Maybe unsound in store

[lwz23]

Hello, thank you for your contribution in this project. I am scanning the unsound problem in rust project and I notice the following code.

pub fn store(ts: *mut ffi::PyThreadState) -> PyThreadStateUnlimited {
    match VERSION.1 {
        6 => {
            let ts = ts as *mut PyThreadStateUnlimited3_6;
            unsafe {
                let unlimited = PyThreadStateUnlimited {
                    frame: (*ts).frame,
                    recursion_depth: (*ts).recursion_depth,
                    exc_type: (*ts).exc_type,
                    exc_value: (*ts).exc_value,
                    exc_traceback: (*ts).exc_traceback,
                    ..Default::default()
                };
                (*ts).frame = std::ptr::null_mut();
                (*ts).recursion_depth = 0;
                (*ts).exc_type = std::ptr::null_mut();
                (*ts).exc_value = std::ptr::null_mut();
                (*ts).exc_traceback = std::ptr::null_mut();
                unlimited
            }
        }
...................................

consider this is a pub fn and loader is a pub mod, I assume the user can direct call the store function. If the user pass a eg. null pointer to ts, it will lead to a UB in rust.

[lwz23]

if there is no external usage for store, maybe we should mark it as pub(crate) or mark it as unsafe?

[lwz23]

same for

MegFlow/flow-rs/src/loader/python/unlimited.rs

Line 249 in 41cb9f8

pub fn restore(limited: *mut ffi::PyThreadState, unlimited: &PyThreadStateUnlimited) {