github_mirrors/ModSecurity
3
0
Fork 1
mirror of https://github.com/owasp-modsecurity/ModSecurity.git synced 2025-08-14 05:45:59 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix compiler warnings. Reported by GCC with flags:

Browse Source 
-Wall -Wall -Werror=format-security -Wp,-U_FORTIFY_SOURCE,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS

Note, e.g. sprintf(digest, "%s%02x", digest, ...) is undefined behaviour because
the destination and source variables overlap, and GCC warnings for this.

acmp.c:258:13: warning: 'acmp_clone_node_no_state' defined but not used [-Wunused-function]
apache2_config.c:806:9: warning: unused variable 'offset' [-Wunused-variable]
apache2_config.c:1886:23: warning: unused variable 'dcfg' [-Wunused-variable]
apache2_config.c:1942:23: warning: unused variable 'dcfg' [-Wunused-variable]
apache2_config.c:2470:23: warning: unused variable 'dcfg' [-Wunused-variable]
apache2_config.c:2538:23: warning: unused variable 'dcfg' [-Wunused-variable]
apache2_util.c:226:11: warning: unused variable 'str' [-Wunused-variable]
apache2_util.c:225:11: warning: unused variable 'saved' [-Wunused-variable]
apache2_util.c:224:11: warning: unused variable 'parse_remote' [-Wunused-variable]
apache2_util.c:223:11: warning: unused variable 'remote' [-Wunused-variable]
msc_status_engine.c:216:17: warning: unused variable 'i' [-Wunused-variable]
msc_status_engine.c:375:55: warning: the address of 'pcre' will always evaluate as 'true' [-Waddress]
msc_crypt.c:67:17: warning: unused variable 'bytes' [-Wunused-variable]
msc_crypt.c:1083:33: warning: variable 'enc' set but not used [-Wunused-but-set-variable]
msc_crypt.c:1090:29: warning: variable 'enc' set but not used [-Wunused-but-set-variable]
/usr/include/bits/stdio2.h:30:10: warning: '__sprintf_chk' argument 5 overlaps destination object 'digest' [-Wrestrict]
msc_json.c:405:11: warning: unused variable 'json_data' [-Wunused-variable]
msc_crypt.c:1097:79: warning: '%s' directive argument is null [-Wformat-overflow=]
msc_logging.c:1144:20: warning: unused variable 'now' [-Wunused-variable]
msc_remote_rules.c:729:19: warning: unused variable 'word' [-Wunused-variable]
msc_remote_rules.c:727:17: warning: unused variable 'tmp' [-Wunused-variable]
msc_remote_rules.c:805:1: warning: control reaches end of non-void function [-Wreturn-type]
msc_tree.c:836:19: warning: unused variable 'ip' [-Wunused-variable]
msc_xml.c:29:44: warning: variable 'entity' set but not used [-Wunused-but-set-variable]
msc_util.c:2627:11: warning: unused variable 'start' [-Wunused-variable]
msc_util.c:2626:17: warning: unused variable 'fd' [-Wunused-variable]
msc_util.c:2624:18: warning: unused variable 'rc' [-Wunused-variable]
msc_util.c:1077:19: warning: array subscript 1 is outside array bounds of 'unsigned char[1]' [-Warray-bounds=]
This commit is contained in:
Joe Orton 2025-05-09 12:42:34 +01:00
parent 9bc3300a3a
commit 9d9a727349
12 changed files with 14 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
apache2/acmp.c
View File

@ -251,18 +251,6 @@ static void acmp_add_node_to_parent(acmp_node_t *parent, acmp_node_t *child) {
}
}
/**
* Copies values from one node to another, without child/sibling/fail pointers
* and without state variables.
*/
static void acmp_clone_node_no_state(acmp_node_t *from, acmp_node_t *to) {
memcpy(to, from, sizeof(acmp_node_t));
to->child = NULL;
to->sibling = NULL;
to->fail = NULL;
to->hit_count = 0;
}
static inline acmp_node_t *acmp_btree_find(acmp_node_t *node, acmp_utf8_char_t letter) {
acmp_btree_node_t *bnode = node->btree;
for (;;) {

