@@ -213,7 +213,7 @@ static int mspack_fmap_seek(struct mspack_file *file, off_t offset, int mode)

 			cli_dbgmsg("%s() err %d\n", __func__, __LINE__);

 			return -1;

 		}

-		if (new_pos < 0 || new_pos > mspack_handle->fmap->len) {

+		if (new_pos < 0 || new_pos > (off_t)mspack_handle->fmap->len) {

 			cli_dbgmsg("%s() err %d\n", __func__, __LINE__);

 			return -1;

 		}

@@ -255,10 +255,12 @@ static off_t mspack_fmap_tell(struct mspack_file *file)

 static void mspack_fmap_message(struct mspack_file *file, const char *fmt, ...)

 {

+	UNUSEDPARAM(file);

 	cli_dbgmsg("%s() %s\n", __func__, fmt);

 }

 static void *mspack_fmap_alloc(struct mspack_system *self, size_t num)

 {

+	UNUSEDPARAM(self);

 	return malloc(num);

 }

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

+ *  Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

  *  Copyright (C) 2007-2008 Sourcefire, Inc.

  *

  *  Authors: Michal 'GiM' Spadlinski

@@ -783,7 +783,7 @@ uint32_t lzma_upack_esi_54(struct lzmastate *p, uint32_t old_eax, uint32_t *old_

 }

-int unmew11(char *src, int off, int ssize, int dsize, uint32_t base, uint32_t vadd, int uselzma, int filedesc)

+int unmew11(char *src, uint32_t off, uint32_t ssize, uint32_t dsize, uint32_t base, uint32_t vadd, int uselzma, int filedesc)

 {

 	uint32_t entry_point, newedi, loc_ds=dsize, loc_ss=ssize;

 	char *source = src + dsize + off;

@@ -863,7 +863,7 @@ int unmew11(char *src, int off, int ssize, int dsize, uint32_t base, uint32_t va

              * or, in other words, exceed the specified size of destination

              */

             if (section[i].raw + section[i].rsz > dsize) {

-                cli_dbgmsg("MEW: Section %i [%d, %d] exceeds destination size %d\n",

+                cli_dbgmsg("MEW: Section %i [%d, %d] exceeds destination size %u\n",

                            i, section[i].raw, section[i].raw+section[i].rsz, dsize);

                 free(section);

                 return -1;

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

+ *  Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

  *  Copyright (C) 2007-2008 Sourcefire, Inc.

  *

  *  Authors: Michal 'GiM' Spadlinski

@@ -38,6 +38,6 @@ int mew_lzma(char *, const char *, uint32_t, uint32_t, uint32_t);

 uint32_t lzma_upack_esi_00(struct lzmastate *, char *, char *, uint32_t);

 uint32_t lzma_upack_esi_50(struct lzmastate *, uint32_t, uint32_t, char **, char *, uint32_t *, char *, uint32_t);

 uint32_t lzma_upack_esi_54(struct lzmastate *, uint32_t, uint32_t *, char **, uint32_t *, char *, uint32_t);

-int unmew11(char *, int, int, int, uint32_t, uint32_t, int, int);

+int unmew11(char *, uint32_t, uint32_t, uint32_t, uint32_t, uint32_t, int, int);

 #endif

@@ -559,67 +559,66 @@ struct unaligned_ptr {

 #endif

 #if WORDS_BIGENDIAN == 0

-

-/* Little endian */

-#define le16_to_host(v)	(v)

-#define le32_to_host(v)	(v)

-#define le64_to_host(v)	(v)

-#define	be16_to_host(v)	cbswap16(v)

-#define	be32_to_host(v)	cbswap32(v)

-#define be64_to_host(v) cbswap64(v)

-#define cli_readint64(buff) (((const union unaligned_64 *)(buff))->una_s64)

-#define cli_readint32(buff) (((const union unaligned_32 *)(buff))->una_s32)

-#define cli_readint16(buff) (((const union unaligned_16 *)(buff))->una_s16)

-#define cli_writeint32(offset, value) (((union unaligned_32 *)(offset))->una_u32=(uint32_t)(value))

