🐛 Compatible with lower versions of gcc.

ADD-SP · ADD-SP · commit becbbe022b9f · 2021-01-18T18:29:02.000+08:00
diff --git a/inc/ngx_http_waf_module_check.h b/inc/ngx_http_waf_module_check.h
@@ -383,7 +383,8 @@ static ngx_int_t ngx_http_waf_handler_check_white_url(ngx_http_request_t* r, ngx
             "ngx_waf_debug: The Inspection is skipped because the URL is empty.");
             ret_value = NOT_MATCHED;
         } else {
-            for (size_t i = 0; i < srv_conf->white_url->nelts; i++, p++) {
+            size_t i;
+            for (i = 0; i < srv_conf->white_url->nelts; i++, p++) {
                 ngx_int_t rc = ngx_regex_exec(p->regex, p_uri, NULL, 0);
                 if (rc >= 0) {
                     ctx->blocked = FALSE;
@@ -436,7 +437,8 @@ static ngx_int_t ngx_http_waf_handler_check_black_url(ngx_http_request_t* r, ngx
             "ngx_waf_debug: The Inspection is skipped because the URL is empty.");
             ret_value = NOT_MATCHED;
         } else {
-            for (size_t i = 0; i < srv_conf->black_url->nelts; i++, p++) {
+            size_t i;
+            for (i = 0; i < srv_conf->black_url->nelts; i++, p++) {
                 ngx_int_t rc = ngx_regex_exec(p->regex, p_uri, NULL, 0);
                 if (rc >= 0) {
                     ctx->blocked = TRUE;
@@ -493,7 +495,8 @@ static ngx_int_t ngx_http_waf_handler_check_black_args(ngx_http_request_t* r, ng
             "ngx_waf_debug: The Inspection is skipped because the ARGS is empty.");
             ret_value = NOT_MATCHED;
         } else {
-            for (size_t i = 0; i < srv_conf->black_args->nelts; i++, p++) {
+            size_t i;
+            for (i = 0; i < srv_conf->black_args->nelts; i++, p++) {
                 ngx_int_t rc = ngx_regex_exec(p->regex, p_args, NULL, 0);
                 if (rc >= 0) {
                     ctx->blocked = TRUE;
@@ -550,7 +553,8 @@ static ngx_int_t ngx_http_waf_handler_check_black_user_agent(ngx_http_request_t*
             "ngx_waf_debug: The Inspection is skipped because the User-Agent is empty.");
             ret_value = NOT_MATCHED;
         } else {
-            for (size_t i = 0; i < srv_conf->black_ua->nelts; i++, p++) {
+            size_t i;
+            for (i = 0; i < srv_conf->black_ua->nelts; i++, p++) {
                 ngx_int_t rc = ngx_regex_exec(p->regex, p_ua, NULL, 0);
                 if (rc >= 0) {
                     ctx->blocked = TRUE;
@@ -607,7 +611,8 @@ static ngx_int_t ngx_http_waf_handler_check_white_referer(ngx_http_request_t* r,
             "ngx_waf_debug: The Inspection is skipped because the Referer is empty.");
             ret_value = NOT_MATCHED;
         } else {
-            for (size_t i = 0; i < srv_conf->white_referer->nelts; i++, p++) {
+            size_t i;
+            for (i = 0; i < srv_conf->white_referer->nelts; i++, p++) {
                 ngx_int_t rc = ngx_regex_exec(p->regex, p_referer, NULL, 0);
                 if (rc >= 0) {
                     ctx->blocked = FALSE;
@@ -664,7 +669,8 @@ static ngx_int_t ngx_http_waf_handler_check_black_referer(ngx_http_request_t* r,
             "ngx_waf_debug: The Inspection is skipped because the Referer is empty.");
             ret_value = NOT_MATCHED;
         } else {
-            for (size_t i = 0; i < srv_conf->black_referer->nelts; i++, p++) {
+            size_t i;
+            for (i = 0; i < srv_conf->black_referer->nelts; i++, p++) {
                 ngx_int_t rc = ngx_regex_exec(p->regex, p_referer, NULL, 0);
                 if (rc >= 0) {
                     ctx->blocked = FALSE;
@@ -710,9 +716,11 @@ static ngx_int_t ngx_http_waf_handler_check_black_cookie(ngx_http_request_t* r,
             "ngx_waf_debug: Inspection has begun.");
 
