Bug 1243121 - C-C ldap directory: fix -Werror=sign-compare: signed vs unsigned warnings (now treated as error) draft
authorISHIKAWA, Chiaki <ishikawa@yk.rim.or.jp>
Sat, 09 Nov 2019 10:59:42 +0900
changeset 81053 d99a160304829420651472937c6215feef556bad
parent 81052 499de8324dc19b2f56026e94a6e3040cf0519e37
child 81054 fdd020c4ac89aadcdf28ca1cffb7200bc86a3c79
push id9744
push userishikawa@yk.rim.or.jp
push dateSat, 09 Nov 2019 02:01:06 +0000
treeherdertry-comm-central@56c83244ac0e [default view] [failures only]
bugs1243121
Bug 1243121 - C-C ldap directory: fix -Werror=sign-compare: signed vs unsigned warnings (now treated as error) * * * typedef size_t ber_len_t; /new-hd1/extra/ishikawa/TB-3HG/NEW-COMMSRC/ldap/c-sdk/libraries/liblber/io.c:869:12: warning: cast from pointer to integer of different size [-Wpointer-to-int-cast] if ( ((ber_len_t) ber->ber_end - (ber_len_t) ber->ber_buf) < newlen) { * * *
ldap/c-sdk/include/lber.h
ldap/c-sdk/include/ldap-extension.h
ldap/c-sdk/libraries/liblber/decode.c
ldap/c-sdk/libraries/liblber/io.c
ldap/c-sdk/libraries/libldap/error.c
ldap/c-sdk/libraries/libldap/geteffectiverightsctrl.c
ldap/c-sdk/libraries/libldap/getoption.c
ldap/c-sdk/libraries/libldap/getvalues.c
ldap/c-sdk/libraries/libldap/memcache.c
ldap/c-sdk/libraries/libldap/os-ip.c
ldap/c-sdk/libraries/libldap/proxyauthctrl.c
ldap/c-sdk/libraries/libldap/pwmodext.c
ldap/c-sdk/libraries/libldap/request.c
ldap/c-sdk/libraries/libldap/saslbind.c
ldap/c-sdk/libraries/libldap/vlistctrl.c
ldap/c-sdk/libraries/libprldap/ldappr-io.c
--- a/ldap/c-sdk/include/lber.h
+++ b/ldap/c-sdk/include/lber.h
@@ -110,21 +110,31 @@ extern "C" {
 #define LBER_SOCKBUF_OPT_WRITE_FN 0x080
 #define LBER_SOCKBUF_OPT_EXT_IO_FNS 0x100
 #define LBER_SOCKBUF_OPT_VALID_TAG 0x200
 #define LBER_SOCKBUF_OPT_SOCK_ARG 0x400
 
 #define LBER_OPT_ON ((void *)1)
 #define LBER_OPT_OFF ((void *)0)
 
-typedef unsigned int ber_len_t;  /* for BER len */
+#  if 0
+typedef unsigned int ber_len_t; /* for BER len */
+#  else
+typedef size_t ber_len_t; /* for BER len */
+#  endif
 typedef unsigned int ber_tag_t;  /* for BER tags */
 typedef int ber_int_t;           /* for BER ints, enums, and Booleans */
 typedef unsigned int ber_uint_t; /* unsigned equivalent of ber_int_t */
-typedef int ber_slen_t;          /* signed equivalent of ber_len_t */
+//
+// XXX ber_slen_t needs to be tweaked based on 64-bit vs. 32-bit.
+// That is, ber_slen_t needs to be 64-bit on a 64-bit system.
+//
+// Let us use long for now.
+typedef long  ber_slen_t; /* signed equivalent of ber_len_t */
+
 
 typedef struct berval {
   ber_len_t bv_len;
   char *bv_val;
 } BerValue;
 
 typedef struct berelement BerElement;
 typedef struct sockbuf Sockbuf;
--- a/ldap/c-sdk/include/ldap-extension.h
+++ b/ldap/c-sdk/include/ldap-extension.h
@@ -805,20 +805,22 @@ LDAP_API(int) LDAP_CALL ldap_utf8isspace
 #define LDAP_UTF8INC(s) \
   ((0x80 & *(unsigned char *)(s)) ? s = ldap_utf8next(s) : ++s)
 
 #define LDAP_UTF8PREV(s) ldap_utf8prev(s)
 #define LDAP_UTF8DEC(s) (s = ldap_utf8prev(s))
 
 #define LDAP_UTF8COPY(d, s) \
   ((0x80 & *(unsigned char *)(s)) ? ldap_utf8copy(d, s) : ((*(d) = *(s)), 1))
+
 #define LDAP_UTF8GETCC(s) \
-  ((0x80 & *(unsigned char *)(s)) ? ldap_utf8getcc(&s) : *s++)
-#define LDAP_UTF8GETC(s) \
-  ((0x80 & *(unsigned char *)(s)) ? ldap_utf8getcc((const char **)&s) : *s++)
+  ((0x80 & *(unsigned char *)(s)) ? ldap_utf8getcc(&s) : (unsigned long)*s++)
+#define LDAP_UTF8GETC(s)                                              \
+  ((0x80 & *(unsigned char *)(s)) ? ldap_utf8getcc((const char **)&s) \
+                                  : (unsigned long)*s++)
 
 /* SASL options */
 #define LDAP_OPT_X_SASL_MECH 0x6100
 #define LDAP_OPT_X_SASL_REALM 0x6101
 #define LDAP_OPT_X_SASL_AUTHCID 0x6102
 #define LDAP_OPT_X_SASL_AUTHZID 0x6103
 #define LDAP_OPT_X_SASL_SSF 0x6104          /* read-only */
 #define LDAP_OPT_X_SASL_SSF_EXTERNAL 0x6105 /* write-only */
--- a/ldap/c-sdk/libraries/liblber/decode.c
+++ b/ldap/c-sdk/libraries/liblber/decode.c
@@ -65,17 +65,17 @@ ber_tag_t LDAP_CALL ber_get_tag(BerEleme
 
   if (ber_read(ber, (char *)&xbyte, 1) != 1) return (LBER_DEFAULT);
 
   if ((xbyte & LBER_BIG_TAG_MASK) != LBER_BIG_TAG_MASK)
     return ((ber_uint_t)xbyte);
 
   tagp = (char *)&tag;
   tagp[0] = xbyte;
-  for (i = 1; i < sizeof(ber_int_t); i++) {
+  for (i = 1; i < (int)sizeof(ber_int_t); i++) {
     if (ber_read(ber, (char *)&xbyte, 1) != 1) return (LBER_DEFAULT);
 
     tagp[i] = xbyte;
 
     if (!(xbyte & LBER_MORE_TAG_MASK)) break;
   }
 
   /* tag too big! */
@@ -118,17 +118,17 @@ ber_tag_t LDAP_CALL ber_skip_tag(BerElem
    * otherwise it's the short form.  We don't allow a length that's
    * greater than what we can hold in an unsigned long.
    */
 
