@@ -15,10 +15,13 @@

 struct mscab_compressor *

   mspack_create_cab_compressor(struct mspack_system *sys)

 {

+  (void) sys;

   /* todo */

   return NULL;

 }

 void mspack_destroy_cab_compressor(struct mscab_compressor *self) {

+  (void) self;

   /* todo */

+  return;

 }

@@ -15,10 +15,13 @@

 struct mschm_compressor *

   mspack_create_chm_compressor(struct mspack_system *sys)

 {

+  (void) sys;

   /* todo */

   return NULL;

 }

 void mspack_destroy_chm_compressor(struct mschm_compressor *self) {

+  (void) self;

   /* todo */

+  return;

 }

@@ -1371,16 +1371,22 @@ static int chmd_error(struct mschm_decompressor *base) {

  * are accepted, offsets beyond that cause an error message.

  */

 static int read_off64(off_t *var, unsigned char *mem,

-		      struct mspack_system *sys, struct mspack_file *fh)

+                      struct mspack_system *sys, struct mspack_file *fh)

 {

+  (void) sys;

+

 #ifdef LARGEFILE_SUPPORT

-    *var = EndGetI64(mem);

+  (void) fh;

+

+  *var = EndGetI64(mem);

 #else

-    *var = EndGetI32(mem);

-    if ((*var & 0x80000000) || EndGetI32(mem+4)) {

-	sys->message(fh, (char *)largefile_msg);

-	return 1;

-    }

+  *var = EndGetI32(mem);

+

+  if ((*var & 0x80000000) || EndGetI32(mem + 4))

+  {

+    sys->message(fh, (char *)largefile_msg);

+    return 1;

+  }

 #endif

-    return 0;

+  return 0;

 }

@@ -15,10 +15,13 @@

 struct mshlp_compressor *

   mspack_create_hlp_compressor(struct mspack_system *sys)

 {

+  (void) sys;

   /* todo */

   return NULL;

 }

 void mspack_destroy_hlp_compressor(struct mshlp_compressor *self) {

+  (void) self;

   /* todo */

+  return;

 }

@@ -15,10 +15,13 @@

 struct mshlp_decompressor *

   mspack_create_hlp_decompressor(struct mspack_system *sys)

 {

+  (void) sys;

   /* todo */

   return NULL;

 }

 void mspack_destroy_hlp_decompressor(struct mshlp_decompressor *self) {

+  (void) self;

   /* todo */

+  return;

 }

@@ -15,10 +15,13 @@

 struct mskwaj_compressor *

   mspack_create_kwaj_compressor(struct mspack_system *sys)

 {

+  (void) sys;

   /* todo */

   return NULL;

 }

 void mspack_destroy_kwaj_compressor(struct mskwaj_compressor *self) {

+  (void) self;

   /* todo */

+  return;

 }

@@ -15,10 +15,13 @@

 struct mslit_compressor *

   mspack_create_lit_compressor(struct mspack_system *sys)

 {

+  (void) sys;

   /* todo */

   return NULL;

 }

 void mspack_destroy_lit_compressor(struct mslit_compressor *self) {

+  (void) self;

   /* todo */

+  return;

 }

@@ -15,10 +15,13 @@

 struct mslit_decompressor *

   mspack_create_lit_decompressor(struct mspack_system *sys)

 {

+  (void) sys;

   /* todo */

   return NULL;

 }

 void mspack_destroy_lit_decompressor(struct mslit_decompressor *self) {

+  (void) self;

   /* todo */

+  return;

 }

@@ -15,10 +15,13 @@

 struct msoab_compressor *

   mspack_create_oab_compressor(struct mspack_system *sys)

 {

+  (void) sys;

   /* todo */

   return NULL;

 }

 void mspack_destroy_oab_compressor(struct msoab_compressor *self) {

+  (void) self;

   /* todo */

+  return;

