since: 1.8.2

Declaration [src]

fu_memcpy_safe (
  guint8* dst,
  gsize dst_sz,
  gsize dst_offset,
  const guint8* src,
  gsize src_sz,
  gsize src_offset,
  gsize n,
  GError** error

Description [src]

Copies some memory using memcpy in a safe way. Providing the buffer sizes of both the destination and the source allows us to check for buffer overflow.

Providing the buffer offsets also allows us to check reading past the end of the source buffer. For this reason the caller should NEVER add an offset to src or dst.

You don’t need to use this function in “obviously correct” cases, nor should you use it when performance is a concern. Only us it when you’re not sure if malicious data from a device or firmware could cause memory corruption.

Available since: 1.8.2



Type: guint8*

Destination buffer.

The data is owned by the caller of the function.

Type: gsize

Maximum size of dst, typically sizeof(dst)


Type: gsize

Offset in bytes into dst to copy to.


Type: const guint8*

Source buffer.

The data is owned by the caller of the function.

Type: gsize

Maximum size of dst, typically sizeof(src)


Type: gsize

Offset in bytes into src to copy from.


Type: gsize

Number of bytes to copy from src+offset from.


Type: GError **

The return location for a recoverable error.

The argument can be NULL.
If the return location is not NULL, then you must initialize it to a NULL GError*.
The argument will be left initialized to NULL by the function if there are no errors.
In case of error, the argument will be set to a newly allocated GError; the caller will take ownership of the data, and be responsible for freeing it.

Return value

Type: gboolean

TRUE if the bytes were copied, FALSE otherwise.