From 3bb931e18818e1432ea88269b468a42dda1dfd0a Mon Sep 17 00:00:00 2001 From: brenosilva Date: Sun, 17 Jun 2012 13:32:07 +0000 Subject: [PATCH] Fix warnings --- apache2/modsecurity.h | 2 +- apache2/msc_crypt.c | 47 ++++++++++++++++++----------------- apache2/msc_crypt.h | 8 +++--- apache2/msc_multipart.c | 2 +- apache2/msc_release.h | 2 +- apache2/msc_tree.h | 4 +-- apache2/re.c | 4 +-- apache2/re_actions.c | 4 +++ apache2/re_operators.c | 55 ++++++++++++++++++++++++++++++++--------- 9 files changed, 82 insertions(+), 46 deletions(-) diff --git a/apache2/modsecurity.h b/apache2/modsecurity.h index 30661a8f..81317d18 100644 --- a/apache2/modsecurity.h +++ b/apache2/modsecurity.h @@ -569,7 +569,7 @@ struct directory_config { /* Encryption */ apr_array_header_t *encryption_method; - const char *crypto_key; + const char *crypto_key; int crypto_key_len; const char *crypto_param_name; int encryption_is_enabled; diff --git a/apache2/msc_crypt.c b/apache2/msc_crypt.c index 1ad85dee..49cfe51c 100644 --- a/apache2/msc_crypt.c +++ b/apache2/msc_crypt.c @@ -70,7 +70,7 @@ char *normalize_path(modsec_rec *msr, char *input) { xmlNormalizeURIPath(uri->path); Uri = apr_pstrdup(msr->mp, uri->path); - for(i = 0; i < strlen(Uri); i++) { + for(i = 0; i < (int)strlen(Uri); i++) { if(Uri[i] != '.' && Uri[i] != '/') { if (i - 1 < 0) i = 0; @@ -84,7 +84,7 @@ char *normalize_path(modsec_rec *msr, char *input) { } } - if(bytes >= strlen(uri->path)) + if(bytes >= (int)strlen(uri->path)) return NULL; content = apr_psprintf(msr->mp, "%s", uri->path+bytes); @@ -126,8 +126,8 @@ unsigned long prng() { short num_matrix1[10], num_matrix2[10]; unsigned long num, num1, num2; short n, *p; - unsigned short seed_num; - unsigned long seed; + unsigned short seed_num = 0; + unsigned long seed = 0; seed_num = seed & N16BITS_MAX; num = seed & N31BITS_MASK; @@ -176,9 +176,8 @@ unsigned long prng() { * * \retval key random key */ -unsigned char *getkey(apr_pool_t *mp) { - unsigned short int length = 12; - unsigned char *key = NULL; +char *getkey(apr_pool_t *mp) { + char *key = NULL; unsigned long int seed = time(NULL); key = apr_psprintf(mp,"%lu%lu",prng(),seed); @@ -197,8 +196,8 @@ unsigned char *getkey(apr_pool_t *mp) { * * \retval hex_digest The MAC */ -char *hmac(modsec_rec *msr, const unsigned char *key, int key_len, - char *msg, int msglen) { +char *hmac(modsec_rec *msr, const char *key, int key_len, + unsigned char *msg, int msglen) { apr_sha1_ctx_t ctx; unsigned char digest[APR_SHA1_DIGESTSIZE]; unsigned char hmac_ipad[HMAC_PAD_SIZE], hmac_opad[HMAC_PAD_SIZE]; @@ -294,7 +293,7 @@ int init_response_body_html_parser(modsec_rec *msr) { msr_log(msr, 4, "init_response_body_html_parser: assuming ISO-8859-1."); msr->crypto_html_tree = htmlReadMemory(msr->resbody_data, msr->resbody_length, NULL, "ISO-8859-1", HTML_PARSE_RECOVER | HTML_PARSE_NOBLANKS | HTML_PARSE_NOERROR | HTML_PARSE_NOWARNING); - htmlSetMetaEncoding ((htmlDocPtr) msr->crypto_html_tree, "ISO-8859-1"); + htmlSetMetaEncoding ((htmlDocPtr) msr->crypto_html_tree, (const xmlChar *) "ISO-8859-1"); } else{ charset+=8; @@ -310,7 +309,7 @@ int init_response_body_html_parser(modsec_rec *msr) { "init_response_body_html_parser: Charset[%s]",charset); msr->crypto_html_tree = htmlReadMemory(msr->resbody_data, msr->resbody_length, NULL, charset, HTML_PARSE_RECOVER| HTML_PARSE_NOBLANKS | HTML_PARSE_NOERROR | HTML_PARSE_NOWARNING); - htmlSetMetaEncoding ((htmlDocPtr) msr->crypto_html_tree, charset); + htmlSetMetaEncoding ((htmlDocPtr) msr->crypto_html_tree, (const xmlChar *)charset); if(final_charset != NULL) *final_charset=sep; } @@ -320,7 +319,7 @@ int init_response_body_html_parser(modsec_rec *msr) { msr_log(msr, 4,"init_response_body_html_parser: Enconding[%s].",msr->r->content_encoding); msr->crypto_html_tree = htmlReadMemory(msr->resbody_data, msr->resbody_length, NULL, msr->r->content_encoding, HTML_PARSE_RECOVER | HTML_PARSE_NOBLANKS | HTML_PARSE_NOERROR | HTML_PARSE_NOWARNING); - htmlSetMetaEncoding ((htmlDocPtr) msr->crypto_html_tree, msr->r->content_encoding); + htmlSetMetaEncoding ((htmlDocPtr) msr->crypto_html_tree, (const xmlChar *)msr->r->content_encoding); } if(msr->crypto_html_tree == NULL){ if (msr->txcfg->debuglog_level >= 4) @@ -356,7 +355,6 @@ int do_encryption_method(modsec_rec *msr, char *link, int type) { char *my_error_msg = NULL; int ovector[33]; int rc; - const char *ret; if(msr == NULL) return -1; @@ -997,8 +995,7 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) { char *p = NULL; const char *ctype = NULL; const char *encoding = NULL; - char* new_ct = NULL; - int rc = 0; + char *new_ct = NULL, *content_value = NULL; if(msr == NULL) return -1; @@ -1081,7 +1078,7 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) { } msr->stream_output_length = output_buf->buffer->use; - msr->stream_output_data = (unsigned char *)malloc(msr->stream_output_length+1); + msr->stream_output_data = (char *)malloc(msr->stream_output_length+1); if (msr->stream_output_data == NULL) { xmlOutputBufferClose(output_buf); @@ -1110,7 +1107,7 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) { } msr->stream_output_length = output_buf->conv->use; - msr->stream_output_data = (unsigned char *)malloc(msr->stream_output_length+1); + msr->stream_output_data = (char *)malloc(msr->stream_output_length+1); if (msr->stream_output_data == NULL) { xmlOutputBufferClose(output_buf); @@ -1128,8 +1125,12 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) { xmlOutputBufferClose(output_buf); + content_value = (char*)apr_psprintf(msr->mp, "%"APR_SIZE_T_FMT, msr->stream_output_length); apr_table_unset(msr->r->headers_out,"Content-Length"); - apr_table_set(msr->r->headers_out, "Content-Length",(char*)apr_psprintf(msr->mp, APR_SIZE_T_FMT, msr->stream_output_length)); + + if (msr->txcfg->debuglog_level >= 4) + msr_log(msr, 4, "inject_encrypted_response_body: Setting new content value %s", content_value); + apr_table_set(msr->r->headers_out, "Content-Length", content_value); xmlFreeDoc(msr->crypto_html_tree); @@ -1149,10 +1150,10 @@ int inject_encrypted_response_body(modsec_rec *msr, int elts) { * \retval mac_link MACed link * \retval NULL on fail */ -unsigned char *do_hash_link(modsec_rec *msr, char *link, int type) { - unsigned char *mac_link = NULL; +char *do_hash_link(modsec_rec *msr, char *link, int type) { + char *mac_link = NULL; char *path_chunk = NULL; - unsigned char *hash_value = NULL; + char *hash_value = NULL; char *qm = NULL; if(msr == NULL) return NULL; @@ -1339,10 +1340,10 @@ unsigned char *do_hash_link(modsec_rec *msr, char *link, int type) { qm = strchr((char*)link,'?'); if(qm == NULL){ - mac_link= (unsigned char*)apr_psprintf(msr->mp, "%s?%s=%s", link, msr->txcfg->crypto_param_name, (char *)hash_value); + mac_link= (char*)apr_psprintf(msr->mp, "%s?