 }

@@ -118,6 +118,8 @@ static struct mspack_file *msp_open(struct mspack_system *self,

   struct mspack_file_p *fh;

   const char *fmode;

+  (void) self;

+

   switch (mode) {

   case MSPACK_SYS_OPEN_READ:   fmode = "rb";  break;

   case MSPACK_SYS_OPEN_WRITE:  fmode = "wb";  break;

@@ -201,10 +203,12 @@ static void *msp_alloc(struct mspack_system *self, size_t bytes) {

 #ifdef DEBUG

   /* make uninitialised data obvious */

   char *buf = malloc(bytes + 8);

+  (void) self;

   if (buf) memset(buf, 0xDC, bytes);

   *((size_t *)buf) = bytes;

   return &buf[8];

 #else

+  (void) self;

   return malloc(bytes);

 #endif

 }

@@ -15,10 +15,13 @@

 struct msszdd_compressor *

   mspack_create_szdd_compressor(struct mspack_system *sys)

 {

+  (void) sys;

   /* todo */

   return NULL;

 }

 void mspack_destroy_szdd_compressor(struct msszdd_compressor *self) {

+  (void) self;

   /* todo */

+  return;

 }

@@ -307,7 +307,6 @@ static int cli_ac_addpatt_recursive(struct cli_matcher *root, struct cli_ac_patt

 int cli_ac_addpatt(struct cli_matcher *root, struct cli_ac_patt *pattern)

 {

-    struct cli_ac_node *pt;

     struct cli_ac_patt **newtable;

     uint16_t len = MIN(root->ac_maxdepth, pattern->length[0]);

     uint8_t i;

@@ -1275,7 +1274,7 @@ int cli_ac_initdata(struct cli_ac_data *data, uint32_t partsigs, uint32_t lsigs,

     data->partsigs = partsigs;

     if(partsigs) {

-        data->offmatrix = (int32_t ***) cli_calloc(partsigs, sizeof(int32_t **));

+        data->offmatrix = (uint32_t ***) cli_calloc(partsigs, sizeof(uint32_t **));

         if(!data->offmatrix) {

             cli_errmsg("cli_ac_init: Can't allocate memory for data->offmatrix\n");

@@ -1529,7 +1528,6 @@ int lsig_sub_matched(const struct cli_matcher *root, struct cli_ac_data *mdata,

     }

     if (ac_lsig->type & CLI_YARA_OFFSET && realoff != CLI_OFF_NONE) {

-        uint32_t * offs;

         struct cli_subsig_matches * ss_matches;

         struct cli_lsig_matches * ls_matches;

         cli_dbgmsg("lsig_sub_matched lsig %u:%u at %u\n", lsigid1, lsigid2, realoff);

@@ -1624,7 +1622,19 @@ int cli_ac_chkmacro(struct cli_matcher *root, struct cli_ac_data *data, unsigned

 }

-int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **virname, void **customdata, struct cli_ac_result **res, const struct cli_matcher *root, struct cli_ac_data *mdata, uint32_t offset, cli_file_t ftype, struct cli_matched_type **ftoffset, unsigned int mode, cli_ctx *ctx)

+int cli_ac_scanbuff(

+    const unsigned char *buffer, 

+    uint32_t length, 

+    const char **virname, 

+    void **customdata, 

+    struct cli_ac_result **res, 

+    const struct cli_matcher *root, 

+    struct cli_ac_data *mdata, 

+    uint32_t offset, 

+    cli_file_t ftype, 

+    struct cli_matched_type **ftoffset, 

+    unsigned int mode, 

+    cli_ctx *ctx)

 {

     struct cli_ac_node *current;

     struct cli_ac_list *pattN, *ptN;

@@ -1632,7 +1642,7 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v

     uint32_t i, bp, exptoff[2], realoff, matchstart, matchend;

     uint16_t j;

     uint8_t found, viruses_found = 0;

-    int32_t **offmatrix, swp;

