@@ -387,13 +387,14 @@ size_t parse_slash(sfilter * sf)
387387 const size_t slen = sf -> slen ;
388388 size_t pos = sf -> pos ;
389389 const char * cur = cs + pos ;
390+ size_t inc = 0 ;
390391
391392 size_t pos1 = pos + 1 ;
392393 if (pos1 == slen || cs [pos1 ] != '*' ) {
393394 return parse_operator1 (sf );
394395 }
395396
396- size_t inc = is_mysql_comment (cs , slen , pos );
397+ inc = is_mysql_comment (cs , slen , pos );
397398 if (inc == 0 ) {
398399
399400 // skip over initial '/*'
@@ -446,12 +447,16 @@ size_t parse_operator2(sfilter * sf)
446447 stoken_t * current = & sf -> syntax_current ;
447448 const char * cs = sf -> s ;
448449 const size_t slen = sf -> slen ;
450+ char op2 [3 ];
449451 size_t pos = sf -> pos ;
450452
451453 if (pos + 1 >= slen ) {
452454 return parse_operator1 (sf );
453455 }
454- char op2 [3 ] = { cs [pos ], cs [pos + 1 ], CHAR_NULL };
456+
457+ op2 [0 ] = cs [pos ];
458+ op2 [1 ] = cs [pos + 1 ];
459+ op2 [2 ] = CHAR_NULL ;
455460
456461 // Special Hack for MYSQL style comments
457462 // instead of turning:
@@ -561,6 +566,7 @@ size_t parse_var(sfilter * sf)
561566 const char * cs = sf -> s ;
562567 const size_t slen = sf -> slen ;
563568 size_t pos = sf -> pos ;
569+ size_t xlen = 0 ;
564570
565571 size_t pos1 = pos + 1 ;
566572
@@ -569,9 +575,7 @@ size_t parse_var(sfilter * sf)
569575 pos1 += 1 ;
570576 }
571577
572- size_t xlen =
573- strlenspn (cs + pos1 , slen - pos1 ,
574- "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_.$" );
578+ xlen = strlenspn (cs + pos1 , slen - pos1 , "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_.$" );
575579 if (xlen == 0 ) {
576580 st_assign (current , 'v' , cs + pos , (pos1 - pos ));
577581 return pos1 ;
@@ -587,11 +591,12 @@ size_t parse_number(sfilter * sf)
587591 const char * cs = sf -> s ;
588592 const size_t slen = sf -> slen ;
589593 size_t pos = sf -> pos ;
594+ size_t xlen = 0 ;
595+ size_t start = 0 ;
590596
591597 if (pos + 1 < slen && cs [pos ] == '0' && (cs [pos + 1 ] == 'X' || cs [pos + 1 ] == 'x' )) {
592598 // TBD compare if isxdigit
593- size_t xlen =
594- strlenspn (cs + pos + 2 , slen - pos - 2 , "0123456789ABCDEFabcdef" );
599+ xlen = strlenspn (cs + pos + 2 , slen - pos - 2 , "0123456789ABCDEFabcdef" );
595600 if (xlen == 0 ) {
596601 st_assign_cstr (current , 'n' , "0X" );
597602 return pos + 2 ;
@@ -600,7 +605,7 @@ size_t parse_number(sfilter * sf)
600605 return pos + 2 + xlen ;
601606 }
602607 }
603- size_t start = pos ;
608+ start = pos ;
604609
605610 while (isdigit (cs [pos ])) {
606611 pos += 1 ;
@@ -643,6 +648,7 @@ int parse_token(sfilter * sf)
643648 const char * s = sf -> s ;
644649 const size_t slen = sf -> slen ;
645650 size_t * pos = & sf -> pos ;
651+ pt2Function fnptr ;
646652
647653 st_clear (current );
648654
@@ -657,7 +663,7 @@ int parse_token(sfilter * sf)
657663 * pos += 1 ;
658664 continue ;
659665 }
660- pt2Function fnptr = char_parse_map [ch ];
666+ fnptr = char_parse_map [ch ];
661667 * pos = (* fnptr ) (sf );
662668 if (current -> type != CHAR_NULL ) {
663669 return TRUE;
@@ -675,26 +681,32 @@ void sfilter_reset(sfilter * sf, const char *s, size_t len)
675681
676682int syntax_merge_words (stoken_t * a , stoken_t * b )
677683{
684+ size_t sz1 = 0 ;
685+ size_t sz2 = 0 ;
686+ size_t sz3 = 0 ;
687+ char tmp [ST_MAX_SIZE ];
688+ char ch ;
689+
678690 if (!
679691 (a -> type == 'k' || a -> type == 'n' || a -> type == 'o'
680692 || a -> type == 'U' )) {
681693 return FALSE;
682694 }
683695
684- size_t sz1 = strlen (a -> val );
685- size_t sz2 = strlen (b -> val );
686- size_t sz3 = sz1 + sz2 + 1 ;
696+ sz1 = strlen (a -> val );
697+ sz2 = strlen (b -> val );
698+ sz3 = sz1 + sz2 + 1 ;
699+
687700 if (sz3 >= ST_MAX_SIZE ) {
688701 return FALSE;
689702 }
690703 // oddly annoying last.val + ' ' + current.val
691- char tmp [ST_MAX_SIZE ];
692704 memcpy (tmp , a -> val , sz1 );
693705 tmp [sz1 ] = ' ' ;
694706 memcpy (tmp + sz1 + 1 , b -> val , sz2 );
695707 tmp [sz3 ] = CHAR_NULL ;
696708
697- char ch = bsearch_keyword_type (tmp , multikeywords , multikeywords_sz );
709+ ch = bsearch_keyword_type (tmp , multikeywords , multikeywords_sz );
698710 if (ch != CHAR_NULL ) {
699711 // -1, don't copy the null byte
700712 st_assign (a , ch , tmp , sz3 );
@@ -926,11 +938,12 @@ int filter_fold(sfilter * sf, stoken_t * sout)
926938int is_string_sqli (sfilter * sql_state , const char * s , size_t slen ,
927939 const char delim , ptr_fingerprints_fn fn )
928940{
941+ int all_done = 0 ;
942+ int tlen = 0 ;
943+ int patmatch = 0 ;
929944 sfilter_reset (sql_state , s , slen );
930945 sql_state -> delim = delim ;
931946
932- int all_done = 0 ;
933- int tlen = 0 ;
934947 while (tlen < MAX_TOKENS ) {
935948 all_done = filter_fold (sql_state , & (sql_state -> tokenvec [tlen ]));
936949 if (!all_done ) {
@@ -965,7 +978,7 @@ int is_string_sqli(sfilter * sql_state, const char *s, size_t slen,
965978 return TRUE;
966979 }
967980
968- int patmatch = fn (sql_state -> pat );
981+ patmatch = fn (sql_state -> pat );
969982
970983 if (!patmatch ) {
971984 sql_state -> reason = __LINE__ ;
0 commit comments