   *len = netlen = 0;
   if (ber_read(ber, (char *)&lc, 1) != 1) return (LBER_DEFAULT);
   if (lc & 0x80) {
     noctets = (lc & 0x7f);
-    if (noctets > sizeof(ber_uint_t)) return (LBER_DEFAULT);
+    if (noctets > (int)sizeof(ber_uint_t)) return (LBER_DEFAULT);
     diff = sizeof(ber_int_t) - noctets;
     if (ber_read(ber, (char *)&netlen + diff, noctets) != noctets)
       return (LBER_DEFAULT);
     *len = LBER_NTOHL(netlen);
   } else {
     *len = lc;
   }
 
@@ -155,17 +155,17 @@ static int ber_getnint(BerElement *ber, 
   unsigned char buffer[sizeof(ber_int_t)];
   /*
    * The tag and length have already been stripped off.  We should
    * be sitting right before len bytes of 2's complement integer,
    * ready to be read straight into an int.  We may have to sign
    * extend after we read it in.
    */
 
-  if (len > sizeof(ber_slen_t)) return (-1);
+  if (len > (int)sizeof(ber_slen_t)) return (-1);
 
   /* read into the low-order bytes of netnum */
   if (ber_read(ber, (char *)buffer, len) != len) return (-1);
 
   /* This sets the required sign extension */
   if (len != 0) {
     value = 0x80 & buffer[0] ? (-1) : 0;
   } else {
@@ -240,17 +240,17 @@ ber_tag_t LDAP_CALL ber_get_stringb(BerE
 ber_tag_t LDAP_CALL ber_get_stringa(BerElement *ber, char **buf) {
   ber_len_t datalen, ndatalen;
   ber_tag_t tag;
 
   if ((tag = ber_skip_tag(ber, &datalen)) == LBER_DEFAULT)
     return (LBER_DEFAULT);
 
   if (((ndatalen = (size_t)datalen + 1) < (size_t)datalen) ||
-      (datalen > (ber->ber_end - ber->ber_ptr)) ||
+      (datalen > (ber_len_t)(ber->ber_end - ber->ber_ptr)) ||
       ((*buf = (char *)NSLBERI_MALLOC((size_t)ndatalen)) == NULL))
     return (LBER_DEFAULT);
 
   /*
    * datalen is being demoted to a long here --  possible conversion error
    */
   if (ber_read(ber, *buf, datalen) != (ber_slen_t)datalen) {
     NSLBERI_FREE(*buf);
@@ -288,17 +288,17 @@ ber_tag_t LDAP_CALL ber_get_stringal(Ber
 
   if ((tag = ber_skip_tag(ber, &len)) == LBER_DEFAULT) {
     NSLBERI_FREE(*bv);
     *bv = NULL;
     return (LBER_DEFAULT);
   }
 
   if (((nlen = (size_t)len + 1) < (size_t)len) ||
-      (len > (ber->ber_end - ber->ber_ptr)) ||
+      (len > (ber_len_t)(ber->ber_end - ber->ber_ptr)) ||
       (((*bv)->bv_val = (char *)NSLBERI_MALLOC((size_t)nlen)) == NULL)) {
     NSLBERI_FREE(*bv);
     *bv = NULL;
     return (LBER_DEFAULT);
   }
 
   /*
    * len is being demoted to a long here --  possible conversion error
@@ -337,17 +337,17 @@ ber_tag_t LDAP_CALL ber_get_bitstringa(B
   ber_len_t datalen;
   ber_tag_t tag;
   unsigned char unusedbits;
 
   if ((tag = ber_skip_tag(ber, &datalen)) == LBER_DEFAULT)
     return (LBER_DEFAULT);
   --datalen;
 
-  if ((datalen > (ber->ber_end - ber->ber_ptr)) ||
+  if ((datalen > (ber_len_t)(ber->ber_end - ber->ber_ptr)) ||
       ((*buf = (char *)NSLBERI_MALLOC((size_t)datalen)) == NULL))
     return (LBER_DEFAULT);
 
   if (ber_read(ber, (char *)&unusedbits, 1) != 1) {
     NSLBERI_FREE(*buf);
     *buf = NULL;
     return (LBER_DEFAULT);
   }
@@ -426,17 +426,17 @@ ber_tag_t LDAP_C ber_scanf(BerElement *b
 #ifdef LDAP_DEBUG
   if (lber_debug & 64) {
     char msg[80];
     sprintf(msg, "ber_scanf fmt (%s) ber:\n", fmt);
     ber_err_print(msg);
     ber_dump(ber, 1);
   }
 #endif
-  for (rc = 0, p = (char *)fmt; *p && rc != LBER_DEFAULT; p++) {
+  for (rc = 0, p = (char *)fmt; *p && rc != (int)LBER_DEFAULT; p++) {
     switch (*p) {
       case 'a': /* octet string - allocate storage as needed */
         ss = va_arg(ap, char **);
         rc = ber_get_stringa(ber, ss);
         break;
 
       case 'b': /* boolean */
         i = va_arg(ap, int *);
@@ -492,18 +492,18 @@ ber_tag_t LDAP_C ber_scanf(BerElement *b
         break;
 