+    uint32_t **offmatrix, swp;

     int type = CL_CLEAN;

     struct cli_ac_result *newres;

     int rc;

@@ -1741,14 +1751,14 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v

                                     return CL_EMEM;

                                 }

-                                mdata->offmatrix[pt->sigid - 1][0] = cli_malloc(pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(int32_t));

+                                mdata->offmatrix[pt->sigid - 1][0] = cli_malloc(pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(uint32_t));

                                 if(!mdata->offmatrix[pt->sigid - 1][0]) {

                                     cli_errmsg("cli_ac_scanbuff: Can't allocate memory for mdata->offmatrix[%u][0]\n", pt->sigid - 1);

                                     free(mdata->offmatrix[pt->sigid - 1]);

                                     mdata->offmatrix[pt->sigid - 1] = NULL;

                                     return CL_EMEM;

                                 }

-                                memset(mdata->offmatrix[pt->sigid - 1][0], -1, pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(int32_t));

+                                memset(mdata->offmatrix[pt->sigid - 1][0], (uint32_t)-1, pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(uint32_t));

                                 mdata->offmatrix[pt->sigid - 1][0][0] = 0;

                                 for(j = 1; j < pt->parts; j++) {

                                     mdata->offmatrix[pt->sigid - 1][j] = mdata->offmatrix[pt->sigid - 1][0] + j * (CLI_DEFAULT_AC_TRACKLEN + 2);

@@ -1759,7 +1769,7 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v

                             found = 0;

                             if(pt->partno != 1) {

-                                for(j = 1; j <= CLI_DEFAULT_AC_TRACKLEN + 1 && offmatrix[pt->partno - 2][j] != -1; j++) {

+                                for(j = 1; j <= CLI_DEFAULT_AC_TRACKLEN + 1 && offmatrix[pt->partno - 2][j] != (uint32_t)-1; j++) {

                                     found = j;

                                     if(realoff < offmatrix[pt->partno - 2][j])

                                         found = 0;

@@ -1810,12 +1820,12 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v

                                             /* FIXME: the first offset in the array is most likely the correct one but

                                              * it may happen it is not

                                              */

-                                            for(j = 1; j <= CLI_DEFAULT_AC_TRACKLEN + 1 && offmatrix[0][j] != -1; j++)

+                                            for(j = 1; j <= CLI_DEFAULT_AC_TRACKLEN + 1 && offmatrix[0][j] != (uint32_t)-1; j++)

                                                 if(ac_addtype(ftoffset, type, offmatrix[pt->parts - 1][j], ctx))

                                                     return CL_EMEM;

                                         }

-                                        memset(offmatrix[0], -1, pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(int32_t));

+                                        memset(offmatrix[0], (uint32_t)-1, pt->parts * (CLI_DEFAULT_AC_TRACKLEN + 2) * sizeof(uint32_t));

                                         for(j = 0; j < pt->parts; j++)

                                             offmatrix[j][0] = 0;

                                     }

@@ -1838,7 +1848,7 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v

                                         newres->virname = pt->virname;

                                         newres->customdata = pt->customdata;

                                         newres->next = *res;

-                                        newres->offset = offmatrix[pt->parts - 1][1];

+                                        newres->offset = (off_t)offmatrix[pt->parts - 1][1];

                                         *res = newres;

                                         ptN = ptN->next_same;

@@ -1892,7 +1902,7 @@ int cli_ac_scanbuff(const unsigned char *buffer, uint32_t length, const char **v

                                     }

                                     newres->virname = pt->virname;

                                     newres->customdata = pt->customdata;

-                                    newres->offset = realoff;

+                                    newres->offset = (off_t)realoff;

                                     newres->next = *res;

                                     *res = newres;

@@ -1946,7 +1956,8 @@ static int qcompare_fstr(const void *arg, const void *a, const void *b)

