diff --git a/apache2/acmp.c b/apache2/acmp.c index 6e796b38d..3691dd12e 100644 --- a/apache2/acmp.c +++ b/apache2/acmp.c @@ -251,18 +251,6 @@ static void acmp_add_node_to_parent(acmp_node_t *parent, acmp_node_t *child) { } } -/** - * Copies values from one node to another, without child/sibling/fail pointers - * and without state variables. - */ -static void acmp_clone_node_no_state(acmp_node_t *from, acmp_node_t *to) { - memcpy(to, from, sizeof(acmp_node_t)); - to->child = NULL; - to->sibling = NULL; - to->fail = NULL; - to->hit_count = 0; -} - static inline acmp_node_t *acmp_btree_find(acmp_node_t *node, acmp_utf8_char_t letter) { acmp_btree_node_t *bnode = node->btree; for (;;) { diff --git a/apache2/apache2_config.c b/apache2/apache2_config.c index a831e375e..d969905de 100644 --- a/apache2/apache2_config.c +++ b/apache2/apache2_config.c @@ -797,7 +797,6 @@ static const char *add_rule(cmd_parms *cmd, directory_config *dcfg, int type, int type_with_lua = 1; int type_rule; int rule_actionset; - int offset = 0; #ifdef DEBUG_CONF ap_log_perror(APLOG_MARK, APLOG_STARTUP|APLOG_NOERRNO, 0, cmd->pool, @@ -1935,7 +1934,6 @@ static const char *cmd_conn_read_state_limit(cmd_parms *cmd, void *_dcfg, ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, cmd->pool, "cmd_conn_read_state_limit: _dcfg is NULL"); return NULL; } - directory_config *dcfg = (directory_config *)_dcfg; long int limit; limit = strtol(p1, NULL, 10); @@ -1991,7 +1989,6 @@ static const char *cmd_conn_write_state_limit(cmd_parms *cmd, void *_dcfg, ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, cmd->pool, "cmd_conn_write_state_limit: _dcfg is NULL"); return NULL; } - directory_config *dcfg = (directory_config *)_dcfg; long int limit; limit = strtol(p1, NULL, 10); @@ -2519,7 +2516,6 @@ static const char *cmd_sever_conn_filters_engine(cmd_parms *cmd, void *_dcfg, ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, cmd->pool, "cmd_sever_conn_filters_engine: _dcfg is NULL"); return NULL; } - directory_config *dcfg = (directory_config *)_dcfg; if (strcasecmp(p1, "on") == 0) { @@ -2587,7 +2583,6 @@ static const char *cmd_remote_rules_fail(cmd_parms *cmd, void *_dcfg, const char ap_log_perror(APLOG_MARK, APLOG_EMERG, 0, cmd->pool, "cmd_remote_rules_fail: _dcfg is NULL"); return NULL; } - directory_config *dcfg = (directory_config *)_dcfg; if (strncasecmp(p1, "warn", 4) == 0) { diff --git a/apache2/apache2_util.c b/apache2/apache2_util.c index faef43f0c..e13c64b90 100644 --- a/apache2/apache2_util.c +++ b/apache2/apache2_util.c @@ -215,10 +215,6 @@ static void internal_log_ex(request_rec *r, directory_config *dcfg, modsec_rec * apr_size_t nbytes, nbytes_written; apr_file_t *debuglog_fd = NULL; int filter_debug_level = 0; - char *remote = NULL; - char *parse_remote = NULL; - char *saved = NULL; - char *str = NULL; char str1[1024] = ""; char str2[1256] = ""; diff --git a/apache2/msc_crypt.c b/apache2/msc_crypt.c index 4f73d15a7..92690b62c 100644 --- a/apache2/msc_crypt.c +++ b/apache2/msc_crypt.c @@ -64,7 +64,6 @@ char *normalize_path(modsec_rec *msr, char *input) { if(uri->path) { char *Uri = NULL; - int bytes = 0; /*int i;*/ char *abs_link = NULL; char *filename = NULL; @@ -1079,22 +1078,18 @@ int inject_hashed_response_body(modsec_rec *msr, int elts) { if (ctype && encoding == NULL) { if (ctype && (p = m_strcasestr(ctype, "charset=") , p != NULL)) { p += 8 ; - if (encoding = apr_pstrndup(msr->mp, p, strcspn(p, " ;") ), encoding) { - xmlCharEncoding enc; - enc = xmlParseCharEncoding(encoding); - handler = xmlFindCharEncodingHandler(encoding); - } + encoding = apr_pstrndup(msr->mp, p, strcspn(p, " ;")); + handler = xmlFindCharEncodingHandler(encoding); } } else { if(encoding != NULL) { - xmlCharEncoding enc; - enc = xmlParseCharEncoding(encoding); handler = xmlFindCharEncodingHandler(encoding); } } if (msr->txcfg->debuglog_level >= 4) - msr_log(msr, 4, "inject_hashed_response_body: Detected encoding type [%s].", encoding); + msr_log(msr, 4, "inject_hashed_response_body: Detected encoding type [%s].", + encoding ? encoding : "(none)"); if (handler == NULL) handler = xmlFindCharEncodingHandler("UTF-8"); diff --git a/apache2/msc_geo.c b/apache2/msc_geo.c index 7d3a8e402..77f340370 100644 --- a/apache2/msc_geo.c +++ b/apache2/msc_geo.c @@ -279,7 +279,6 @@ int geo_lookup(modsec_rec *msr, geo_rec *georec, const char *target, char **erro apr_size_t nbytes; unsigned int rec_val = 0; apr_off_t seekto = 0; - apr_status_t ret; int rc; int country = 0; int level; diff --git a/apache2/msc_json.c b/apache2/msc_json.c index 0656fc258..950eb9b64 100644 --- a/apache2/msc_json.c +++ b/apache2/msc_json.c @@ -402,7 +402,6 @@ int json_complete(modsec_rec *msr, char **error_msg) { assert(msr != NULL); assert(msr->json != NULL); assert(error_msg != NULL); - char *json_data = (char *) NULL; *error_msg = NULL; diff --git a/apache2/msc_logging.c b/apache2/msc_logging.c index 39588b10f..8c7667ef5 100644 --- a/apache2/msc_logging.c +++ b/apache2/msc_logging.c @@ -1134,8 +1134,6 @@ void sec_audit_logger_json(modsec_rec *msr) { /* AUDITLOG_PART_TRAILER */ if (strchr(msr->txcfg->auditlog_parts, AUDITLOG_PART_TRAILER) != NULL) { - apr_time_t now = apr_time_now(); - /* Messages */ been_opened = 0; if (msr->alerts->nelts > 0) { diff --git a/apache2/msc_remote_rules.c b/apache2/msc_remote_rules.c index 37b886484..a3cf68892 100644 --- a/apache2/msc_remote_rules.c +++ b/apache2/msc_remote_rules.c @@ -719,9 +719,7 @@ int msc_remote_add_rules_from_uri(cmd_parms *orig_parms, if (plain_text[len] == '\n') { const char *rule = NULL; - int tmp = len; char *cmd_name = NULL; - char *word = NULL; const command_rec *cmd; ap_directive_t *newdir; @@ -792,6 +790,7 @@ int msc_remote_add_rules_from_uri(cmd_parms *orig_parms, { msc_remote_clean_chunk(&downloaded_content); } + return 0; #else *error_msg = "SecRemoteRules was not enabled during ModSecurity " \ "compilation."; diff --git a/apache2/msc_status_engine.c b/apache2/msc_status_engine.c index 458764164..48c7d0014 100644 --- a/apache2/msc_status_engine.c +++ b/apache2/msc_status_engine.c @@ -164,7 +164,6 @@ int DSOLOCAL msc_status_engine_mac_address (unsigned char *mac) #ifdef DARWIN struct ifaddrs* ifaphead; struct ifaddrs* ifap; - int i = 0; if ( getifaddrs( &ifaphead ) != 0 ) { goto failed; @@ -213,7 +212,6 @@ int DSOLOCAL msc_status_engine_mac_address (unsigned char *mac) } if ( ioctl( sock, SIOCGIFHWADDR, ifr ) == 0 ) { - int i = 0; if (!ifr->ifr_addr.sa_data[0] && !ifr->ifr_addr.sa_data[1] && !ifr->ifr_addr.sa_data[2]) { continue; @@ -287,7 +285,7 @@ int DSOLOCAL msc_status_engine_mac_address (unsigned char *mac) int DSOLOCAL msc_status_engine_unique_id (unsigned char *digest) { unsigned char hex_digest[APR_SHA1_DIGESTSIZE]; - unsigned char *mac_address = NULL; + unsigned char *mac_address = NULL, *digptr; char *machine_name = NULL; int ret = 0; int i = 0; @@ -321,9 +319,10 @@ int DSOLOCAL msc_status_engine_unique_id (unsigned char *digest) apr_sha1_update(&context, mac_address, strlen(mac_address)); apr_sha1_final(hex_digest, &context); - for (i = 0; i < APR_SHA1_DIGESTSIZE; i++) + for (i = 0, digptr = digest; i < APR_SHA1_DIGESTSIZE; i++) { - sprintf(digest, "%s%02x", digest, hex_digest[i]); + sprintf(digptr, "%02x", hex_digest[i]); + digptr += 2; } failed_set_machine_name: @@ -372,7 +371,7 @@ int DSOLOCAL msc_beacon_string (char *beacon_string, int beacon_string_max_len) /* 6 represents: strlen("(null)") */ beacon_string_len = (modsec ? strlen(modsec) : 6) + (apache ? strlen(apache) : 6) + (apr ? strlen(apr) : 6) + - (apr_loaded ? strlen(apr_loaded) : 6) + (pcre ? strlen(pcre) : 6) + + (apr_loaded ? strlen(apr_loaded) : 6) + strlen(pcre) + (pcre_loaded ? strlen(pcre_loaded) : 6) + (lua ? strlen(lua) : 6) + (libxml ? strlen(libxml) : 6) + (APR_SHA1_DIGESTSIZE * 2); diff --git a/apache2/msc_tree.c b/apache2/msc_tree.c index f8610b39e..feabdd0e0 100644 --- a/apache2/msc_tree.c +++ b/apache2/msc_tree.c @@ -833,7 +833,7 @@ TreeNode *CPTIpMatch(modsec_rec *msr, unsigned char *ipdata, CPTTree *tree, int } TreeNode *TreeAddIP(const char *buffer, CPTTree *tree, int type) { - unsigned long ip, ret; + unsigned long ret; unsigned char netmask_v4 = NETMASK_32, netmask_v6 = NETMASK_128; char ip_strv4[NETMASK_32], ip_strv6[NETMASK_128]; struct in_addr addr4; diff --git a/apache2/msc_util.c b/apache2/msc_util.c index fe13ab998..471a98a80 100644 --- a/apache2/msc_util.c +++ b/apache2/msc_util.c @@ -104,13 +104,12 @@ int swap_int32(int x) { * \retval rval On Success */ char *utf8_unicode_inplace_ex(apr_pool_t *mp, unsigned char *input, long int input_len, int *changed) { - int unicode_len = 0, length = 0; + int unicode_len = 0; unsigned int d = 0; unsigned char c, *utf; char *rval, *data; - unsigned int i, len, j; + unsigned int i, len; unsigned int bytes_left = input_len; - unsigned char *unicode = NULL; assert(input != NULL); @@ -2311,9 +2310,11 @@ int msc_headers_to_buffer(const apr_array_header_t *arr, char *buffer, int write_to_buffer = 0; int i = 0; const apr_table_entry_t *te = NULL; + char *ptr = NULL; if (buffer != NULL && buffer_length > 0) { write_to_buffer = 1; + ptr = buffer; } te = (apr_table_entry_t *)arr->elts; @@ -2329,7 +2330,9 @@ int msc_headers_to_buffer(const apr_array_header_t *arr, char *buffer, goto not_enough_memory; } - sprintf(buffer, "%s%s: %s\n", buffer, key, value); + assert(ptr && ptr < buffer + buffer_length); + sprintf(ptr, "%s: %s\n", key, value); + ptr = buffer + headers_length; /* for the next entry. */ } } @@ -2497,10 +2500,7 @@ int ip_tree_from_uri(TreeRoot **rtree, char *uri, apr_pool_t *mp, char **error_msg) { TreeNode *tnode = NULL; - apr_status_t rc; int line = 0; - apr_file_t *fd; - char *start; int res; struct msc_curl_memory_buffer_t chunk; diff --git a/apache2/re.c b/apache2/re.c index 0a8b0724d..d067c6841 100644 --- a/apache2/re.c +++ b/apache2/re.c @@ -205,10 +205,9 @@ char *msre_ruleset_phase_rule_update_target_matching_exception(modsec_rec *msr, assert(ruleset != NULL); assert(phase_arr != NULL); msre_rule **rules; - int i, j, mode; + int i, mode; char *err; - j = 0; mode = 0; rules = (msre_rule **)phase_arr->elts; for (i = 0; i < phase_arr->nelts; i++) { @@ -247,7 +246,6 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r char *my_error_msg = NULL, *target = NULL; char *p = NULL, *savedptr = NULL; unsigned int is_negated = 0, is_counting = 0; - int name_len = 0, value_len = 0; char *name = NULL, *value = NULL; char *opt = NULL, *param = NULL; char *target_list = NULL, *replace = NULL; @@ -297,10 +295,6 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r goto end; } - name_len = strlen(name); - - if (value != NULL) value_len = strlen(value); - targets = (msre_var **)rule->targets->elts; // TODO need a good way to remove the element from array, maybe change array by tables or rings for (i = 0; i < rule->targets->nelts; i++) { @@ -395,10 +389,6 @@ char *update_rule_target_ex(modsec_rec *msr, msre_ruleset *ruleset, msre_rule *r goto end; } - name_len = strlen(name); - - if (value != NULL) value_len = strlen(value); - if (msr) { msr_log(msr, 9, "Trying to append variable name [%s] value [%s]", name, value); }