Unsound problem in InstrPtr::module

[lwz23]

hello, thank you for your contribution in this project, I am scanning the unsoundness problem in rust project.
I notice the following code:

pub struct InstrPtr {
    /// Module containing the instruction set.
    pub module: *const Module,
    /// Offset to the current instruction.
    pub ptr: u32,
}
..........................
pub fn new(module: *const Module, ptr: u32) -> Self {
        InstrPtr { module, ptr }
    }

    #[inline(always)]
    pub fn get_module<'a, 'b>(&'a self) -> &'b Module {
        unsafe { &(*self.module) }
    }
..............................

Considering that pub mod instruction and module is a pub field, I assume that users can directly manipulate this field. This potential situation could result in self.module being a null pointer, and directly dereferencing it might trigger undefined behavior (UB). For safety reasons, I felt it necessary to report this issue. If you have performed checks elsewhere that ensure this is safe, please don’t take offense at my raising this issue.

[lwz23]

I believe same problem for

enigma/enigma/src/instruction/ptr.rs

Line 39 in b69c4a3

let module = unsafe { &(*self.module) };

enigma/enigma/src/instruction/ptr.rs

Line 65 in b69c4a3

let module = unsafe { &(*self.module) };

[lwz23]

If we need fix this maybe we should also add check in new method.

[lwz23]

ping