+    /* Little endian */

+    #define le16_to_host(v)	(v)

+    #define le32_to_host(v)	(v)

+    #define le64_to_host(v)	(v)

+    #define	be16_to_host(v)	cbswap16(v)

+    #define	be32_to_host(v)	cbswap32(v)

+    #define be64_to_host(v) cbswap64(v)

+    #define cli_readint64(buff) (((const union unaligned_64 *)(buff))->una_s64)

+    #define cli_readint32(buff) (((const union unaligned_32 *)(buff))->una_s32)

+    #define cli_readint16(buff) (((const union unaligned_16 *)(buff))->una_s16)

+    #define cli_writeint32(offset, value) (((union unaligned_32 *)(offset))->una_u32=(uint32_t)(value))

 #else

-/* Big endian */

-#define	le16_to_host(v)	cbswap16(v)

-#define	le32_to_host(v)	cbswap32(v)

-#define le64_to_host(v) cbswap64(v)

-#define be16_to_host(v)	(v)

-#define be32_to_host(v)	(v)

-#define be64_to_host(v)	(v)

-

-static inline int32_t cli_readint64(const void *buff)

-{

-	int64_t ret;

-    ret = ((const char *)buff)[0] & 0xff;

-    ret |= (((const char *)buff)[1] & 0xff) << 8;

-    ret |= (((const char *)buff)[2] & 0xff) << 16;

-    ret |= (((const char *)buff)[3] & 0xff) << 24;

-

-    ret |= (((const char *)buff)[4] & 0xff) << 32;

-    ret |= (((const char *)buff)[5] & 0xff) << 40;

-    ret |= (((const char *)buff)[6] & 0xff) << 48;

-    ret |= (((const char *)buff)[7] & 0xff) << 56;

-    return ret;

-}

-

-static inline int32_t cli_readint32(const void *buff)

-{

-	int32_t ret;

-    ret = ((const char *)buff)[0] & 0xff;

-    ret |= (((const char *)buff)[1] & 0xff) << 8;

-    ret |= (((const char *)buff)[2] & 0xff) << 16;

-    ret |= (((const char *)buff)[3] & 0xff) << 24;

-    return ret;

-}

-

-static inline int16_t cli_readint16(const void *buff)

-{

-	int16_t ret;

-    ret = ((const char *)buff)[0] & 0xff;

-    ret |= (((const char *)buff)[1] & 0xff) << 8;

-    return ret;

-}

-

-static inline void cli_writeint32(void *offset, uint32_t value)

-{

-    ((char *)offset)[0] = value & 0xff;

-    ((char *)offset)[1] = (value & 0xff00) >> 8;

-    ((char *)offset)[2] = (value & 0xff0000) >> 16;

-    ((char *)offset)[3] = (value & 0xff000000) >> 24;

-}

+    /* Big endian */

+    #define	le16_to_host(v)	cbswap16(v)

+    #define	le32_to_host(v)	cbswap32(v)

+    #define le64_to_host(v) cbswap64(v)

+    #define be16_to_host(v)	(v)

+    #define be32_to_host(v)	(v)

+    #define be64_to_host(v)	(v)

+

+    static inline int32_t cli_readint64(const void *buff)

+    {

+        int64_t ret;

+        ret = ((const char *)buff)[0] & 0xff;

+        ret |= (((const char *)buff)[1] & 0xff) << 8;

+        ret |= (((const char *)buff)[2] & 0xff) << 16;

+        ret |= (((const char *)buff)[3] & 0xff) << 24;

+

+        ret |= (((const char *)buff)[4] & 0xff) << 32;

+        ret |= (((const char *)buff)[5] & 0xff) << 40;

+        ret |= (((const char *)buff)[6] & 0xff) << 48;

+        ret |= (((const char *)buff)[7] & 0xff) << 56;

+        return ret;

+    }

+

+    static inline int32_t cli_readint32(const void *buff)

+    {

+        int32_t ret;

+        ret = ((const char *)buff)[0] & 0xff;

+        ret |= (((const char *)buff)[1] & 0xff) << 8;

+        ret |= (((const char *)buff)[2] & 0xff) << 16;

