From 69227bd5899294d43b9bee0f5a075a8190b1af75 Mon Sep 17 00:00:00 2001
From: Feross Aboukhadijeh <feross@feross.org>
Date: Sun, 29 May 2016 22:50:40 -0700
Subject: Use safe-buffer

Use the new Buffer APIs from Node v6 for added security. For example,
Buffer.from() will throw if passed a number, unlike Buffer() which
allocated UNINITIALIZED memory.

Use the safe-buffer package for compatibility with previous versions of
Node.js, including v4.x, v0.12, and v0.10.

https://github.com/feross/safe-buffer
---
 index.js | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'index.js')

diff --git a/index.js b/index.js
index 4ef2518..f5554c2 100644
--- a/index.js
+++ b/index.js
@@ -1,5 +1,6 @@
 module.exports = WebTorrent
 
+var Buffer = require('safe-buffer').Buffer
 var concat = require('simple-concat')
 var createTorrent = require('create-torrent')
 var debug = require('debug')('webtorrent')
@@ -59,9 +60,9 @@ function WebTorrent (opts) {
   } else if (Buffer.isBuffer(opts.peerId)) {
     self.peerId = opts.peerId.toString('hex')
   } else {
-    self.peerId = new Buffer(VERSION_PREFIX + hat(48))
+    self.peerId = Buffer.from(VERSION_PREFIX + hat(48))
   }
-  self.peerIdBuffer = new Buffer(self.peerId, 'hex')
+  self.peerIdBuffer = Buffer.from(self.peerId, 'hex')
 
   if (typeof opts.nodeId === 'string') {
     self.nodeId = opts.nodeId
@@ -70,7 +71,7 @@ function WebTorrent (opts) {
   } else {
     self.nodeId = hat(160)
   }
-  self.nodeIdBuffer = new Buffer(self.nodeId, 'hex')
+  self.nodeIdBuffer = Buffer.from(self.nodeId, 'hex')
 
   self.destroyed = false
   self.listening = false
-- 
cgit v1.2.3