How to write safe wrappers around unsafe code

Wrap unsafe operations in a safe function that validates inputs and enforces invariants before calling unsafe blocks.

pub fn safe_read(ptr: *const i32) -> Option<i32> {
    if ptr.is_null() {
        return None;
    }
    unsafe {
        Some(*ptr)
    }
}

This pattern ensures the pointer is valid before dereferencing it, preventing undefined behavior while keeping the public API safe.

Think of this like a safety guard on a dangerous machine. You build a control panel (the safe function) that checks if everything is okay before letting anyone touch the dangerous parts (the unsafe code). This way, users can operate the machine without risking an accident, as long as they use the control panel correctly.