       case 'v': /* sequence of strings */
         sss = va_arg(ap, char ***);
         *sss = NULL;
         j = 0;
         array_size = 0;
         for (tag = ber_first_element(ber, &len, &last);
-             tag != LBER_DEFAULT && tag != LBER_END_OF_SEQORSET &&
-             rc != LBER_DEFAULT;
+             tag != (int)LBER_DEFAULT && tag != (int)LBER_END_OF_SEQORSET &&
+             rc != (int)LBER_DEFAULT;
              tag = ber_next_element(ber, &len, last)) {
           if (*sss == NULL) {
             /* Make room for at least 15 strings */
             *sss = (char **)NSLBERI_MALLOC(16 * sizeof(char *));
             if (!*sss) {
               rc = LBER_DEFAULT;
               break; /* out of memory - cannot continue */
             }
@@ -521,31 +521,31 @@ ber_tag_t LDAP_C ber_scanf(BerElement *b
               ber_svecfree(save_sss);
               break; /* out of memory - cannot continue */
             }
           }
           (*sss)[j] = NULL;
           rc = ber_get_stringa(ber, &((*sss)[j]));
           j++;
         }
-        if (rc != LBER_DEFAULT && tag != LBER_END_OF_SEQORSET) {
+        if (rc != (int)LBER_DEFAULT && tag != (int)LBER_END_OF_SEQORSET) {
           rc = LBER_DEFAULT;
         }
         if (*sss && (j > 0)) {
           (*sss)[j] = NULL;
         }
         break;
 
       case 'V': /* sequence of strings + lengths */
         bv = va_arg(ap, struct berval ***);
         *bv = NULL;
         j = 0;
         for (tag = ber_first_element(ber, &len, &last);
-             tag != LBER_DEFAULT && tag != LBER_END_OF_SEQORSET &&
-             rc != LBER_DEFAULT;
+             tag != (int)LBER_DEFAULT && tag != (int)LBER_END_OF_SEQORSET &&
+             rc != (int)LBER_DEFAULT;
              tag = ber_next_element(ber, &len, last)) {
           if (*bv == NULL) {
             *bv = (struct berval **)NSLBERI_MALLOC(2 * sizeof(struct berval *));
             if (!*bv) {
               rc = LBER_DEFAULT;
               break; /* out of memory - cannot continue */
             }
           } else {
@@ -556,26 +556,26 @@ ber_tag_t LDAP_C ber_scanf(BerElement *b
               rc = LBER_DEFAULT;
               ber_bvecfree(save_bv);
               break; /* out of memory - cannot continue */
             }
           }
           rc = ber_get_stringal(ber, &((*bv)[j]));
           j++;
         }
-        if (rc != LBER_DEFAULT && tag != LBER_END_OF_SEQORSET) {
+        if (rc != (int)LBER_DEFAULT && tag != (int)LBER_END_OF_SEQORSET) {
           rc = LBER_DEFAULT;
         }
         if (*bv && (j > 0)) {
           (*bv)[j] = NULL;
         }
         break;
 
       case 'x': /* skip the next element - whatever it is */
-        if ((rc = ber_skip_tag(ber, &len)) == LBER_DEFAULT) break;
+        if ((rc = ber_skip_tag(ber, &len)) == (int)LBER_DEFAULT) break;
         ber->ber_ptr += len;
         break;
 
       case '{': /* begin sequence */
       case '[': /* begin set */
         if (*(p + 1) != 'v' && *(p + 1) != 'V') rc = ber_skip_tag(ber, &len);
         break;
 
@@ -590,17 +590,17 @@ ber_tag_t LDAP_C ber_scanf(BerElement *b
       }
         rc = LBER_DEFAULT;
         break;
     }
   }
 
   va_end(ap);
 
-  if (rc == LBER_DEFAULT) {
+  if (rc == (int)LBER_DEFAULT) {
     va_start(ap, fmt);
     for (p--; fmt < p && *fmt; fmt++) {
       switch (*fmt) {
         case 'a': /* octet string - allocate storage as needed */
           ss = va_arg(ap, char **);
           NSLBERI_FREE(*ss);
           *ss = NULL;
           break;
--- a/ldap/c-sdk/libraries/liblber/io.c
+++ b/ldap/c-sdk/libraries/liblber/io.c
@@ -654,17 +654,17 @@ static ber_len_t get_ber_len(BerElement 
   ber_len_t len = 0;
   char xbyte;
 
   xbyte = ber->ber_len_contents[0];
 
   /* long form */
   if (xbyte & 0x80) {
     noctets = (int)(xbyte & 0x7f);
-    if (noctets >= MAX_LEN_SIZE) {
+    if (noctets >= (int)MAX_LEN_SIZE) {
       return (LBER_DEFAULT);
     }
     SAFEMEMCPY((char *)&len + sizeof(ber_len_t) - noctets,
                &ber->ber_len_contents[1], noctets);
     len = LBER_NTOHL(len);
     return (len);
   } else {
     return ((ber_len_t)(xbyte));
@@ -694,17 +694,17 @@ static ber_len_t read_len_in_ber(Sockbuf
   } else {
     rc = ber->ber_tag_len_read - 2;
     xbyte = ber->ber_len_contents[0];
   }
 
   /* long form of the length value */
   if (xbyte & 0x80) {
     noctets = (xbyte & 0x7f);
-    if (noctets >= MAX_LEN_SIZE) return (LBER_DEFAULT);
+    if (noctets >= (int)MAX_LEN_SIZE) return (LBER_DEFAULT);
     while (rc < noctets) {
       read_result = BerRead(sb, &(ber->ber_len_contents[1]) + rc, noctets - rc);
       if (read_result <= 0) {
         ber->ber_tag_len_read =
             rc + 2; /* so we can continue later - include tag and lenlen */
         return (LBER_DEFAULT);
       }
       rc += read_result;
@@ -1214,17 +1214,17 @@ static ber_tag_t get_buffer_tag(byte_buf
   }
 
   if ((xbyte & LBER_BIG_TAG_MASK) != LBER_BIG_TAG_MASK) {
     return ((ber_uint_t)xbyte);
   }
 
   tagp = (char *)&tag;
   tagp[0] = xbyte;
-  for (i = 1; i < sizeof(ber_int_t); i++) {
+  for (i = 1; i < (int)sizeof(ber_int_t); i++) {
     if (read_bytes(sb, &xbyte, 1) != 1) return (LBER_DEFAULT);
 
     tagp[i] = xbyte;
 
     if (!(xbyte & LBER_MORE_TAG_MASK)) break;
   }
 
   /* tag too big! */
@@ -1237,19 +1237,20 @@ static ber_tag_t get_buffer_tag(byte_buf
 /* Like ber_get_next, but from a byte buffer the caller already has. */
 /* Bytes_Scanned returns the number of bytes we actually looked at in the
  * buffer. */
 /* ber_get_next_buffer is now implemented in terms of ber_get_next_buffer_ext */
 /* and is here for backward compatibility.  This new function allows us to pass
  */
 /* the Sockbuf structure along */
 
