Buffer.allocUnsafe() 和 Buffer.allocUnsafeSlow() 为什么被称为“不安全”的？

🌐 What makes Buffer.allocUnsafe() and Buffer.allocUnsafeSlow() "unsafe"?

在调用 Buffer.allocUnsafe() 和 Buffer.allocUnsafeSlow() 时，分配的内存段是 未初始化 的（未被清零）。虽然这种设计使内存分配非常快速，但已分配的内存段可能包含潜在敏感的旧数据。如果使用 Buffer.allocUnsafe() 创建 Buffer 时未 完全 覆盖内存，当读取 Buffer 内存时，这些旧数据可能会被泄漏。

🌐 When calling Buffer.allocUnsafe() and Buffer.allocUnsafeSlow(), the segment of allocated memory is uninitialized (it is not zeroed-out). While this design makes the allocation of memory quite fast, the allocated segment of memory might contain old data that is potentially sensitive. Using a Buffer created by Buffer.allocUnsafe() without completely overwriting the memory can allow this old data to be leaked when the Buffer memory is read.

虽然使用 Buffer.allocUnsafe() 确实有明显的性能优势，但必须格外小心，以避免在应用中引入安全漏洞。

🌐 While there are clear performance advantages to using Buffer.allocUnsafe(), extra care must be taken in order to avoid introducing security vulnerabilities into an application.