data.toString() in _onData can break truncated TCP packet.

[perillamint]

If multibyte unicode character packet is truncated, This code cannot handle it properly.

Here is exploit code.

var net = require("net");
var client = new net.Socket();

client.setNoDelay(true);
client.connect(9838, '127.0.0.1', function () {
  //This sends string 3#"가" ([0x33, 0x23, 0x22, 0xEA, 0xB0, 0x80, 0x22]) 
  client.write(new Buffer([0x33, 0x23, 0x22, 0xEA, 0xB0]));
  setTimeout(function () {
    client.write(new Buffer([0x80, 0x22]), 1000)
  });
});