-ber_uint_t LDAP_CALL ber_get_next_buffer(void *buffer, size_t buffer_size,
-                                         ber_len_t *len, BerElement *ber,
-                                         ber_uint_t *Bytes_Scanned) {
+// was ber_uint_t
+ber_tag_t LDAP_CALL ber_get_next_buffer(void *buffer, size_t buffer_size,
+                                        ber_len_t *len, BerElement *ber,
+                                        ber_len_t *Bytes_Scanned) {
   return (ber_get_next_buffer_ext(buffer, buffer_size, len, ber, Bytes_Scanned,
                                   NULL));
 }
 
 /*
  * Returns the tag of the message or LBER_ return code if an error occurs.
  *
  * If there was not enough data in the buffer to complete the message this
@@ -1260,20 +1261,22 @@ ber_uint_t LDAP_CALL ber_get_next_buffer
  * type or the value preset via LBER_SOCKBUF_OPT_MAX_INCOMING_SIZE option,
  * *Bytes_Scanned is set to zero and return code is set to LBER_OVERFLOW.
  *
  * For backward compatibility errno is also set on these error conditions:
  *
  * EINVAL   - LBER_SOCKBUF_OPT_VALID_TAG option set but tag doesn't match.
  * EMSGSIZE - an overflow condition as described above for LBER_OVERFLOW.
  */
-ber_uint_t LDAP_CALL ber_get_next_buffer_ext(void *buffer, size_t buffer_size,
-                                             ber_len_t *len, BerElement *ber,
-                                             ber_uint_t *Bytes_Scanned,
-                                             Sockbuf *sock) {
+
+// was ber_uint_t
+ber_tag_t LDAP_CALL ber_get_next_buffer_ext(void *buffer, size_t buffer_size,
+                                            ber_len_t *len, BerElement *ber,
+                                            ber_len_t *Bytes_Scanned,
+                                            Sockbuf *sock) {
   ber_tag_t tag = 0;
   ber_len_t netlen;
   ber_len_t toread;
   unsigned char lc;
   ssize_t rc;
   int noctets, diff;
   byte_buffer sb = {0};
 
@@ -1355,17 +1358,17 @@ ber_uint_t LDAP_CALL ber_get_next_buffer
       *len = netlen = 0;
       if (read_bytes(&sb, &lc, 1) != 1) {
         goto premature_exit;
       }
       if (lc & 0x80) {
         int nbytes;
 
         noctets = (lc & 0x7f);
-        if (noctets > sizeof(ber_uint_t)) {
+        if (noctets > (int)sizeof(ber_uint_t)) {
 #if !defined(macintosh) && !defined(DOS)
           errno = EMSGSIZE;
 #endif
           *Bytes_Scanned = 0;
           return (LBER_OVERFLOW);
         }
         diff = sizeof(ber_uint_t) - noctets;
         if ((nbytes = read_bytes(&sb, (unsigned char *)&netlen + diff,
--- a/ldap/c-sdk/libraries/libldap/error.c
+++ b/ldap/c-sdk/libraries/libldap/error.c
@@ -386,60 +386,61 @@ int nsldapi_parse_result(LDAP *ld, int m
   if (serverctrlsp != NULL) {
     *serverctrlsp = NULL;
   }
   ber = *rber; /* struct copy */
 
   if (NSLDAPI_LDAP_VERSION(ld) < LDAP_VERSION2) {
     berrc = ber_scanf(&ber, "{ia}", &errcode, &e);
   } else {
-    if ((berrc = ber_scanf(&ber, "{iaa", &errcode, &m, &e)) != LBER_ERROR) {
+    if ((berrc = ber_scanf(&ber, "{iaa", &errcode, &m, &e)) !=
+        (int)LBER_ERROR) {
       /* check for optional referrals */
       if (ber_peek_tag(&ber, &len) == LDAP_TAG_REFERRAL) {
         if (referralsp == NULL) {
           /* skip referrals */
           berrc = ber_scanf(&ber, "x");
         } else {
           /* suck out referrals */
           berrc = ber_scanf(&ber, "v", referralsp);
         }
       } else if (referralsp != NULL) {
         *referralsp = NULL;
       }
     }
 
-    if (berrc != LBER_ERROR) {
+    if (berrc != (int)LBER_ERROR) {
       /*
        * skip past optional operation-specific elements:
        *   bind results - serverSASLcreds
        *   extendedop results -  OID plus value
        */
       if (msgtype == LDAP_RES_BIND) {
         if (ber_peek_tag(&ber, &len) == LDAP_TAG_SASL_RES_CREDS) {
           berrc = ber_scanf(&ber, "x");
         }
       } else if (msgtype == LDAP_RES_EXTENDED) {
         if (ber_peek_tag(&ber, &len) == LDAP_TAG_EXOP_RES_OID) {
           berrc = ber_scanf(&ber, "x");
         }
-        if (berrc != LBER_ERROR &&
+        if (berrc != (int)LBER_ERROR &&
             ber_peek_tag(&ber, &len) == LDAP_TAG_EXOP_RES_VALUE) {
           berrc = ber_scanf(&ber, "x");
         }
       }
     }
 
     /* pull out controls (if requested and any are present) */
-    if (berrc != LBER_ERROR && serverctrlsp != NULL &&
-        (berrc = ber_scanf(&ber, "}")) != LBER_ERROR) {
+    if (berrc != (int)LBER_ERROR && serverctrlsp != NULL &&
+        (berrc = ber_scanf(&ber, "}")) != (int)LBER_ERROR) {
       err = nsldapi_get_controls(&ber, serverctrlsp);
     }
   }
 