 /* returns if level of nesting, end set to MATCHING paren, start AFTER staring paren */

 inline static int find_paren_end(char *hexstr, char **end)

 {

-    int i, nest = 0, level = 0;

+    unsigned long i;

+    int nest = 0, level = 0;

     *end = NULL;

     for (i = 0; i < strlen(hexstr); i++) {

@@ -1970,7 +1981,8 @@ inline static int find_paren_end(char *hexstr, char **end)

  * counts applied to start of expr (not end, i.e. numexpr starts at 1 for the first expr     */

 inline static int ac_analyze_expr(char *hexstr, int *fixed_len, int *sub_len)

 {

-    int i, level = 0, len = 0, numexpr = 1;

+    unsigned long i;

+    int level = 0, len = 0, numexpr = 1;

     int flen, slen;

     flen = 1;

@@ -2026,7 +2038,7 @@ inline static int ac_analyze_expr(char *hexstr, int *fixed_len, int *sub_len)

 inline static int ac_uicmp(uint16_t *a, size_t alen, uint16_t *b, size_t blen, int *wild)

 {

-    uint16_t cmp, awild, bwild, side_wild;

+    uint16_t awild, bwild, side_wild;

     size_t i, minlen = MIN(alen, blen);

     side_wild = 0;

@@ -2404,7 +2416,7 @@ int cli_ac_addsig(struct cli_matcher *root, const char *virname, const char *hex

     char *pt, *pt2, *hex = NULL, *hexcpy = NULL;

     uint16_t i, j, ppos = 0, pend, *dec, nzpos = 0;

     uint8_t wprefix = 0, zprefix = 1, plen = 0, nzplen = 0;

-    struct cli_ac_special *newspecial, *specialpt, **newtable;

+    struct cli_ac_special *newspecial, **newtable;

     int ret, error = CL_SUCCESS;

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

+ *  Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

  *  Copyright (C) 2007-2009 Sourcefire, Inc.

  *

  *  Authors: Tomasz Kojm

@@ -57,7 +57,7 @@ struct cli_lsig_matches {

 };

 struct cli_ac_data {

-    int32_t ***offmatrix;

+    uint32_t ***offmatrix;

     uint32_t partsigs, lsigs, reloffsigs;

     uint32_t **lsigcnt;

     uint32_t **lsigsuboff_last, **lsigsuboff_first;

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

+ *  Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

  *  Copyright (C) 2007-2013 Sourcefire, Inc.

  *  All Rights Reserved.

  *

@@ -802,8 +802,11 @@ static int yara_eval(cli_ctx *ctx, struct cli_matcher *root, struct cli_ac_data

 {

     struct cli_ac_lsig *ac_lsig = root->ac_lsigtable[lsid];

     int rc;

-    YR_SCAN_CONTEXT context = {0};

+    YR_SCAN_CONTEXT context;

+

+    (void)hash;

+    memset(&context, 0, sizeof(YR_SCAN_CONTEXT));

     context.fmap = *ctx->fmap;

     context.file_size = (*ctx->fmap)->len;

     if (target_info != NULL) {

@@ -852,9 +855,9 @@ int cli_exp_eval(cli_ctx *ctx, struct cli_matcher *root, struct cli_ac_data *acd

 int cli_fmap_scandesc(cli_ctx *ctx, cli_file_t ftype, uint8_t ftonly, struct cli_matched_type **ftoffset, unsigned int acmode, struct cli_ac_result **acres, unsigned char *refhash)

 {

     const unsigned char *buff;

-    int ret = CL_CLEAN, type = CL_CLEAN, bytes, compute_hash[CLI_HASH_AVAIL_TYPES];

+    int ret = CL_CLEAN, type = CL_CLEAN, compute_hash[CLI_HASH_AVAIL_TYPES];

     unsigned int i = 0, j = 0, bm_offmode = 0;

-    uint32_t maxpatlen, offset = 0;