+        ret |= (((const char *)buff)[3] & 0xff) << 24;

+        return ret;

+    }

+

+    static inline int16_t cli_readint16(const void *buff)

+    {

+        int16_t ret;

+        ret = ((const char *)buff)[0] & 0xff;

+        ret |= (((const char *)buff)[1] & 0xff) << 8;

+        return ret;

+    }

+

+    static inline void cli_writeint32(void *offset, uint32_t value)

+    {

+        ((char *)offset)[0] = value & 0xff;

+        ((char *)offset)[1] = (value & 0xff00) >> 8;

+        ((char *)offset)[2] = (value & 0xff0000) >> 16;

+        ((char *)offset)[3] = (value & 0xff000000) >> 24;

+    }

 #endif

 int cli_append_virus(cli_ctx *ctx, const char *virname);

@@ -146,14 +146,14 @@ static int xrefCheck(const char *xref, const char *eof)

 }

 /* define this to be noisy about things that we can't parse properly */

-/*#define NOISY*/

+#define NOISY

 #ifdef NOISY

 #define noisy_msg(pdf, ...) cli_infomsg(pdf->ctx, __VA_ARGS__)

-#define noisy_warnmsg cli_warnmsg

+#define noisy_warnmsg(...) cli_warnmsg(__VA_ARGS__)

 #else

-#define noisy_msg (void)

-#define noisy_warnmsg (void)

+#define noisy_msg(pdf, ...)

+#define noisy_warnmsg(...)

 #endif

 static const char *findNextNonWSBack(const char *q, const char *start)

@@ -291,16 +291,16 @@ int pdf_findobj(struct pdf_struct *pdf)

     return 1;/* truncated */

 }

-static int filter_writen(struct pdf_struct *pdf, struct pdf_obj *obj, int fout, const char *buf, off_t len, off_t *sum)

+static size_t filter_writen(struct pdf_struct *pdf, struct pdf_obj *obj, int fout, const char *buf, size_t len, size_t *sum)

 {

     UNUSEDPARAM(obj);

-    if (cli_checklimits("pdf", pdf->ctx, *sum, 0, 0))

+    if (cli_checklimits("pdf", pdf->ctx, (unsigned long)*sum, 0, 0)) /* TODO: May truncate for large values on 64-bit platforms */

         return len; /* pretend it was a successful write to suppress CL_EWRITE */

     *sum += len;

-    return cli_writen(fout, buf, len);

+    return cli_writen(fout, buf, (unsigned int)len);

 }

 void pdfobj_flag(struct pdf_struct *pdf, struct pdf_obj *obj, enum pdf_flag flag)

@@ -533,23 +533,23 @@ static int run_pdf_hooks(struct pdf_struct *pdf, enum pdf_phase phase, int fd, i

 static void dbg_printhex(const char *msg, const char *hex, unsigned len);

-static void aes_decrypt(const unsigned char *in, off_t *length, unsigned char *q, char *key, unsigned key_n, int has_iv)

+static void aes_decrypt(const unsigned char *in, size_t *length, unsigned char *q, char *key, unsigned key_n, int has_iv)

 {

     unsigned long rk[RKLENGTH(256)];

     unsigned char iv[16];

-    unsigned len = *length;

+    size_t len = *length;

     unsigned char pad, i;

     int nrounds;

-    cli_dbgmsg("cli_pdf: aes_decrypt: key length: %d, data length: %d\n", key_n, (int)*length);

+    cli_dbgmsg("cli_pdf: aes_decrypt: key length: %d, data length: %zu\n", key_n, *length);

     if (key_n > 32) {

         cli_dbgmsg("cli_pdf: aes_decrypt: key length is %d!\n", key_n*8);

         return;

     }

     if (len < 32) {

-        cli_dbgmsg("cli_pdf: aes_decrypt: len is <32: %d\n", len);

-        noisy_warnmsg("cli_pdf: aes_decrypt: len is <32: %d\n", len);

+        cli_dbgmsg("cli_pdf: aes_decrypt: len is <32: %zu\n", len);

+        noisy_warnmsg("cli_pdf: aes_decrypt: len is <32: %zu\n", len);

         return;

