Unsound usages of unsafe implementation about c_void

[llooFlashooll]

Hi, I am scanning this crate in the latest version using my own static analyzer tool.

Unsafe pointer conversion is found at: src/netmap_user.rs:16

pub unsafe fn _NETMAP_OFFSET<T, U>(ptr: *mut U, offset: isize) -> *mut T {
    ((ptr as *mut c_char).offset(offset) as *mut c_void) as *mut T
}

This unsound implementation would create memory issues such as overflow, underflow, or misalignment, since the type is converted to c_void (1 byte, 8 bits). The attacker can manipulate the argument offset associated with the c_void pointer with a large value, as well as T and U, which can lead to a buffer overflow bug.

This would cause undefined behaviors in Rust. Adversaries can manipulate the associated arguments to cause memory safety bugs. I am reporting this issue for your attention.