User intentional panic host via type conversion api flaw

[qianxichen233]

Below is an example of user code designed to panic the type conversion system

#include <stdio.h>
#include <sys/wait.h>

int main()
{
    waitpid(0, (void*) 1, 0);
    return 0;
}

The second argument is supposed to be an address of a data structure and therefore, in type conversion function, the address is translated in this way: unsafe { &mut *((addr) as *mut i32) }. This could panic the system if addr isn't 4-bytes aligned. And this is also how user is able to panic the entire system in above example, by just passing an address that is not multiple of 4 bytes.

Therefore, it would probably be better to have an additional check in type conversion functions to avoid such user-triggered panic.