5
apache2/apache2_config.c
View File

@ -797,7 +797,6 @@ static const char *add_rule(cmd_parms *cmd, directory_config *dcfg, int type,
int type_with_lua = 1;
int type_rule;
int rule_actionset;
int offset = 0;
#ifdef DEBUG_CONF
ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_NOERRNO, 0, cmd->pool,
@ -1935,7 +1934,6 @@ static const char *cmd_conn_read_state_limit(cmd_parms *cmd, void *_dcfg,
ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, cmd->pool, "cmd_conn_read_state_limit: _dcfg is NULL");
return NULL;
}
directory_config *dcfg = (directory_config *)_dcfg;
long int limit;
limit = strtol(p1, NULL, 10);
@ -1991,7 +1989,6 @@ static const char *cmd_conn_write_state_limit(cmd_parms *cmd, void *_dcfg,
ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, cmd->pool, "cmd_conn_write_state_limit: _dcfg is NULL");
return NULL;
}
directory_config *dcfg = (directory_config *)_dcfg;
long int limit;
limit = strtol(p1, NULL, 10);
@ -2519,7 +2516,6 @@ static const char *cmd_sever_conn_filters_engine(cmd_parms *cmd, void *_dcfg,
ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, cmd->pool, "cmd_sever_conn_filters_engine: _dcfg is NULL");
return NULL;
}
directory_config *dcfg = (directory_config *)_dcfg;
if (strcasecmp(p1, "on") == 0)
{
@ -2587,7 +2583,6 @@ static const char *cmd_remote_rules_fail(cmd_parms *cmd, void *_dcfg, const char
ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, cmd->pool, "cmd_remote_rules_fail: _dcfg is NULL");
return NULL;
}
directory_config *dcfg = (directory_config *)_dcfg;
if (strncasecmp(p1, "warn", 4) == 0)
{

4
apache2/apache2_util.c
View File

@ -215,10 +215,6 @@ static void internal_log_ex(request_rec *r, directory_config *dcfg, modsec_rec *
apr_size_t nbytes, nbytes_written;
apr_file_t *debuglog_fd = NULL;
int filter_debug_level = 0;
char *remote = NULL;
char *parse_remote = NULL;
char *saved = NULL;
char *str = NULL;
char str1[1024] = "";
char str2[1256] = "";

13
apache2/msc_crypt.c
View File

@ -64,7 +64,6 @@ char *normalize_path(modsec_rec *msr, char *input) {
if(uri->path) {
char *Uri = NULL;
int bytes = 0;
/*int i;*/
char *abs_link = NULL;
char *filename = NULL;
@ -1079,22 +1078,18 @@ int inject_hashed_response_body(modsec_rec *msr, int elts) {
if (ctype && encoding == NULL) {
if (ctype && (p = m_strcasestr(ctype, "charset=") , p != NULL)) {
p += 8 ;
if (encoding = apr_pstrndup(msr->mp, p, strcspn(p, " ;") ), encoding) {
xmlCharEncoding enc;
enc = xmlParseCharEncoding(encoding);
handler = xmlFindCharEncodingHandler(encoding);
}
encoding = apr_pstrndup(msr->mp, p, strcspn(p, " ;"));
handler = xmlFindCharEncodingHandler(encoding);
}
} else {
if(encoding != NULL) {
xmlCharEncoding enc;
enc = xmlParseCharEncoding(encoding);
handler = xmlFindCharEncodingHandler(encoding);
}
}
if (msr->txcfg->debuglog_level >= 4)
msr_log(msr, 4, "inject_hashed_response_body: Detected encoding type [%s].", encoding);
msr_log(msr, 4, "inject_hashed_response_body: Detected encoding type [%s].",
encoding ? encoding : "(none)");
if (handler == NULL)
handler = xmlFindCharEncodingHandler("UTF-8");

1
apache2/msc_geo.c
View File

@ -279,7 +279,6 @@ int geo_lookup(modsec_rec *msr, geo_rec *georec, const char *target, char **erro
apr_size_t nbytes;
unsigned int rec_val = 0;
apr_off_t seekto = 0;
apr_status_t ret;
int rc;
int country = 0;
int level;

1
apache2/msc_json.c
View File

@ -402,7 +402,6 @@ int json_complete(modsec_rec *msr, char **error_msg) {
assert(msr != NULL);
assert(msr->json != NULL);
assert(error_msg != NULL);
char *json_data = (char *) NULL;
*error_msg = NULL;

2
apache2/msc_logging.c
View File

@ -1134,8 +1134,6 @@ void sec_audit_logger_json(modsec_rec *msr) {
/* AUDITLOG_PART_TRAILER */
if (strchr(msr->txcfg->auditlog_parts, AUDITLOG_PART_TRAILER) != NULL) {
apr_time_t now = apr_time_now();
/* Messages */
been_opened = 0;
if (msr->alerts->nelts > 0) {

3
apache2/msc_remote_rules.c
View File

@ -719,9 +719,7 @@ int msc_remote_add_rules_from_uri(cmd_parms *orig_parms,
if (plain_text[len] == '\n')
{
const char *rule = NULL;
int tmp = len;
char *cmd_name = NULL;
char *word = NULL;
const command_rec *cmd;
ap_directive_t *newdir;
@ -792,6 +790,7 @@ next:
{
msc_remote_clean_chunk(&downloaded_content);
}
return 0;
#else
*error_msg = "SecRemoteRules was not enabled during ModSecurity " \
"compilation.";

