Unsound usages of unsafe implementation from u8 to $t #223
Description
Title: Unsound usages of unsafe implementation from u8 to $t
Hi, I am scanning the clickhouse-srv in the latest version with my own static analyzer tool.
Unsafe conversion found at: src/types/column/iter/mod.rs#L60
unsafe {
let mut ptr: *const u8 = ptr::null();
let mut size: usize = 0;
column.get_internal(&[&mut ptr, &mut size as *mut usize as *mut *const u8], 0)?;
assert_ne!(ptr, ptr::null());
Ok(slice::from_raw_parts(ptr as *const $t, size).iter())
}This unsound implementation would create a misalignment issues if the type size of u8 is smaller than the type size of $t.
This would potentially cause undefined behaviors in Rust. If we further manipulate the problematic converted types, it would potentially lead to different consequences such as access out-of-bound. I am reporting this issue for your attention.