-literal params, this could lead to malicious control over the value, resulting in an attack.
For example, a large number could allocate a significant amount of memory leading to a denial of service attack. It is recommended to use literal values that you can control to prevent these attacks.
Non-Compliant Code Examples
vara=newBuffer(c)
Compliant Code Examples
vara=newBuffer('test')
シームレスな統合。 Datadog Code Security をお試しください
Datadog Code Security
このルールを試し、Datadog Code Security でコードを解析する
このルールの使用方法
1
2
rulesets:- javascript-node-security # Rules to enforce JavaScript node security.