VMABuffer::set data was a publicly accessible safe function. It accepted an arbitrary offset and a data slice, then used the offset in unsafe pointer arithmetic before copying the slice into a mapped allocation.

Affected versions did not check that the requested write range fit within the allocation before calling ptr.add(offset) and copy from nonoverlapping. Safe Rust code could therefore trigger an out-of-bounds write by passing an offset outside the mapped allocation.

This makes the safe API unsound, since callers can trigger undefined behavior without using unsafe.

Version 0.4.0 added a bounds check before performing the pointer arithmetic and copy.