         ngx_table_elt_t** ppcookie = r->headers_in.cookies.elts;
-        for (size_t i = 0; i < r->headers_in.cookies.nelts; i++, ppcookie++) {
+        size_t i;
+        for (i = 0; i < r->headers_in.cookies.nelts; i++, ppcookie++) {
             ngx_regex_elt_t* p = srv_conf->black_cookie->elts;
-            for (size_t j = 0; j < srv_conf->black_cookie->nelts; j++, p++) {
+            size_t j;
+            for (j = 0; j < srv_conf->black_cookie->nelts; j++, p++) {
                 if ((**ppcookie).value.data == NULL || (**ppcookie).value.len == 0) {
                     ngx_log_debug(NGX_LOG_DEBUG_CORE, r->connection->log, 0, 
                         "ngx_waf_debug: The Inspection is skipped because the Cookie.value is empty.");
@@ -800,7 +808,8 @@ static void check_post(ngx_http_request_t* r) {
 
         ngx_regex_elt_t* p = srv_conf->black_post->elts;
         ngx_int_t rc;
-        for (size_t i = 0; i < srv_conf->black_post->nelts; i++, p++) {
+        size_t i;
+        for (i = 0; i < srv_conf->black_post->nelts; i++, p++) {
             rc = ngx_regex_exec(p->regex, &body_str, NULL, 0);
             if (rc >= 0) {
                 ctx->blocked = TRUE;
diff --git a/inc/ngx_http_waf_module_config.h b/inc/ngx_http_waf_module_config.h
@@ -151,8 +151,9 @@ static char* ngx_http_waf_rule_path_conf(ngx_conf_t* cf, ngx_command_t* cmd, voi
 static char* ngx_http_waf_mode_conf(ngx_conf_t* cf, ngx_command_t* cmd, void* conf) {
     ngx_http_waf_srv_conf_t* srv_conf = (ngx_http_waf_srv_conf_t*)conf;
     ngx_str_t* modes = cf->args->elts;
+    size_t i;
 
-    for (size_t i = 1; i < cf->args->nelts && modes != NULL; i++) {
+    for (i = 1; i < cf->args->nelts && modes != NULL; i++) {
         if (ngx_strncasecmp(modes[i].data, (u_char*)"GET", min(modes[i].len, 5)) == 0) {
             srv_conf->waf_mode |= MODE_INSPECT_GET;
         } 
diff --git a/inc/ngx_http_waf_module_util.h b/inc/ngx_http_waf_module_util.h
@@ -123,14 +123,16 @@ static ngx_int_t parse_ipv4(ngx_str_t text, ipv4_t* ipv4) {
     suffix_num = suffix;
 
     uint8_t temp_suffix[4] = { 0 };
-    for (int i = 0; i < 4; i++) {
+    int i;
+    for (i = 0; i < 4; i++) {
         uint8_t temp = 0;
         if (suffix >= 8) {
             suffix -=8;
             temp = ~0;
         } 
         else {
-            for (uint32_t j = 0; j < suffix; j++) {
+            uint32_t j;
+            for (j = 0; j < suffix; j++) {
                 temp |= 0x80 >> j;
             }
             suffix = 0;
@@ -139,7 +141,7 @@ static ngx_int_t parse_ipv4(ngx_str_t text, ipv4_t* ipv4) {
     }
 
     suffix = 0;
-    for (int i = 0; i < 4; i++) {
+    for (i = 0; i < 4; i++) {
         suffix |= ((uint32_t)temp_suffix[i]) << (i * 8);
     }
 
@@ -203,23 +205,24 @@ static ngx_int_t parse_ipv6(ngx_str_t text, ipv6_t* ipv6) {
     }
 
     suffix_num = temp_suffix;
-
-    for (int i = 0; i < 16; i++) {
+    int i;
+    for (i = 0; i < 16; i++) {
         uint8_t temp = 0;
         if (temp_suffix >= 8) {
             temp_suffix -=8;
             temp = ~0;
         } 
         else {
-            for (uint32_t j = 0; j < temp_suffix; j++) {
+            uint32_t j;
+            for (j = 0; j < temp_suffix; j++) {
                 temp |= 0x80 >> j;
             }
             temp_suffix = 0;
         }
         suffix[i] = temp;
     }
 
