This is why when I read this, this morning;
This impacts Node at the Buffer to UTF8 String conversion and can cause a process to crash. The security concern comes from the fact that a lot of data from outside of an application is delivered to Node via this mechanism which means that users can potentially deliver specially crafted input data that can cause an application to crash when it goes through this path.
I said, “And nothing will change.” At least, as a minor saving grace, HTTP(S) headers do not fall vulnerable to this particular bug, but that’s mainly the headers there is question to the remainder of the processing.
TMM is the owner, editor, and principal author at The Minuteman, a competitive shooter, and staff member for Boomershoot. Even in his free time he’s merging his love and knowledge of computers and technology with his love of firearms.
Many know his private name and information however due to the current political climate, many are distancing themselves due to the abandonment of Due Process.