-  if (berrc == LBER_ERROR && err == LDAP_SUCCESS) {
+  if (berrc == (int)LBER_ERROR && err == LDAP_SUCCESS) {
     err = LDAP_DECODING_ERROR;
   }
 
   if (errcodep != NULL) {
     *errcodep = errcode;
   }
   if (matchednp != NULL) {
     *matchednp = m;
--- a/ldap/c-sdk/libraries/libldap/geteffectiverightsctrl.c
+++ b/ldap/c-sdk/libraries/libldap/geteffectiverightsctrl.c
@@ -81,17 +81,17 @@ int LDAP_CALL ldap_create_geteffectiveRi
   }
 
   /* create a ber package to hold the controlValue */
   if ((nsldapi_alloc_ber_with_options(ld, &ber)) != LDAP_SUCCESS) {
     LDAP_SET_LDERRNO(ld, LDAP_NO_MEMORY, NULL, NULL);
     return (LDAP_NO_MEMORY);
   }
 
-  if (LBER_ERROR == ber_printf(ber, "{s{v}}", authzid, attrlist)) {
+  if ((int)LBER_ERROR == ber_printf(ber, "{s{v}}", authzid, attrlist)) {
     LDAP_SET_LDERRNO(ld, LDAP_ENCODING_ERROR, NULL, NULL);
     ber_free(ber, 1);
     return (LDAP_ENCODING_ERROR);
   }
 
   rc = nsldapi_build_control(LDAP_CONTROL_GETEFFECTIVERIGHTS_REQUEST, ber, 1,
                              ctl_iscritical, ctrlp);
 
--- a/ldap/c-sdk/libraries/libldap/getoption.c
+++ b/ldap/c-sdk/libraries/libldap/getoption.c
@@ -411,17 +411,17 @@ static int nsldapi_get_api_info(LDAPAPII
   } else {
     if ((aip->ldapai_extensions = NSLDAPI_CALLOC(NSLDAPI_EXTENSIONS_COUNT + 1,
                                                  sizeof(char *))) == NULL) {
       NSLDAPI_FREE(aip->ldapai_vendor_name);
       aip->ldapai_vendor_name = NULL;
       return (LDAP_NO_MEMORY);
     }
 
-    for (i = 0; i < NSLDAPI_EXTENSIONS_COUNT; ++i) {
+    for (i = 0; (unsigned)i < NSLDAPI_EXTENSIONS_COUNT; ++i) {
       if ((aip->ldapai_extensions[i] =
                nsldapi_strdup(nsldapi_extensions[i].ldapaif_name)) == NULL) {
         ldap_value_free(aip->ldapai_extensions);
         NSLDAPI_FREE(aip->ldapai_vendor_name);
         aip->ldapai_extensions = NULL;
         aip->ldapai_vendor_name = NULL;
         return (LDAP_NO_MEMORY);
       }
@@ -442,17 +442,18 @@ static int nsldapi_get_feature_info(LDAP
     return (LDAP_PARAM_ERROR);
   }
 
   if (fip->ldapaif_info_version != LDAP_FEATURE_INFO_VERSION) {
     fip->ldapaif_info_version = LDAP_FEATURE_INFO_VERSION;
     return (LDAP_PARAM_ERROR);
   }
 
-  for (i = 0; i < NSLDAPI_EXTENSIONS_COUNT; ++i) {
+  for (i = 0; (unsigned)i < NSLDAPI_EXTENSIONS_COUNT; ++i) {
     if (strcmp(fip->ldapaif_name, nsldapi_extensions[i].ldapaif_name) == 0) {
       fip->ldapaif_version = nsldapi_extensions[i].ldapaif_version;
       break;
     }
   }
 
-  return ((i < NSLDAPI_EXTENSIONS_COUNT) ? LDAP_SUCCESS : LDAP_PARAM_ERROR);
+  return (((unsigned)i < NSLDAPI_EXTENSIONS_COUNT) ? LDAP_SUCCESS
+                                                   : LDAP_PARAM_ERROR);
 }
--- a/ldap/c-sdk/libraries/libldap/getvalues.c
+++ b/ldap/c-sdk/libraries/libldap/getvalues.c
@@ -99,17 +99,17 @@ static void **internal_ldap_get_values(L
    */
 
   if (lencall) {
     rc = ber_scanf(&ber, "[V]", &vals);
   } else {
     rc = ber_scanf(&ber, "[v]", &vals);
   }
 
-  if (rc == LBER_ERROR) {
+  if (rc == (int)LBER_ERROR) {
     rc = LDAP_DECODING_ERROR;
   } else {
     rc = LDAP_SUCCESS;
   }
 
   LDAP_SET_LDERRNO(ld, rc, NULL, NULL);
 
   return ((rc == LDAP_SUCCESS) ? vals : NULL);
--- a/ldap/c-sdk/libraries/libldap/memcache.c
+++ b/ldap/c-sdk/libraries/libldap/memcache.c
@@ -166,18 +166,18 @@ typedef struct ldapmemcacheRes_struct {
 typedef struct ldapmemcacheStats_struct {
   unsigned long ldmemcstat_tries;
   unsigned long ldmemcstat_hits;
 } ldapmemcacheStats;
 
 /* Structure of a memcache object */
 struct ldapmemcache {
   unsigned long ldmemc_ttl;
-  unsigned long ldmemc_size;
-  unsigned long ldmemc_size_used;
+  long ldmemc_size;
+  long ldmemc_size_used;
   unsigned long ldmemc_size_entries;
   char **ldmemc_basedns;
   void *ldmemc_lock;
   ldapmemcacheld *ldmemc_lds;
   HashTable *ldmemc_resTmp;
   HashTable *ldmemc_resLookup;
   ldapmemcacheRes *ldmemc_resHead[LIST_TOTAL];
   ldapmemcacheRes *ldmemc_resTail[LIST_TOTAL];
@@ -215,17 +215,17 @@ static int memcache_add(LDAP *ld, unsign
 static int memcache_append(LDAP *ld, int msgid, LDAPMessage *pRes);
 static int memcache_append_last(LDAP *ld, int msgid, LDAPMessage *pRes);
 static int memcache_remove(LDAP *ld, int msgid);
 #if 0  /* function not used */
 static int memcache_remove_all(LDAP *ld);
 #endif /* 0 */
 static int memcache_access(LDAPMemCache *cache, int mode, void *pData1,
                            void *pData2, void *pData3);
-static void memcache_flush(LDAPMemCache *cache, char *dn, int scope,
+static void memcache_flush(LDAPMemCache *cache, char *dn, long scope,
                            int flushresults);
 #ifdef LDAP_DEBUG
 static void memcache_print_list(LDAPMemCache *cache, int index);
 static void memcache_report_statistics(LDAPMemCache *cache);
 #endif /* LDAP_DEBUG */
 
