Unsound usages of unsafe implementation from T to c_void

[llooFlashooll]

Hi, I am scanning this crate in the latest version using my own static analyzer tool.

Unsafe pointer conversion is found at: src/v4l2.rs:70:1:87:2

pub fn xioctl<T>(fd: RawFd, request: usize, arg: &mut T) -> io::Result<()> {
    let argp: *mut T = arg;

    check_io!(unsafe {
        let mut ok;
        loop {
            ok = ll::ioctl(fd, request as c_ulong, argp as *mut c_void) != -1;
            if ok || io::Error::last_os_error().kind() != io::ErrorKind::Interrupted {
                break;
            }
        }
        ok
    });

    Ok(())
}

This unsound implementation would create memory issues such as overflow, underflow, or misalignment, since the type T is converted to c_void (1 byte, 8 bits).
The original memory size can be larger than the memory pointed by c_void. This can further corrupt the C/C++ code.

This would cause undefined behaviors in Rust. Adversaries can manipulate the type conversion and the associatedrequest argument to cause memory safety bugs. I am reporting this issue for your attention.