     }

@@ -587,8 +587,8 @@ static void aes_decrypt(const unsigned char *in, off_t *length, unsigned char *q

         pad = q[-1];

         if (pad > 0x10) {

-            cli_dbgmsg("cli_pdf: aes_decrypt: bad pad: %x (extra len: %d)\n", pad, len-16);

-            noisy_warnmsg("cli_pdf: aes_decrypt: bad pad: %x (extra len: %d)\n", pad, len-16);

+            cli_dbgmsg("cli_pdf: aes_decrypt: bad pad: %x (extra len: %zu)\n", pad, len-16);

+            noisy_warnmsg("cli_pdf: aes_decrypt: bad pad: %x (extra len: %zu)\n", pad, len-16);

             *length -= len;

             return;

         }

@@ -609,11 +609,11 @@ static void aes_decrypt(const unsigned char *in, off_t *length, unsigned char *q

     *length -= len;

-    cli_dbgmsg("cli_pdf: aes_decrypt: length is %d\n", (int)*length);

+    cli_dbgmsg("cli_pdf: aes_decrypt: length is %zu\n", *length);

 }

-char *decrypt_any(struct pdf_struct *pdf, uint32_t id, const char *in, off_t *length, enum enc_method enc_method)

+char *decrypt_any(struct pdf_struct *pdf, uint32_t id, const char *in, size_t *length, enum enc_method enc_method)

 {

     unsigned char *key, *q, result[16];

     unsigned n;

@@ -662,7 +662,7 @@ char *decrypt_any(struct pdf_struct *pdf, uint32_t id, const char *in, off_t *le

         cli_dbgmsg("cli_pdf: enc is v2\n");

         memcpy(q, in, *length);

         arc4_init(&arc4, result, n);

-        arc4_apply(&arc4, q, *length);

+        arc4_apply(&arc4, q, (unsigned)*length); /* TODO: may truncate for very large lengths */

         noisy_msg(pdf, "decrypted ARC4 data\n");

@@ -818,7 +818,7 @@ int pdf_extract_obj(struct pdf_struct *pdf, struct pdf_obj *obj, uint32_t flags)

 {

     char fullname[NAME_MAX + 1];

     int fout;

-    off_t sum = 0;

+    ptrdiff_t sum = 0;

     int rc = CL_SUCCESS;

     int dump = 1;

@@ -883,10 +883,10 @@ int pdf_extract_obj(struct pdf_struct *pdf, struct pdf_obj *obj, uint32_t flags)

                 orig_length = length;

                 if (length > pdf->size || obj->start + p_stream + length > pdf->size) {

-                    cli_dbgmsg("cli_pdf: length out of file: %ld + %ld > %ld\n",

-                           p_stream, length, pdf->size);

-                    noisy_warnmsg("length out of file, truncated: %ld + %ld > %ld\n",

-                           p_stream, length, pdf->size);

+                    cli_dbgmsg("cli_pdf: length out of file: %lld + %lld > %lld\n",

+                           (long long)p_stream, (long long)length, (long long)pdf->size);

+                    noisy_warnmsg("length out of file, truncated: %lld + %lld > %lld\n",

+                           (long long)p_stream, (long long)length, (long long)pdf->size);

                     length = pdf->size - (obj->start + p_stream);

                 }

@@ -961,7 +961,7 @@ int pdf_extract_obj(struct pdf_struct *pdf, struct pdf_obj *obj, uint32_t flags)

                         cli_dbgmsg("cli_pdf: failed to locate DecodeParms dictionary start\n");

                 }

-                sum = pdf_decodestream(pdf, obj, dparams, start + p_stream, length, xref, fout, &rc);

+                sum = pdf_decodestream(pdf, obj, dparams, start + p_stream, (uint32_t)length, xref, fout, &rc);

                 if (dparams)

                     pdf_free_dict(dparams);

@@ -985,7 +985,7 @@ int pdf_extract_obj(struct pdf_struct *pdf, struct pdf_obj *obj, uint32_t flags)

             do {

                 char *js = NULL;

-                off_t js_len = 0;

