Unsound public functions that are wrongly marked as safe

[safe4u]

Hi, thanks for your contribution to substreams.

However, we have found some unsound problems in this crate.
The functions read_u32_from_heap, get_output_data, and decode_ptr are unsafe since they have requirements for the caller. Otherwise using these functions would lead to illegal memory access and more undefined behaviors.

It is certainly ok to mark the unsafe functions as safe and use them with care privately.
But considering the crate substreams is available in crates.io and these functions are public, we think it's quite necessary to make these functions more sound.

POC

use substreams::memory::get_output_data;
fn main() {
    let mut slice: [u8; 4] = [1,2,3,4];
    let data = get_output_data(slice.as_mut_ptr());
    // get an illegal Vec<u8> with 'safe' Rust and could lead to further problems
}

Suggestions

Here are some action suggestions we suggested:

1. Mark these functions as 'unsafe' and write a clear Safety section.
2. (recommended) For function read-u32_from_heap and decode_ptr, modify the paramter to [u8] instead of seperated pointer and len.