Detected calls to buffer with noAssert flag set JS-0822
Security
Minor
Autofix From the Node.js API docs:
Setting
noAsserttotrueskips validation of the offset. This allows the offset to be beyond the end of theBuffer.
As mentioned in the documentation of buffer, the offset value should be 0 <= offset <= buf.length - 1.
offset outside range can be dangerous and cause segmentation faults as well.
It may also affect performance as the buffer method will read/write unwanted data.
Bad Practice
buf.readUInt8(0, true);
buf.writeUInt8(0x3, 0, true);
Recommended
buf.readUInt8(0);
buf.readUInt8(0, false);
buf.writeUInt8(0x3, 0, false);