+                size_t js_len = 0;

                 const char *q3;

                 q2 = cli_memstr(q, bytesleft, "/JavaScript", 11);

@@ -1005,8 +1005,7 @@ int pdf_extract_obj(struct pdf_struct *pdf, struct pdf_obj *obj, uint32_t flags)

                     js_len = strlen(js);

                     if (pdf->flags & (1 << DECRYPTABLE_PDF)) {

                         cli_dbgmsg("cli_pdf: encrypted string\n");

-                        decrypted = decrypt_any(pdf, obj->id, js, &js_len,

-                        pdf->enc_method_string);

+                        decrypted = decrypt_any(pdf, obj->id, js, &js_len, pdf->enc_method_string);

                         if (decrypted) {

                             noisy_msg(pdf, "decrypted Javascript string from obj %u %u\n", obj->id>>8,obj->id&0xff);

@@ -1014,7 +1013,7 @@ int pdf_extract_obj(struct pdf_struct *pdf, struct pdf_obj *obj, uint32_t flags)

                         }

                     }

-                    if (filter_writen(pdf, obj, fout, out, js_len, &sum) != js_len) {

+                    if (filter_writen(pdf, obj, fout, out, js_len, (size_t*)&sum) != js_len) {

                         rc = CL_EWRITE;

                                 free(js);

                         break;

@@ -1039,7 +1038,7 @@ int pdf_extract_obj(struct pdf_struct *pdf, struct pdf_obj *obj, uint32_t flags)

                         if (q2 > q) {

                             q--;

-                            filter_writen(pdf, obj, fout, q, q2 - q, &sum);

+                            filter_writen(pdf, obj, fout, q, q2 - q, (size_t*)&sum);

                             q++;

                         }

                     }

@@ -1051,7 +1050,7 @@ int pdf_extract_obj(struct pdf_struct *pdf, struct pdf_obj *obj, uint32_t flags)

             if (bytesleft < 0)

                 rc = CL_EFORMAT;

-            else if (filter_writen(pdf, obj, fout , pdf->map + obj->start, bytesleft,&sum) != bytesleft)

+            else if (filter_writen(pdf, obj, fout , pdf->map + obj->start, bytesleft, (size_t*)&sum) != (size_t)bytesleft)

                 rc = CL_EWRITE;

         }

     } while (0);

@@ -1909,15 +1908,15 @@ static void check_user_password(struct pdf_struct *pdf, int R, const char *O,

         cl_sha256(U+32, 8, result2, NULL);

         dbg_printhex("Computed U", (const char *)result2, 32);

         if (!memcmp(result2, U, 32)) {

-            off_t n;

+            size_t UE_len;

             /* Algorithm 3.2a could be used to recover encryption key */

             password_empty = 1;

             cl_sha256(U+40, 8, result2, NULL);

-            n = UE ? strlen(UE) : 0;

-            if (n != 32) {

-                cli_dbgmsg("cli_pdf: UE length is not 32: %d\n", (int)n);

-                noisy_warnmsg("cli_pdf: UE length is not 32: %d\n", n);

+            UE_len = UE ? strlen(UE) : 0;

+            if (UE_len != 32) {

+                cli_dbgmsg("cli_pdf: UE length is not 32: %zu\n", UE_len);

+                noisy_warnmsg("cli_pdf: UE length is not 32: %zu\n", UE_len);

             } else {

                 pdf->keylen = 32;

                 pdf->key = cli_malloc(32);

@@ -1926,7 +1925,7 @@ static void check_user_password(struct pdf_struct *pdf, int R, const char *O,

                     return;

                 }

-                aes_decrypt((const unsigned char *)UE, &n, (unsigned char *)(pdf->key), (char *)result2, 32, 0);

+                aes_decrypt((const unsigned char *)UE, &UE_len, (unsigned char *)(pdf->key), (char *)result2, 32, 0);

                 dbg_printhex("cli_pdf: Candidate encryption key", pdf->key, pdf->keylen);

             }

         }

@@ -2206,7 +2205,7 @@ void pdf_handle_enc(struct pdf_struct *pdf)

             if (i != n) {

                 dbg_printhex("too long O", O, n);