-    for (int i = 0; i < 16; i++) {
+    for (i = 0; i < 16; i++) {
         prefix[i] &= suffix[i];
     }
 
diff --git a/src/ngx_http_waf_module_core.c b/src/ngx_http_waf_module_core.c
@@ -120,7 +120,8 @@ static ngx_int_t ngx_http_waf_handler_url_args(ngx_http_request_t* r) {
             http_status = NGX_DECLINED;
         }
         else {
-            for (size_t i = 0; check_proc[i] != NULL; i++) {
+            size_t i;
+            for (i = 0; check_proc[i] != NULL; i++) {
                 is_matched = check_proc[i](r, &http_status);
                 if (is_matched == MATCHED) {
                     break;
@@ -185,7 +186,8 @@ static ngx_int_t ngx_http_waf_handler_ip_url_referer_ua_args_cookie_post(ngx_htt
                 http_status = NGX_DECLINED;
             }
             else {
-                for (size_t i = 0; check_proc[i] != NULL; i++) {
+                size_t i;
+                for (i = 0; check_proc[i] != NULL; i++) {
                     is_matched = check_proc[i](r, &http_status);
                     if (is_matched == MATCHED) {
                         break;

Original file line number	Diff line number	Diff line change
`@@ -123,14 +123,16 @@ static ngx_int_t parse_ipv4(ngx_str_t text, ipv4_t* ipv4) {`
`123`	`123`	`suffix_num = suffix;`
`124`	`124`
`125`	`125`	`uint8_t temp_suffix[4] = { 0 };`
`126`		`- for (int i = 0; i < 4; i++) {`
	`126`	`+ int i;`
	`127`	`+ for (i = 0; i < 4; i++) {`
`127`	`128`	`uint8_t temp = 0;`
`128`	`129`	`if (suffix >= 8) {`
`129`	`130`	`suffix -=8;`
`130`	`131`	`temp = ~0;`
`131`	`132`	`}`
`132`	`133`	`else {`
`133`		`- for (uint32_t j = 0; j < suffix; j++) {`
	`134`	`+ uint32_t j;`
	`135`	`+ for (j = 0; j < suffix; j++) {`
`134`	`136`	`temp \|= 0x80 >> j;`
`135`	`137`	`}`
`136`	`138`	`suffix = 0;`
`@@ -139,7 +141,7 @@ static ngx_int_t parse_ipv4(ngx_str_t text, ipv4_t* ipv4) {`
`139`	`141`	`}`
`140`	`142`
`141`	`143`	`suffix = 0;`
`142`		`- for (int i = 0; i < 4; i++) {`
	`144`	`+ for (i = 0; i < 4; i++) {`
`143`	`145`	`suffix \|= ((uint32_t)temp_suffix[i]) << (i * 8);`
`144`	`146`	`}`
`145`	`147`
`@@ -203,23 +205,24 @@ static ngx_int_t parse_ipv6(ngx_str_t text, ipv6_t* ipv6) {`
`203`	`205`	`}`
`204`	`206`
`205`	`207`	`suffix_num = temp_suffix;`
`206`		`-`
`207`		`- for (int i = 0; i < 16; i++) {`
	`208`	`+ int i;`
	`209`	`+ for (i = 0; i < 16; i++) {`
`208`	`210`	`uint8_t temp = 0;`
`209`	`211`	`if (temp_suffix >= 8) {`
`210`	`212`	`temp_suffix -=8;`
`211`	`213`	`temp = ~0;`
`212`	`214`	`}`
`213`	`215`	`else {`
`214`		`- for (uint32_t j = 0; j < temp_suffix; j++) {`
	`216`	`+ uint32_t j;`
	`217`	`+ for (j = 0; j < temp_suffix; j++) {`
`215`	`218`	`temp \|= 0x80 >> j;`
`216`	`219`	`}`
`217`	`220`	`temp_suffix = 0;`
`218`	`221`	`}`
`219`	`222`	`suffix[i] = temp;`
`220`	`223`	`}`
`221`	`224`
`222`		`- for (int i = 0; i < 16; i++) {`
	`225`	`+ for (i = 0; i < 16; i++) {`
`223`	`226`	`prefix[i] &= suffix[i];`
`224`	`227`	`}`
`225`	`228`