Some direct memory accesses lack bounds-checks

[RalfJung]

The Allocation APIs should generally be avoided as they are low-level building blocks and don't do bounds or alignment checks themselves. I did an audit and noticed some uses crept in recently that are not properly checked:

• getcwd
• read
• write

This can lead to ICEs. When these are fixed, a test should be added.

Cc @christianpoveda @oli-obk

It would be even better if we could stop exposing Memory::get and Memory::get_mut from librustc_mir... once these issues are fixed and the current wave of PRs is in (I suggested to @christianpoveda to add a write_bytes API anyway), we could try to make a concerted effort to remove the remaining uses in Miri.

[oli-obk]

So is the goal to make these methods private? Or rename to get_internal or sth?

[RalfJung]

Making them private would be great.
Renaming them could be a good idea nevertheless.

[pvdrz]

I can do a PR with the changes after rust-lang/rust#65621 lands

[RalfJung]

The getcwd one should actually be taken care of in #993 -- as in, I will not accept that PR until it fixes this issue. ;)

[pvdrz]

Hahaha yes i know about that one :P. I was talking about read and write.

[RalfJung]

Status update: getcwd is fixed. @christianpoveda is on read and write.

While at it, I think you can now also avoid the remove_handle_and-and-then-insert dance.