-                noisy_warnmsg("too long O", O, n);

+                noisy_warnmsg("too long O: %u", n);

                 break;

             }

         }

@@ -2214,8 +2213,8 @@ void pdf_handle_enc(struct pdf_struct *pdf)

         n = 0;

         U = pdf_readstring(q, len, "/U", &n, NULL, 0);

         if (!U || n < oulen) {

-            cli_dbgmsg("cli_pdf: invalid U: %d\n", n);

-            noisy_warnmsg("cli_pdf: invalid U: %d\n", n);

+            cli_dbgmsg("cli_pdf: invalid U: %u\n", n);

+            noisy_warnmsg("cli_pdf: invalid U: %u\n", n);

             if (U)

                 dbg_printhex("invalid U", U, n);

@@ -2233,7 +2232,7 @@ void pdf_handle_enc(struct pdf_struct *pdf)

             }

         }

-        cli_dbgmsg("cli_pdf: Encrypt R: %d, P %x, length: %d\n", R, P, length);

+        cli_dbgmsg("cli_pdf: Encrypt R: %d, P %x, length: %u\n", R, P, length);

         if (length % 8) {

             cli_dbgmsg("cli_pdf: wrong key length, not multiple of 8\n");

             noisy_warnmsg("cli_pdf: wrong key length, not multiple of 8\n");

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2015 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

+ *  Copyright (C) 2015, 2017 Cisco Systems, Inc. and/or its affiliates. All rights reserved.

  *  Copyright (C) 2007-2013 Sourcefire, Inc.

  *

  *  Authors: Nigel Horne

@@ -160,7 +160,7 @@ int pdf_findobj(struct pdf_struct *pdf);

 struct pdf_obj *find_obj(struct pdf_struct *pdf, struct pdf_obj *obj, uint32_t objid);

 void pdf_handle_enc(struct pdf_struct *pdf);

-char *decrypt_any(struct pdf_struct *pdf, uint32_t id, const char *in, off_t *length, enum enc_method enc_method);

+char *decrypt_any(struct pdf_struct *pdf, uint32_t id, const char *in, size_t *length, enum enc_method enc_method);

 enum enc_method get_enc_method(struct pdf_struct *pdf, struct pdf_obj *obj);

 enum enc_method parse_enc_method(const char *dict, unsigned len, const char *key, enum enc_method def);

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2016 Cisco and/or its affiliates. All rights reserved.

+ *  Copyright (C) 2016-2017 Cisco and/or its affiliates. All rights reserved.

  *

  *  Author: Kevin Lin

  *

@@ -71,7 +71,7 @@ struct pdf_token {

     uint32_t flags;    /* tracking flags */

     uint32_t success;  /* successfully decoded filters */

-    uint32_t length;   /* length of current content */

+    uint32_t length;   /* length of current content */ /* TODO: transition to size_t */

     uint8_t *content;  /* content stream */

 };

@@ -85,10 +85,10 @@ static  int filter_asciihexdecode(struct pdf_struct *pdf, struct pdf_obj *obj, s

 static  int filter_decrypt(struct pdf_struct *pdf, struct pdf_obj *obj, struct pdf_dict *params, struct pdf_token *token, int mode);

 static  int filter_lzwdecode(struct pdf_struct *pdf, struct pdf_obj *obj, struct pdf_dict *params, struct pdf_token *token);

-off_t pdf_decodestream(struct pdf_struct *pdf, struct pdf_obj *obj, struct pdf_dict *params, const char *stream, uint32_t streamlen, int xref, int fout, int *rc)

+ptrdiff_t pdf_decodestream(struct pdf_struct *pdf, struct pdf_obj *obj, struct pdf_dict *params, const char *stream, uint32_t streamlen, int xref, int fout, int *rc)

 {

     struct pdf_token *token;

-    off_t rv;

+    ptrdiff_t rv;

     if (!stream || !streamlen || fout < 0) {

         cli_dbgmsg("cli_pdf: no filters or stream on obj %u %u\n", obj->id>>8, obj->id&0xff);