 static int htable_calculate_size(int sizelimit);
 static int htable_sizeinbytes(HashTable *pTable);
@@ -908,18 +908,18 @@ static int memcache_adj_size(LDAPMemCach
                      "memcache_adj_size: failed (LRU flush failed).\n", 0, 0,
                      0);
           return (LDAP_SIZELIMIT_EXCEEDED);
         }
       }
     }
     if (usageFlags & MEMCACHE_SIZE_ENTRIES) cache->ldmemc_size_entries += size;
   } else {
+    assert(cache->ldmemc_size_used >= (unsigned)size);
     cache->ldmemc_size_used -= size;
-    assert(cache->ldmemc_size_used >= 0);
     if (usageFlags & MEMCACHE_SIZE_ENTRIES) cache->ldmemc_size_entries -= size;
   }
 
 #ifdef LDAP_DEBUG
   if (cache->ldmemc_size == 0) { /* no size limit */
     LDAPDebug1(LDAP_DEBUG_TRACE,
                "memcache_adj_size: succeeded (new size: %ld bytes).\n",
                cache->ldmemc_size_used, 0, 0);
@@ -1449,17 +1449,17 @@ static int memcache_access(LDAPMemCache 
       memcache_free_entry(cache, pCurRes);
     }
     cache->ldmemc_resTail[LIST_TTL] = NULL;
   }
   /* Remove cached entries in both primary and temporary cache. */
   else if ((mode == MEMCACHE_ACCESS_FLUSH) ||
            (mode == MEMCACHE_ACCESS_FLUSH_RESULTS)) {
     int i, list_id, bDone;
-    int scope = (int)pData2;
+    long scope = (long)pData2;
     char *dn = (char *)pData1;
     char *dnTmp;
     BerElement ber;
     LDAPMessage *pMsg;
     ldapmemcacheRes *pRes;
 
     if (cache->ldmemc_basedns) {
       for (i = 0; cache->ldmemc_basedns[i]; i++) {
@@ -1542,17 +1542,17 @@ static int memcache_access(LDAPMemCache 
   /* Unknown command */
   else {
     nRes = LDAP_PARAM_ERROR;
   }
 
   return nRes;
 }
 
-static void memcache_flush(LDAPMemCache *cache, char *dn, int scope,
+static void memcache_flush(LDAPMemCache *cache, char *dn, long scope,
                            int flushresults) {
   if (!NSLDAPI_VALID_MEMCACHE_POINTER(cache)) {
     return;
   }
 
   LDAP_MEMCACHE_MUTEX_LOCK(cache);
 
   if (!dn) {
@@ -1715,17 +1715,17 @@ static int htable_free(HashTable *pTable
   NSLDAPI_FREE(pTable);
   return (LDAP_SUCCESS);
 }
 
 /**************** Hash table callbacks for temporary cache ****************/
 
 /* Hash function */
 static int msgid_hashf(int table_size, void *key) {
-  unsigned code = (unsigned)((ldapmemcacheReqId *)key)->ldmemcrid_ld;
+  unsigned long code = (unsigned long)((ldapmemcacheReqId *)key)->ldmemcrid_ld;
   return (((code << 20) + (code >> 12)) % table_size);
 }
 
 /* Called by hash table to insert an item. */
 static int msgid_putdata(void **ppTableData, void *key, void *pData) {
   ldapmemcacheReqId *pReqId = (ldapmemcacheReqId *)key;
   ldapmemcacheRes *pRes = (ldapmemcacheRes *)pData;
   ldapmemcacheRes **ppHead = (ldapmemcacheRes **)ppTableData;
--- a/ldap/c-sdk/libraries/libldap/os-ip.c
+++ b/ldap/c-sdk/libraries/libldap/os-ip.c
@@ -561,17 +561,17 @@ static int nsldapi_try_each_host(LDAP *l
   while (!connected && LDAP_SUCCESS == parse_err && host != NULL) {
     ldhpbuf_allocd = NULL;
     ldhp = NULL;
     hp = NULL;
     s = 0;
     use_hp = 0;
     addrlist = NULL;
 
-    if ((address = inet_addr(host)) == -1) {
+    if ((address = inet_addr(host)) == (nsldapi_in_addr_t)(-1)) {
       if (ld->ld_dns_gethostbyname_fn == NULL) {
 #  ifdef GETHOSTBYNAME_R_RETURNS_INT
         (void)GETHOSTBYNAME(host, &hent, hbuf, sizeof(hbuf), &hp, &err);
 #  else
         hp = GETHOSTBYNAME(host, &hent, hbuf, sizeof(hbuf), &err);
 #  endif
         if (hp != NULL) {
           addrlist = hp->h_addr_list;
--- a/ldap/c-sdk/libraries/libldap/proxyauthctrl.c
+++ b/ldap/c-sdk/libraries/libldap/proxyauthctrl.c
@@ -73,17 +73,17 @@ int LDAP_CALL ldap_create_proxyauth_cont
   }
 
   /* create a ber package to hold the controlValue */
   if ((nsldapi_alloc_ber_with_options(ld, &ber)) != LDAP_SUCCESS) {
     LDAP_SET_LDERRNO(ld, LDAP_NO_MEMORY, NULL, NULL);
     return (LDAP_NO_MEMORY);
   }
 
-  if (LBER_ERROR == ber_printf(ber, "{s}", dn)) {
+  if ((int)LBER_ERROR == ber_printf(ber, "{s}", dn)) {
     LDAP_SET_LDERRNO(ld, LDAP_ENCODING_ERROR, NULL, NULL);
     ber_free(ber, 1);
     return (LDAP_ENCODING_ERROR);
   }
 
   rc = nsldapi_build_control(LDAP_CONTROL_PROXYAUTH, ber, 1, ctl_iscritical,
                              ctrlp);
 