%s=%s", link, msr->txcfg->crypto_param_name, (char *)hash_value); } else{ - mac_link= (unsigned char*)apr_psprintf(msr->mp, "%s&%s=%s", link, msr->txcfg->crypto_param_name, (char*)hash_value); + mac_link= (char*)apr_psprintf(msr->mp, "%s&%s=%s", link, msr->txcfg->crypto_param_name, (char*)hash_value); } return mac_link; diff --git a/apache2/msc_crypt.h b/apache2/msc_crypt.h index bf0cfc8f..94bb9931 100644 --- a/apache2/msc_crypt.h +++ b/apache2/msc_crypt.h @@ -32,11 +32,11 @@ #define N15BITS_MASK 0x7FFF #define N31BITS_MASK 0x7FFFFFFF -char DSOLOCAL *hmac(modsec_rec *msr,const unsigned char *key, int key_len, - char *msg, int msglen); -unsigned char DSOLOCAL *do_hash_link(modsec_rec *msr, char *link, +char DSOLOCAL *hmac(modsec_rec *msr, const char *key, int key_len, + unsigned char *msg, int msglen); +char DSOLOCAL *do_hash_link(modsec_rec *msr, char *link, int type); -unsigned char DSOLOCAL *getkey(apr_pool_t *mp); +char DSOLOCAL *getkey(apr_pool_t *mp); int DSOLOCAL init_response_body_html_parser(modsec_rec *msr); int DSOLOCAL encrypt_response_body_links(modsec_rec *msr); diff --git a/apache2/msc_multipart.c b/apache2/msc_multipart.c index 35eb6174..ae518953 100644 --- a/apache2/msc_multipart.c +++ b/apache2/msc_multipart.c @@ -20,7 +20,7 @@ #include "msc_util.h" #include "msc_parsers.h" -void validate_quotes(modsec_rec *msr, unsigned char *data) { +void validate_quotes(modsec_rec *msr, char *data) { int i, len; if(msr == NULL) diff --git a/apache2/msc_release.h b/apache2/msc_release.h index b2dbc9aa..b99585fc 100644 --- a/apache2/msc_release.h +++ b/apache2/msc_release.h @@ -40,7 +40,7 @@ #define MODSEC_VERSION_MINOR "7" #define MODSEC_VERSION_MAINT "0" #define MODSEC_VERSION_TYPE "-rc" -#define MODSEC_VERSION_RELEASE "2" +#define MODSEC_VERSION_RELEASE "1" #define MODSEC_VERSION_SUFFIX MODSEC_VERSION_TYPE MODSEC_VERSION_RELEASE diff --git a/apache2/msc_tree.h b/apache2/msc_tree.h index 6bda085f..a6df488f 100644 --- a/apache2/msc_tree.h +++ b/apache2/msc_tree.h @@ -31,8 +31,8 @@ typedef struct TreeRoot TreeRoot; #define TREE_CHECK(x, y) ((x) & (y)) #define MASK_BITS(x) ((x + 1) * 8) -#define SHIFT_LEFT_MASK(x) (-1 << x) -#define SHIFT_RIGHT_MASK(x,y) (x >> y) +#define SHIFT_LEFT_MASK(x) ((-1) << (x)) +#define SHIFT_RIGHT_MASK(x,y) ((x) >> (y)) #define NETMASK_256 0x100 #define NETMASK_128 0x80 diff --git a/apache2/re.c b/apache2/re.c index 677bef08..1b94fffe 100644 --- a/apache2/re.c +++ b/apache2/re.c @@ -1459,7 +1459,7 @@ static apr_status_t msre_ruleset_process_phase_(msre_ruleset *ruleset, modsec_re int do_process = 1; const char *range = NULL; rule_exception *re = NULL; - char *my_error_msg, *error_msg; + char *my_error_msg; const apr_array_header_t *tag_tarr = NULL; const apr_table_entry_t *tag_telts = NULL; @@ -2165,7 +2165,7 @@ msre_rule *msre_rule_create(msre_ruleset *ruleset, int type, msre_rule *rule; char *my_error_msg; const char *argsp; - int rc, idx; + int rc; if (error_msg == NULL) return NULL; *error_msg = NULL; diff --git a/apache2/re_actions.c b/apache2/re_actions.c index 5b114905..92257129 100644 --- a/apache2/re_actions.c +++ b/apache2/re_actions.c @@ -990,6 +990,7 @@ static apr_status_t msre_action_ctl_execute(modsec_rec *msr, apr_pool_t *mptmp, if (msr->txcfg->debuglog_level >= 4) { msr_log(msr, 4, "Ctl: Set EncryptionEnforcement to %s.", value); } + return 1; } else if (strcasecmp(name, "EncryptionEngine") == 0) { if (strcasecmp(value, "on") == 0) { @@ -1003,6 +1004,7 @@ static apr_status_t msre_action_ctl_execute(modsec_rec *msr, apr_pool_t *mptmp, if (msr->txcfg->debuglog_level >= 4) { msr_log(msr, 4, "Ctl: Set EncryptionEngine to %s.", value); } + return 1; } else if (strcasecmp(name, "ruleRemoveById") == 0) { *(const char **)apr_array_push(msr->removed_rules) = (const char *)apr_pstrdup(msr->mp, value); @@ -1274,6 +1276,8 @@ static apr_status_t msre_action_ctl_execute(modsec_rec *msr, apr_pool_t *mptmp, msr_log(msr, 1, "Internal Error: Unknown ctl action \"%s\".", name); return -1; } + + return -1; } /* xmlns */ diff --git a/apache2/re_operators.c b/apache2/re_operators.c index f12a8c96..39bf5ad1 100644 --- a/apache2/re_operators.c +++ b/apache2/re_operators.c @@ -304,8 +304,6 @@ static int msre_op_ipmatchFromFile_param_init(msre_rule *rule, char **error_msg) static int msre_op_ipmatchFromFile_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, char **error_msg) { TreeRoot *rtree = rule->op_param_data; - TreeNode *node; - apr_sockaddr_t *sa; struct in_addr in; struct in6_addr in6; @@ -736,7 +734,11 @@ static int msre_op_validateEncryption_param_init(msre_rule *rule, char **error_m int erroffset; msc_regex_t *regex; const char *pattern = rule->op_param; + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT int rc, jit; + #endif + #endif if (error_msg == NULL) return -1; *error_msg = NULL; @@ -795,10 +797,14 @@ static int msre_op_validateEncryption_execute(modsec_rec *msr, msre_rule *rule, unsigned int target_length; char *my_error_msg = NULL; int ovector[33]; - int rc, jit; - char *qspos = NULL; - const char *parm = NULL, *pattern = NULL; - msc_parm *mparm = NULL; + int rc; + const char *pattern = NULL; + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT + int jit; + #endif + #endif + if (error_msg == NULL) return -1; *error_msg = NULL; @@ -968,7 +974,11 @@ static int msre_op_rx_param_init(msre_rule *rule, char **error_msg) { int erroffset; msc_regex_t *regex; const char *pattern = rule->op_param; + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT int rc, jit; + #endif + #endif if (error_msg == NULL) return -1; *error_msg = NULL; @@ -1019,10 +1029,16 @@ static int msre_op_rx_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, c int capture = 0; int matched_bytes = 0; int matched = 0; - int rc, jit; + int rc; char *qspos = NULL; const char *parm = NULL, *pattern = NULL; msc_parm *mparm = NULL; + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT + int jit; + #endif + #endif + if (error_msg == NULL) return -1; *error_msg = NULL; @@ -2644,14 +2660,18 @@ static int msre_op_verifyCC_execute(modsec_rec *msr, msre_rule *rule, msre_var * unsigned int target_length; char *my_error_msg = NULL; int ovector[33]; - int rc, jit; + int rc; int is_cc = 0; int offset; int matched_bytes = 0; char *qspos = NULL; const char *parm = NULL; msc_parm *mparm = NULL; - + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT + int jit; + #endif + #endif if (error_msg == NULL) return -1; *error_msg = NULL; @@ -2946,13 +2966,19 @@ static int msre_op_verifyCPF_execute(modsec_rec *msr, msre_rule *rule, msre_var unsigned int target_length; char *my_error_msg = NULL; int ovector[33]; - int rc, jit; + int rc; int is_cpf = 0; int offset; int matched_bytes = 0; char *qspos = NULL; const char *parm = NULL; msc_parm *mparm = NULL; + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT + int jit; + #endif + #endif + if (error_msg == NULL) return -1; *error_msg = NULL; @@ -3235,13 +3261,19 @@ static int msre_op_verifySSN_execute(modsec_rec *msr, msre_rule *rule, msre_var unsigned int target_length; char *my_error_msg = NULL; int ovector[33]; - int rc, jit; + int rc; int is_ssn = 0; int offset; int matched_bytes = 0; char *qspos = NULL; const char *parm = NULL; msc_parm *mparm = NULL; + #ifdef WITH_PCRE_STUDY + #ifdef WITH_PCRE_JIT + int jit; + #endif + #endif + if (error_msg == NULL) return -1; *error_msg = NULL; @@ -3534,7 +3566,6 @@ static int msre_op_rbl_execute(modsec_rec *msr, msre_rule *rule, msre_var *var, unsigned int high8bits = 0; char *name_to_check = NULL; char *target = NULL; - char *target2 = NULL; apr_sockaddr_t *sa = NULL; apr_status_t rc; int capture = 0;