+    uint32_t maxpatlen, bytes, offset = 0;

     struct cli_ac_data gdata, tdata;

     struct cli_bm_off toff;

     struct cli_pcre_off gpoff, tpoff;

@@ -1265,16 +1268,17 @@ int cli_matchmeta(cli_ctx *ctx, const char *fname, size_t fsizec, size_t fsizer,

 	if(cdb->res1 && (cdb->ctype == CL_TYPE_ZIP || cdb->ctype == CL_TYPE_RAR) && cdb->res1 != res1)

 	    continue;

-#define CDBRANGE(field, val)						    \

-	if(field[0] != CLI_OFF_ANY) {					    \

-	    if(field[0] == field[1] && field[0] != val)			    \

-		continue;						    \

-	    else if(field[0] != field[1] && ((field[0] && field[0] > val) ||\

-	      (field[1] && field[1] < val)))				    \

-		continue;						    \

-	}

+    #define CDBRANGE(field, val)                                              \

+        if (field[0] != CLI_OFF_ANY)                                          \

+        {                                                                     \

+            if (field[0] == field[1] && field[0] != val)                      \

+                continue;                                                     \

+            else if (field[0] != field[1] && ((field[0] && field[0] > val) || \

+                                            (field[1] && field[1] < val)))    \

+                continue;                                                     \

+        }

-	CDBRANGE(cdb->csize, cli_get_container_size(ctx, -1));

+    CDBRANGE(cdb->csize, cli_get_container_size(ctx, -1));

 	CDBRANGE(cdb->fsizec, fsizec);

 	CDBRANGE(cdb->fsizer, fsizer);

 	CDBRANGE(cdb->filepos, filepos);

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

+ *  Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

  *  Copyright (C) 2007-2013 Sourcefire, Inc.

  *

  *  Authors: Tomasz Kojm

@@ -143,18 +143,18 @@ struct cli_matcher {

 struct cli_cdb

 {

-    char	*virname;   /* virus name */

-    cli_file_t	ctype;	    /* container type */

-    regex_t	name;	    /* filename regex */

-    size_t	csize[2];   /* container size (min, max); if csize[0] != csize[1]

-			     * then value of 0 makes the field ignored

-			     */

-    size_t	fsizec[2];  /* file size in container */

-    size_t	fsizer[2];  /* real file size */

-    int		encrypted;  /* file is encrypted; 2 == ignore */

-    int		filepos[2]; /* file position in container */

-    int		res1;	    /* reserved / format specific */

-    void	*res2;	    /* reserved / format specific */

+    char	        *virname;   /* virus name */

+    cli_file_t	    ctype;	    /* container type */

+    regex_t	        name;	    /* filename regex */

+    size_t	        csize[2];   /* container size (min, max); if csize[0] != csize[1]

+			                     * then value of 0 makes the field ignored

+			                     */

+    size_t	        fsizec[2];  /* file size in container */

+    size_t	        fsizer[2];  /* real file size */

+    int		        encrypted;  /* file is encrypted; 2 == ignore */

+    unsigned int    filepos[2]; /* file position in container */

+    int		        res1;	    /* reserved / format specific */

+    void	        *res2;	    /* reserved / format specific */

     struct cli_cdb *next;

 };

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

+ *  Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

  *  Copyright (C) 2007-2010 Sourcefire, Inc.

  *

  *  Authors: Tomasz Kojm, Trog

@@ -1171,35 +1171,37 @@ void cli_set_container(cli_ctx *ctx, cli_file_t type, size_t size)

 cli_file_t cli_get_container(cli_ctx *ctx, int index)

 {

-    if (index < 0)

-	index = ctx->recursion + index + 1;

-    while (index >= 0 && index <= ctx->recursion) {

-        if (ctx->containers[index].flag & CONTAINER_FLAG_VALID)

-            return ctx->containers[index].type;

-        index--;

-    }

-    return CL_TYPE_ANY;