@@ -120,17 +120,17 @@ int LDAP_CALL ldap_create_proxiedauth_co
   }
 
   /* create a ber package to hold the controlValue */
   if ((nsldapi_alloc_ber_with_options(ld, &ber)) != LDAP_SUCCESS) {
     LDAP_SET_LDERRNO(ld, LDAP_NO_MEMORY, NULL, NULL);
     return (LDAP_NO_MEMORY);
   }
 
-  if (LBER_ERROR == ber_printf(ber, "s", authzid)) {
+  if ((int)LBER_ERROR == ber_printf(ber, "s", authzid)) {
     LDAP_SET_LDERRNO(ld, LDAP_ENCODING_ERROR, NULL, NULL);
     ber_free(ber, 1);
     return (LDAP_ENCODING_ERROR);
   }
 
   rc = nsldapi_build_control(LDAP_CONTROL_PROXIEDAUTH, ber, 1, 1, ctrlp);
 
   LDAP_SET_LDERRNO(ld, rc, NULL, NULL);
--- a/ldap/c-sdk/libraries/libldap/pwmodext.c
+++ b/ldap/c-sdk/libraries/libldap/pwmodext.c
@@ -66,50 +66,52 @@ int LDAP_CALL ldap_passwd(LDAP *ld, stru
     }
 
     /*
      * PasswdModifyRequestValue ::= SEQUENCE {
      *   userIdentity    [0]  OCTET STRING OPTIONAL
      *   oldPasswd       [1]  OCTET STRING OPTIONAL
      *   newPasswd       [2]  OCTET STRING OPTIONAL }
      */
-    if (LBER_ERROR == (ber_printf(ber, "{"))) {
+    if ((int)LBER_ERROR == (ber_printf(ber, "{"))) {
       LDAP_SET_LDERRNO(ld, LDAP_ENCODING_ERROR, NULL, NULL);
       ber_free(ber, 1);
       return (LDAP_ENCODING_ERROR);
     }
 
     if (userid && userid->bv_val && userid->bv_len) {
-      if (LBER_ERROR == (ber_printf(ber, "to", LDAP_TAG_PWDMOD_REQ_ID,
-                                    userid->bv_val, userid->bv_len))) {
+      if ((int)LBER_ERROR == (ber_printf(ber, "to", LDAP_TAG_PWDMOD_REQ_ID,
+                                         userid->bv_val, userid->bv_len))) {
         LDAP_SET_LDERRNO(ld, LDAP_ENCODING_ERROR, NULL, NULL);
         ber_free(ber, 1);
         return (LDAP_ENCODING_ERROR);
       }
     }
 
     if (oldpasswd && oldpasswd->bv_val && oldpasswd->bv_len) {
-      if (LBER_ERROR == (ber_printf(ber, "to", LDAP_TAG_PWDMOD_REQ_OLD,
-                                    oldpasswd->bv_val, oldpasswd->bv_len))) {
+      if ((int)LBER_ERROR ==
+          (ber_printf(ber, "to", LDAP_TAG_PWDMOD_REQ_OLD, oldpasswd->bv_val,
+                      oldpasswd->bv_len))) {
         LDAP_SET_LDERRNO(ld, LDAP_ENCODING_ERROR, NULL, NULL);
         ber_free(ber, 1);
         return (LDAP_ENCODING_ERROR);
       }
     }
 
     if (newpasswd && newpasswd->bv_val && newpasswd->bv_len) {
-      if (LBER_ERROR == (ber_printf(ber, "to", LDAP_TAG_PWDMOD_REQ_NEW,
-                                    newpasswd->bv_val, newpasswd->bv_len))) {
+      if ((int)LBER_ERROR ==
+          (ber_printf(ber, "to", LDAP_TAG_PWDMOD_REQ_NEW, newpasswd->bv_val,
+                      newpasswd->bv_len))) {
         LDAP_SET_LDERRNO(ld, LDAP_ENCODING_ERROR, NULL, NULL);
         ber_free(ber, 1);
         return (LDAP_ENCODING_ERROR);
       }
     }
 
-    if (LBER_ERROR == (ber_printf(ber, "}"))) {
+    if ((int)LBER_ERROR == (ber_printf(ber, "}"))) {
       LDAP_SET_LDERRNO(ld, LDAP_ENCODING_ERROR, NULL, NULL);
       ber_free(ber, 1);
       return (LDAP_ENCODING_ERROR);
     }
 
     /* allocate struct berval with contents of the BER encoding */
     rc = ber_flatten(ber, &requestdata);
     if (rc == -1) {
--- a/ldap/c-sdk/libraries/libldap/request.c
+++ b/ldap/c-sdk/libraries/libldap/request.c
@@ -1356,17 +1356,17 @@ static int re_encode_request(LDAP *ld, B
     rc = ber_scanf(&tmpber, "a", &orig_dn);
   } else if (tag == LDAP_REQ_SEARCH) {
     /* need scope */
     rc = ber_scanf(&tmpber, "{ae", &orig_dn, &scope);
   } else {
     rc = ber_scanf(&tmpber, "{a", &orig_dn);
   }
 
-  if (rc == LBER_ERROR) {
+  if (rc == (int)LBER_ERROR) {
     return (LDAP_DECODING_ERROR);
   }
 
   if (ludp->lud_dn == NULL) {
     dn = orig_dn;
   } else {
     dn = ludp->lud_dn;
     NSLDAPI_FREE(orig_dn);
--- a/ldap/c-sdk/libraries/libldap/saslbind.c
+++ b/ldap/c-sdk/libraries/libldap/saslbind.c
@@ -781,25 +781,26 @@ int LDAP_CALL ldap_parse_sasl_bind_resul
     *servercredp = NULL;
   }
 
   ber = *(res->lm_ber); /* struct copy */
 
   /* skip past message id, matched dn, error message ... */
   rc = ber_scanf(&ber, "{iaa}", &along, &m, &e);
 
-  if (rc != LBER_ERROR && ber_peek_tag(&ber, &len) == LDAP_TAG_SASL_RES_CREDS) {
+  if (rc != (int)LBER_ERROR &&
+      ber_peek_tag(&ber, &len) == LDAP_TAG_SASL_RES_CREDS) {
     rc = ber_get_stringal(&ber, servercredp);
   }
 
   if (freeit) {
     ldap_msgfree(res);
   }
 
-  if (rc == LBER_ERROR) {
+  if (rc == (int)LBER_ERROR) {
     err = LDAP_DECODING_ERROR;
   } else {
     err = (int)along;
   }
 
