Possible unsound API

[charlesxsh]

src/vulkan/buffer.rs

pub fn map_copy_data(&mut self, ptr: *const u8, size: usize, offset: usize) -> GResult<()> {
        if let Some(mapped_ptr) = self.mapped_ptr {
            unsafe {
                std::ptr::copy_nonoverlapping::<u8>(ptr, mapped_ptr.add(offset), size);
            }
        } else {
            let data = self
                .allocation
                .mapped_ptr()
                .ok_or(gpu_api_err!(
                    "vulkan gpu_allocator, this buffer cannot be mapped"
                ))?
                .as_ptr();
            self.mapped_ptr = Some(data as *mut u8);
            self.map_copy_data(ptr, size, offset)?;
        }
        Ok(())
    }

Public accessible safe function map_copy_data accept parameters like ptr, offset and size to used in pointer calculation and read & write, lack of sufficient checks, which might cause memory risks. In Rust, we should not cause any memory issue if mere using safe functions.

[davnotdev]

Yes, I absolutely agree! This API was meant more for convenience and simplicity (we use stbi image in the examples which is simple but unsafe too!). In the next release, this will probably become map_copy_data_raw and a new function will use slices rather than raw pointers.