+	if (index < 0)

+		index = ctx->recursion + index + 1;

+	while (index >= 0 && index <= (int)ctx->recursion)

+	{

+		if (ctx->containers[index].flag & CONTAINER_FLAG_VALID)

+			return ctx->containers[index].type;

+		index--;

+	}

+	return CL_TYPE_ANY;

 }

 cli_file_t cli_get_container_intermediate(cli_ctx *ctx, int index)

 {

-   if (index < 0)

-	index = ctx->recursion + index + 1;

-    if (index >= 0 && index <= ctx->recursion)

-	return ctx->containers[index].type;

-    return CL_TYPE_ANY;

+	if (index < 0)

+		index = ctx->recursion + index + 1;

+	if (index >= 0 && index <= (int)ctx->recursion)

+		return ctx->containers[index].type;

+	return CL_TYPE_ANY;

 }

 size_t cli_get_container_size(cli_ctx *ctx, int index)

 {

-    if (index < 0)

-	index = ctx->recursion + index + 1;

-    while (index >= 0 && index <= ctx->recursion) {

-        if (ctx->containers[index].flag & CONTAINER_FLAG_VALID)

-            return ctx->containers[index].size;

-        index--;

-    }

-    return ctx->containers[0].size;

+	if (index < 0)

+		index = ctx->recursion + index + 1;

+	while (index >= 0 && index <= (int)ctx->recursion)

+	{

+		if (ctx->containers[index].flag & CONTAINER_FLAG_VALID)

+			return ctx->containers[index].size;

+		index--;

+	}

+	return ctx->containers[0].size;

 }

@@ -126,7 +126,8 @@ char *cli_virname(const char *virname, unsigned int official)

 int cli_sigopts_handler(struct cli_matcher *root, const char *virname, const char *hexsig, uint8_t sigopts, uint16_t rtype, uint16_t type, const char *offset, uint8_t target, const uint32_t *lsigid, unsigned int options)

 {

     char *hexcpy, *start, *end;

-    int i, ret = CL_SUCCESS;

+    unsigned int i;

+    int ret = CL_SUCCESS;

     /*

      * cyclic loops with cli_parse_add are impossible now as cli_parse_add 

@@ -303,7 +304,6 @@ int cli_parse_add(struct cli_matcher *root, const char *virname, const char *hex

     int ret, asterisk = 0, range;

     unsigned int i, j, hexlen, nest, parts = 0;

     int mindist = 0, maxdist = 0, error = 0;

-    size_t hexcpysz;

     hexlen = strlen(hexsig);

     if (hexsig[0] == '$') {

@@ -1820,7 +1820,7 @@ static int load_oneldb(char *buffer, int chkpua, struct cl_engine *engine, unsig

             sigopts = subtokens[3];

         if(sigopts) { /* signature modifiers */

-            for(j = 0; j < strlen(sigopts); j++)

+            for(j = 0; j < (int)strlen(sigopts); j++)

                 switch(sigopts[j]) {

                 case 'i':

                     subsig_opts |= ACPATT_OPTION_NOCASE;

@@ -2687,7 +2687,7 @@ static int cli_loadmd(FILE *fs, struct cl_engine *engine, unsigned int *signo, i

 	/* tokens[6] - not used */

-	new->filepos[0] = new->filepos[1] = strcmp(tokens[7], "*") ? atoi(tokens[7]) : (int) CLI_OFF_ANY;

+	new->filepos[0] = new->filepos[1] = strcmp(tokens[7], "*") ? (unsigned int) atoi(tokens[7]) : (unsigned int) CLI_OFF_ANY;

 	/* tokens[8] - not used */

@@ -2812,36 +2812,46 @@ static int cli_loadcdb(FILE *fs, struct cl_engine *engine, unsigned int *signo,

 	    break;

