On 10/01/2013, at 02:29, Ben Noordhuis wrote: > On Thu, Jan 10, 2013 at 2:20 AM, Isaac Schlueter <[email protected]> wrote: >> This release addresses a potential security vulnerability. >> >> If you do not use TypedArrays, then you're fine (but should still >> upgrade for other reasons, like better performance and npm >> peerDependencies.) >> >> If you use TypedArrays, you should upgrade to v0.8.17 as soon as >> possible. If user input can affect the size parameter in a >> TypedArray, an integer overflow vulnerability could allow an attacker >> to write to areas of memory outside the intended buffer. Please >> upgrade ASAP. > > Another reason to upgrade is that certain kinds of HTTP responses are > immensely faster now. Quoting the commit log: > > http: pack response body buffer in first tcp packet > > Apply the same optimization to res.end(buf) that is applied to > res.end(str). > > Speeds up `node benchmark/http_simple_auto -k -c 1 -n 25000 buffer/1` > (non-chunked response body) by about 750x. That's not a typo. > > Chunked responses: > > $ cat tmp/http-chunked-client.js > // Run `node benchmark/http_simple` in another terminal. > var http = require('http'), url = require('url'); > var options = url.parse('http://127.0.0.1:8000/buffer/1/1'); > options.agent = new http.Agent({ maxSockets: 1 }); > for (var i = 0; i < 25000; ++i) http.get(options); > > Before: > > $ time out/Release/node tmp/http-chunked-client.js > real 16m40.411s > user 0m9.184s > sys 0m0.604s > > After: > > $ time out/Release/node tmp/http-chunked-client.js > real 0m5.386s > user 0m2.768s > sys 0m0.728s > > That's still a 185x speed-up.
That's awesome, well done! Congratulations, -- Jorge. -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
