Unsound API due to missing slice length checks?

[TomCrypto]

The high-level RayTracing filter struct is not marked unsafe, but performs absolutely no verification that the lengths of the passed-in slices in set_normal, set_albedo and execute actually match the image dimensions, so it's really easy to trigger segmentation faults and other nastiness in safe Rust.

It could be worth just adding length checks for each buffer/slice in execute to uphold Rust safety guarantees? It's not like it will matter performance-wise considering the code that follows.

[Twinklebear]

That's a good point, I've added in the length checks and execute now returns a Result in 8ee7c3b104a14cb5943b8a51be6eddb774676da1