 	}

-#define CDBRANGE(token_str, dest)					    \

-	if(strcmp(token_str, "*")) {					    \

-	    if(strchr(token_str, '-')) {				    \

-		if(sscanf(token_str, "%u-%u", &n0, &n1) != 2) {		    \

-		    ret = CL_EMALFDB;					    \

-		} else {						    \

-		    dest[0] = n0;					    \

-		    dest[1] = n1;					    \

-		}							    \

-	    } else {							    \

-		if(!cli_isnumber(token_str))				    \

-		    ret = CL_EMALFDB;					    \

-		else							    \

-		    dest[0] = dest[1] = atoi(token_str);		    \

-	    }								    \

-	    if(ret != CL_SUCCESS) {					    \

-		cli_errmsg("cli_loadcdb: Invalid value %s in signature for %s\n",\

-		    token_str, tokens[0]);				    \

-		if(new->name.re_magic)					    \

-		    cli_regfree(&new->name);				    \

-		mpool_free(engine->mempool, new->virname);		    \

-		mpool_free(engine->mempool, new);			    \

-		ret = CL_EMEM;						    \

-		break;							    \

-	    }								    \

-	} else {							    \

-	    dest[0] = dest[1] = CLI_OFF_ANY;				    \

-	}

+    #define CDBRANGE(token_str, dest)                                             \

+        if (strcmp(token_str, "*"))                                               \

+        {                                                                         \

+            if (strchr(token_str, '-'))                                           \

+            {                                                                     \

+                if (sscanf(token_str, "%u-%u", &n0, &n1) != 2)                    \

+                {                                                                 \

+                    ret = CL_EMALFDB;                                             \

+                }                                                                 \

+                else                                                              \

+                {                                                                 \

+                    dest[0] = n0;                                                 \

+                    dest[1] = n1;                                                 \

+                }                                                                 \

+            }                                                                     \

+            else                                                                  \

+            {                                                                     \

+                if (!cli_isnumber(token_str))                                     \

+                    ret = CL_EMALFDB;                                             \

+                else                                                              \

+                    dest[0] = dest[1] = (unsigned int)atoi(token_str);            \

+            }                                                                     \

+            if (ret != CL_SUCCESS)                                                \

+            {                                                                     \

+                cli_errmsg("cli_loadcdb: Invalid value %s in signature for %s\n", \

+                        token_str, tokens[0]);                                    \

+                if (new->name.re_magic)                                           \

+                    cli_regfree(&new->name);                                      \

+                mpool_free(engine->mempool, new->virname);                        \

+                mpool_free(engine->mempool, new);                                 \

+                ret = CL_EMEM;                                                    \

+                break;                                                            \

+            }                                                                     \

+        }                                                                         \

+        else                                                                      \

+        {                                                                         \

+            dest[0] = dest[1] = CLI_OFF_ANY;                                      \

+        }

-	CDBRANGE(tokens[2], new->csize);

+    CDBRANGE(tokens[2], new->csize);

 	CDBRANGE(tokens[4], new->fsizec);

 	CDBRANGE(tokens[5], new->fsizer);

 	CDBRANGE(tokens[7], new->filepos);

@@ -3113,7 +3123,6 @@ static char *parse_yara_hex_string(YR_STRING *string, int *ret)

 {

     char *res, *str, *ovr;

     size_t slen, reslen=0, i, j;

-    int sqr = 0;

     if (!(string) || !(string->string)) {

         if (ret) *ret = CL_ENULLARG;

@@ -3242,6 +3251,7 @@ struct cli_ytable {

 static int32_t ytable_lookup(const char *hexsig)

 {

+    (void) hexsig;

     /* TODO - WRITE ME! */

     return -1;

 }

@@ -3249,7 +3259,6 @@ static int32_t ytable_lookup(const char *hexsig)

 static int ytable_add_attrib(struct cli_ytable *ytable, const char *hexsig, const char *value, int type)

 {

     int32_t lookup;