   LDAP_SET_LDERRNO(ld, err, m, e);
   /* this is a little kludge for the 3.0 Barracuda/hammerhead release */
   /* the docs state that the return is either LDAP_DECODING_ERROR */
--- a/ldap/c-sdk/libraries/libldap/vlistctrl.c
+++ b/ldap/c-sdk/libraries/libldap/vlistctrl.c
@@ -91,39 +91,40 @@ int LDAP_CALL ldap_create_virtuallist_co
   }
 
   /* create a ber package to hold the controlValue */
   if (LDAP_SUCCESS != nsldapi_alloc_ber_with_options(ld, &ber)) {
     LDAP_SET_LDERRNO(ld, LDAP_NO_MEMORY, NULL, NULL);
     return (LDAP_NO_MEMORY);
   }
 
-  if (LBER_ERROR == ber_printf(ber, "{ii", ldvlistp->ldvlist_before_count,
-                               ldvlistp->ldvlist_after_count))
+  if ((int)LBER_ERROR == ber_printf(ber, "{ii", ldvlistp->ldvlist_before_count,
+                                    ldvlistp->ldvlist_after_count))
   /* XXX lossy casts */
   {
     LDAP_SET_LDERRNO(ld, LDAP_ENCODING_ERROR, NULL, NULL);
     ber_free(ber, 1);
     return (LDAP_ENCODING_ERROR);
   }
 
   if (NULL == ldvlistp->ldvlist_attrvalue) {
-    if (LBER_ERROR == ber_printf(ber, "t{ii}}", LDAP_TAG_VLV_BY_INDEX,
-                                 ldvlistp->ldvlist_index,
-                                 ldvlistp->ldvlist_size))
+    if ((int)LBER_ERROR == ber_printf(ber, "t{ii}}", LDAP_TAG_VLV_BY_INDEX,
+                                      ldvlistp->ldvlist_index,
+                                      ldvlistp->ldvlist_size))
     /* XXX lossy casts */
     {
       LDAP_SET_LDERRNO(ld, LDAP_ENCODING_ERROR, NULL, NULL);
       ber_free(ber, 1);
       return (LDAP_ENCODING_ERROR);
     }
   } else {
-    if (LBER_ERROR == ber_printf(ber, "to}", LDAP_TAG_VLV_BY_VALUE,
-                                 ldvlistp->ldvlist_attrvalue,
-                                 (int)strlen(ldvlistp->ldvlist_attrvalue))) {
+    if ((int)LBER_ERROR ==
+        ber_printf(ber, "to}", LDAP_TAG_VLV_BY_VALUE,
+                   ldvlistp->ldvlist_attrvalue,
+                   (int)strlen(ldvlistp->ldvlist_attrvalue))) {
       LDAP_SET_LDERRNO(ld, LDAP_ENCODING_ERROR, NULL, NULL);
       ber_free(ber, 1);
       return (LDAP_ENCODING_ERROR);
     }
   }
 
   rc = nsldapi_build_control(LDAP_CONTROL_VLVREQUEST, ber, 1, 1, ctrlp);
 
@@ -197,18 +198,18 @@ int LDAP_CALL ldap_parse_virtuallist_con
   /*  allocate a Ber element with the contents of the list_control's struct
    * berval */
   if ((ber = ber_init(&listCtrlp->ldctl_value)) == NULL) {
     LDAP_SET_LDERRNO(ld, LDAP_NO_MEMORY, NULL, NULL);
     return (LDAP_NO_MEMORY);
   }
 
   /* decode the result from the Berelement */
-  if (LBER_ERROR ==
-      ber_scanf(ber, "{iie}", &target_pos, &list_size, &errcode)) {
+  if ((int)LBER_ERROR ==
+      (int)ber_scanf(ber, "{iie}", &target_pos, &list_size, &errcode)) {
     LDAP_SET_LDERRNO(ld, LDAP_DECODING_ERROR, NULL, NULL);
     ber_free(ber, 1);
     return (LDAP_DECODING_ERROR);
   }
 
   if (target_posp != NULL) {
     *target_posp = target_pos;
   }
--- a/ldap/c-sdk/libraries/libprldap/ldappr-io.c
+++ b/ldap/c-sdk/libraries/libprldap/ldappr-io.c
@@ -261,33 +261,33 @@ prldap_poll(LDAP_X_PollFD fds[], int nfd
   for (i = 0; i < nfds; ++i) {
     if (NULL == fds[i].lpoll_socketarg) {
       pds[i].fd = NULL;
     } else {
       pds[i].fd = PRLDAP_GET_PRFD(fds[i].lpoll_socketarg);
     }
     pds[i].in_flags = pds[i].out_flags = 0;
     if (fds[i].lpoll_fd >= 0) {
-      for (j = 0; j < PRLDAP_EVENTMAP_ENTRIES; ++j) {
+      for (j = 0; (unsigned)j < PRLDAP_EVENTMAP_ENTRIES; ++j) {
         if ((fds[i].lpoll_events & prldap_eventmap[j].evm_ldap) != 0) {
           pds[i].in_flags |= prldap_eventmap[j].evm_nspr;
         }
       }
     }
     fds[i].lpoll_revents = 0; /* clear revents */
   }
 
   /* call PR_Poll() to do the real work */
   rc = PR_Poll(pds, nfds,
                prldap_timeout2it(timeout, prsessp->prsess_io_max_timeout));
 
   /* populate LDAP info. based on NSPR results */
   for (i = 0; i < nfds; ++i) {
     if (pds[i].fd != NULL) {
-      for (j = 0; j < PRLDAP_EVENTMAP_ENTRIES; ++j) {
+      for (j = 0; (unsigned)j < PRLDAP_EVENTMAP_ENTRIES; ++j) {
         if ((pds[i].out_flags & prldap_eventmap[j].evm_nspr) != 0) {
           fds[i].lpoll_revents |= prldap_eventmap[j].evm_ldap;
         }
       }
     }
   }
 
   return (rc);