是什么让 Buffer.allocUnsafe() 和 Buffer.allocUnsafeSlow() "不安全"？

¥What makes Buffer.allocUnsafe() and Buffer.allocUnsafeSlow() "unsafe"?

调用 Buffer.allocUnsafe() 和 Buffer.allocUnsafeSlow() 时，分配的内存段未初始化（未清零）。虽然这种设计使内存分配速度非常快，但分配的内存段可能包含可能敏感的旧数据。使用由 Buffer.allocUnsafe() 创建的 Buffer 而没有完全覆盖内存可以让旧数据在读取 Buffer 内存时泄漏。

¥When calling Buffer.allocUnsafe() and Buffer.allocUnsafeSlow(), the segment of allocated memory is uninitialized (it is not zeroed-out). While this design makes the allocation of memory quite fast, the allocated segment of memory might contain old data that is potentially sensitive. Using a Buffer created by Buffer.allocUnsafe() without completely overwriting the memory can allow this old data to be leaked when the Buffer memory is read.

虽然使用 Buffer.allocUnsafe() 有明显的性能优势，但必须格外小心以避免将安全漏洞引入应用。

¥While there are clear performance advantages to using Buffer.allocUnsafe(), extra care must be taken in order to avoid introducing security vulnerabilities into an application.