@@ -127,7 +127,7 @@ off_t pdf_decodestream(struct pdf_struct *pdf, struct pdf_obj *obj, struct pdf_d

     cli_dbgmsg("cli_pdf: detected %lu applied filters\n", (long unsigned)(obj->numfilters));

-    rv = pdf_decodestream_internal(pdf, obj, params, token);

+    rv = (ptrdiff_t)pdf_decodestream_internal(pdf, obj, params, token);

     /* return is generally ignored */

     if (rc) {

         if (rv == CL_VIRUS)

@@ -727,7 +727,7 @@ static int filter_asciihexdecode(struct pdf_struct *pdf, struct pdf_obj *obj, st

 static int filter_decrypt(struct pdf_struct *pdf, struct pdf_obj *obj, struct pdf_dict *params, struct pdf_token *token, int mode)

 {

     char *decrypted;

-    off_t length = token->length;

+    size_t length = (size_t)token->length;

     enum enc_method enc = ENC_IDENTITY;

     if (mode)

@@ -758,8 +758,8 @@ static int filter_decrypt(struct pdf_struct *pdf, struct pdf_obj *obj, struct pd

         return CL_EPARSE; /* TODO: what should this value be? CL_SUCCESS would mirror previous behavior */

     }

-    cli_dbgmsg("cli_pdf: decrypted %lld bytes from %lu total bytes\n",

-               (long long int)length, (long unsigned)token->length);

+    cli_dbgmsg("cli_pdf: decrypted %zu bytes from %u total bytes\n",

+               length, token->length);

     free(token->content);

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2016 Cisco and/or its affiliates. All rights reserved.

+ *  Copyright (C) 2016-2017 Cisco and/or its affiliates. All rights reserved.

  *

  *  Author: Kevin Lin

  *

@@ -36,6 +36,6 @@

 #include "pdf.h"

-off_t pdf_decodestream(struct pdf_struct *pdf, struct pdf_obj *obj, struct pdf_dict *params, const char *stream, uint32_t streamlen, int xref, int fout, int *rc);

+ptrdiff_t pdf_decodestream(struct pdf_struct *pdf, struct pdf_obj *obj, struct pdf_dict *params, const char *stream, uint32_t streamlen, int xref, int fout, int *rc);

 #endif /* __PDFDECODE_H__ */

@@ -1,5 +1,5 @@

 /*

- *  Copyright (C) 2014 Cisco and/or its affiliates. All rights reserved.

+ *  Copyright (C) 2014, 2017 Cisco and/or its affiliates. All rights reserved.

  *

  *  Author: Shawn Webb

  *

@@ -226,7 +226,7 @@ int is_object_reference(char *begin, char **endchar, uint32_t *id)

     return 0;

 }

-static char *pdf_decrypt_string(struct pdf_struct *pdf, struct pdf_obj *obj, const char *in, off_t *length)

+static char *pdf_decrypt_string(struct pdf_struct *pdf, struct pdf_obj *obj, const char *in, size_t *length)

 {

     enum enc_method enc;

@@ -242,8 +242,8 @@ static char *pdf_decrypt_string(struct pdf_struct *pdf, struct pdf_obj *obj, con

 char *pdf_finalize_string(struct pdf_struct *pdf, struct pdf_obj *obj, const char *in, size_t len)

 {

     char *wrkstr, *output = NULL;

-    size_t wrklen = len, outlen;

-    unsigned int i, likelyutf = 0;

+    size_t wrklen = len, outlen, i;

+    unsigned int likelyutf = 0;

     if (!in)

         return NULL;

@@ -336,9 +336,9 @@ char *pdf_finalize_string(struct pdf_struct *pdf, struct pdf_obj *obj, const cha

     /* check for encryption and decrypt */

     if (pdf->flags & (1 << ENCRYPTED_PDF))

     {

-        off_t tmpsz = (off_t)wrklen;

+        size_t tmpsz = wrklen;

         output = pdf_decrypt_string(pdf, obj, wrkstr, &tmpsz);

-        outlen = (size_t)tmpsz;

+        outlen = tmpsz;

         free(wrkstr);

         if (output) {

             wrkstr = cli_calloc(outlen+1, sizeof(char));