11
apache2/msc_status_engine.c
View File

@ -164,7 +164,6 @@ int DSOLOCAL msc_status_engine_mac_address (unsigned char *mac)
#ifdef DARWIN
struct ifaddrs* ifaphead;
struct ifaddrs* ifap;
int i = 0;
if ( getifaddrs( &ifaphead ) != 0 ) {
goto failed;
@ -213,7 +212,6 @@ int DSOLOCAL msc_status_engine_mac_address (unsigned char *mac)
}
if ( ioctl( sock, SIOCGIFHWADDR, ifr ) == 0 ) {
int i = 0;
if (!ifr->ifr_addr.sa_data[0] && !ifr->ifr_addr.sa_data[1]
&& !ifr->ifr_addr.sa_data[2]) {
continue;
@ -287,7 +285,7 @@ failed:
int DSOLOCAL msc_status_engine_unique_id (unsigned char *digest)
{
unsigned char hex_digest[APR_SHA1_DIGESTSIZE];
unsigned char *mac_address = NULL;
unsigned char *mac_address = NULL, *digptr;
char *machine_name = NULL;
int ret = 0;
int i = 0;
@ -321,9 +319,10 @@ int DSOLOCAL msc_status_engine_unique_id (unsigned char *digest)
apr_sha1_update(&context, mac_address, strlen(mac_address));
apr_sha1_final(hex_digest, &context);
for (i = 0; i < APR_SHA1_DIGESTSIZE; i++)
for (i = 0, digptr = digest; i < APR_SHA1_DIGESTSIZE; i++)
{
sprintf(digest, "%s%02x", digest, hex_digest[i]);
sprintf(digptr, "%02x", hex_digest[i]);
digptr += 2;
}
failed_set_machine_name:
@ -372,7 +371,7 @@ int DSOLOCAL msc_beacon_string (char *beacon_string, int beacon_string_max_len)
/* 6 represents: strlen("(null)") */
beacon_string_len = (modsec ? strlen(modsec) : 6) +
(apache ? strlen(apache) : 6) + (apr ? strlen(apr) : 6) +
(apr_loaded ? strlen(apr_loaded) : 6) + (pcre ? strlen(pcre) : 6) +
(apr_loaded ? strlen(apr_loaded) : 6) + strlen(pcre) +
(pcre_loaded ? strlen(pcre_loaded) : 6) + (lua ? strlen(lua) : 6) +
(libxml ? strlen(libxml) : 6) + (APR_SHA1_DIGESTSIZE * 2);

2
apache2/msc_tree.c
View File

@ -833,7 +833,7 @@ TreeNode *CPTIpMatch(modsec_rec *msr, unsigned char *ipdata, CPTTree *tree, int
}
TreeNode *TreeAddIP(const char *buffer, CPTTree *tree, int type) {
unsigned long ip, ret;
unsigned long ret;
unsigned char netmask_v4 = NETMASK_32, netmask_v6 = NETMASK_128;
char ip_strv4[NETMASK_32], ip_strv6[NETMASK_128];
struct in_addr addr4;

8
apache2/msc_util.c
View File

@ -104,13 +104,12 @@ int swap_int32(int x) {
* \retval rval On Success
*/
char *utf8_unicode_inplace_ex(apr_pool_t *mp, unsigned char *input, long int input_len, int *changed) {
int unicode_len = 0, length = 0;
int unicode_len = 0;
unsigned int d = 0;
unsigned char c, *utf;
char *rval, *data;
unsigned int i, len, j;
unsigned int i, len;
unsigned int bytes_left = input_len;
unsigned char *unicode = NULL;
assert(input != NULL);
@ -2497,10 +2496,7 @@ int ip_tree_from_uri(TreeRoot **rtree, char *uri,
apr_pool_t *mp, char **error_msg)
{
TreeNode *tnode = NULL;
apr_status_t rc;
int line = 0;
apr_file_t *fd;
char *start;
int res;
struct msc_curl_memory_buffer_t chunk;

12
apache2/re.c
View File

@ -205,10 +205,9 @@ char *msre_ruleset_phase_rule_update_target_matching_exception(modsec_rec *msr,
assert(ruleset != NULL);
assert(phase_arr != NULL);
msre_rule **rules;
int i, j, mode;
int i, mode;
char *err;
j = 0;
mode = 0;
rules = (msre_rule **)phase_arr->elts;
for (i = 0; i < phase_arr->nelts; i++) {
@ -247,7 +246,6 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r
char *my_error_msg = NULL, *target = NULL;
char *p = NULL, *savedptr = NULL;
unsigned int is_negated = 0, is_counting = 0;
int name_len = 0, value_len = 0;
char *name = NULL, *value = NULL;
char *opt = NULL, *param = NULL;
char *target_list = NULL, *replace = NULL;
@ -297,10 +295,6 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r
goto end;
}
name_len = strlen(name);
if (value != NULL) value_len = strlen(value);
targets = (msre_var **)rule->targets->elts;
// TODO need a good way to remove the element from array, maybe change array by tables or rings
for (i = 0; i < rule->targets->nelts; i++) {
@ -395,10 +389,6 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r
goto end;
}
name_len = strlen(name);
if (value != NULL) value_len = strlen(value);
if (msr) {
msr_log(msr, 9, "Trying to append variable name [%s] value [%s]", name, value);
}