-    char **attrib;

     if (!ytable || !value)

         return CL_ENULLARG;

@@ -3349,7 +3358,7 @@ static int ytable_add_string(struct cli_ytable *ytable, const char *hexsig)

 static void ytable_delete(struct cli_ytable *ytable)

 {

-    uint32_t i;

+    int32_t i;

     if (!ytable)

         return;

@@ -3404,17 +3413,17 @@ static int load_oneyara(YR_RULE *rule, int chkpua, struct cl_engine *engine, uns

 {

     YR_STRING *string;

     struct cli_ytable ytable;

-    int str_error = 0, i = 0, ret = CL_SUCCESS;

+    size_t i;

+    int str_error = 0, ret = CL_SUCCESS;

     struct cli_lsig_tdb tdb;

     uint32_t lsigid[2];

     struct cli_matcher *root;

     struct cli_ac_lsig **newtable, *lsig, *tsig = NULL;

     unsigned short target = 0;

-    size_t lsize;

     char *logic = NULL, *target_str = NULL;

-    uint8_t has_short_string;

-    char *exp_op = "|";

     char *newident = NULL;

+    /* size_t lsize; */         // only used in commented out code

+    /* char *exp_op = "|"; */   // only used in commented out code

     cli_yaramsg("load_oneyara: attempting to load %s\n", rule->identifier);

@@ -3859,10 +3868,10 @@ static int load_oneyara(YR_RULE *rule, int chkpua, struct cl_engine *engine, uns

     tdb.subsigs = ytable.tbl_cnt;

     /*** loading step - put things into the AC trie ***/

-    for (i = 0; i < ytable.tbl_cnt; ++i) {

+    for (i = 0; i < (size_t)ytable.tbl_cnt; ++i) {

         lsigid[1] = i;

-        cli_yaramsg("%d: [%s] [%s] [%s%s%s%s]\n", i, ytable.table[i]->hexstr, ytable.table[i]->offset,

+        cli_yaramsg("%zu: [%s] [%s] [%s%s%s%s]\n", i, ytable.table[i]->hexstr, ytable.table[i]->offset,

                     (ytable.table[i]->sigopts & ACPATT_OPTION_NOCASE) ? "i" : "",

                     (ytable.table[i]->sigopts & ACPATT_OPTION_FULLWORD) ? "f" : "",

                     (ytable.table[i]->sigopts & ACPATT_OPTION_WIDE) ? "w" : "",

@@ -3972,7 +3981,7 @@ void cli_yara_free(struct cl_engine * engine)

 //TODO - pua? dbio?

 static int cli_loadyara(FILE *fs, struct cl_engine *engine, unsigned int *signo, unsigned int options, struct cli_dbio *dbio, const char *filename)

 {

-    YR_COMPILER compiler = {0};

+    YR_COMPILER compiler;

     YR_NAMESPACE ns;

     YR_RULE *rule;

     unsigned int sigs = 0, rules = 0, rule_errors = 0;

@@ -3983,6 +3992,8 @@ static int cli_loadyara(FILE *fs, struct cl_engine *engine, unsigned int *signo,

     if((rc = cli_initroots(engine, options)))

         return rc;

+    memset(&compiler, 0, sizeof(YR_COMPILER));

+

     compiler.last_result = ERROR_SUCCESS;

     STAILQ_INIT(&compiler.rule_q);

     STAILQ_INIT(&compiler.current_rule_string_q);

@@ -4095,7 +4106,7 @@ static int cli_loadpwdb(FILE *fs, struct cl_engine *engine, unsigned int options

     char *attribs;

     char buffer[FILEBUFF];

     unsigned int line = 0, skip = 0, pwcnt = 0, tokens_count;

-    struct cli_pwdb *new, *ins;

+    struct cli_pwdb *new;

     cl_pwdb_t container;

     struct cli_lsig_tdb tdb;

     int ret = CL_SUCCESS, pwstype;